digital-voting-pass / polling-station-app Goto Github PK
View Code? Open in Web Editor NEWVoting station app to redeem the suffrage on the blockchain using a machine readable travel document.
License: GNU Lesser General Public License v3.0
Voting station app to redeem the suffrage on the blockchain using a machine readable travel document.
License: GNU Lesser General Public License v3.0
Access control system based on blockchain:
http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7163223
Biometric passport keypair
http://www.passport.go.kr/img/download/vol2.pdf
Who runs nodes?
How can they be set-up?
What are the current trust issues with digital voting?
What is needed in order to get people to trust a digital voting solution?
http://wijvertrouwenstemcomputersniet.nl/Wij_vertrouwen_stemcomputers_niet
Sources:
In order to be trustworthy a voting process must have the following:
Research what kind of parameters we can alter with MutliChain
Fix the timeout in OCR scanning, sometimes a scan can take more than 10 seconds.
Also if this is fixed the threads can be closed when scanning is complete or user exits the activity.
Right now, when the stopScanning() is called, the current scanning task is completed and then the thread exits
When the OCR activity is open on landscape mode, then the screen is locked, and then the screen is unlocked again while phone is held in portrait mode. The OCR activity crashes and won't start-up without restarting the entire app.
Communication between ePassport and Android device
Sign 8 byte array and retrieve public key from DG15
How can the blockchain technology be used to allow proxy voting?
When the entire voting system is digitized and people can vote from their homes, proxy-voting won't be necessary anymore and shouldn't be allowed. For now since we propose a full replacement of the paper voting pass, there should be a way to allow proxy-voting.
Currently a person can only cast two proxy-votes.
More details about current system
Issues
Sending voting tokens (or other implementations) to other wallets
Two options: via regular transactions or via smart contracts so there can be some kind of verification.
An app can make this process easier for users.
Pro:
Con:
Voting with someone elses wallet
You would need to get your hands on someone elses voting device.
In case of voting with ID
You could make it possible to own multiple wallets, and transfer wallets between people.
problems
Combining two systems
What if you opted for the digital system but want to allow someone with a paper voting pass to vote for you?
Local elections
You shouldn't be able to send your token to someone who lives in another municipality when the election is local to municipalities.
Smart contract platforms:
Other interesting links:
Read the MRZ and save the contents as String
Possible improvements to OCR
TODO Before ready for develop merge:
lots of parameters - bad documentation
Currently Multichain uses secp256k1, ePassports however use BRAINPOOLP320r1
What are currently used e-voting solutions, what are their characteristics?
How is the current voting process in the Netherlands shaped? What are the costs?
Process
https://www.rijksoverheid.nl/onderwerpen/verkiezingen
https://www.parlement.com/id/vhnnmt7iawxz/stemmen
Proxy voting
https://www.rijksoverheid.nl/onderwerpen/verkiezingen
On your voting pass you can fill in a form to authorize someone else to vote on your behalf
For proxy voting a copy of an identification card and the original voting pass are needed
An authorized person can only cast the proxy-vote together with his own vote
If you want someone from another municipality to vote for you, you need to fill in a form at your municipality.
You and the person you want to authorize need to fill in this form and hand it in at the municipality
The authorized person then receives a "volmachtsbewijs" with which he can vote for you, for which the normal proxy voting requirements apply
You need to hand in the form 5 days before the election day, if you fail to do this you can get a "volmachtsbewijs" at your town hall before 12pm the day before the election.
Voting eligibility
https://www.parlement.com/id/vh8lnhrouwze/kiesrecht
Every dutch citizen of 18 years and older is eligible to vote for Dutch an European elections. With exception of people whose voting rights have been revoked by a judge. Excluding people from voting happens very rarely, 56 at the start of 2016. (https://www.kiesraad.nl/verkiezingen/inhoud/waterschappen/stemmen/uitsluiting-kiesrecht) (https://www.cbs.nl/nl-nl/nieuws/2017/07/bijna-13-miljoen-kiesgerechtigden-op-15-maart)
Non-Dutch residents of The Netherlands can vote for municipal elections if they contiguously stayed legally in the Netherlands for 5 years.
Dutch residents that are citizens of other EU-countries can vote for European elections. They need to register at their municipality first.
Facts
Costs
https://www.npo.nl/de-rekenkamer/06-09-2012/KRO_1556493 (sep 2012)
This program tries to estimate the costs of the 2012 parliament elections. They often do some assumptions, but this should give a reasonable estimate.
Total: 50 million euro (including campaign costs)
Total costs for municipalities: 24 million euro
Voting booths: 1,2 million euro
Voting passes, printing and distributing: 6.3 million euro
Labor costs civil servants: 9.8 million euro
Costs volunteers at voting booths (100 euro per volunteer): around 4 million euro
Pencils(12ct/pencil): around 14,400 euro
Bins to collect votes (125 euro): around 10,000 voting booths, so 1.250.000 euro, not really clear for how many years they are used.
Stemhok(275 euro)
When both issues are closed and the code is merged into develop, a coupling can be made between jMRTD and OCR so passport information does not need to be hard-coded.
add a way to manually input the document number, date of birth, and expiry date in case OCR fails.
Located in sharelatex final report project.
https://www.sharelatex.com/project/591316c04419fd2825b2c98d
Make sure Travis works with the project
Fix some issues commented on commits
interpreter.cpp
Update research report so Tribler Multichain is called Trustchain per request of Pouwelse.
4th generation YubiKey smartcards
YubiKey Neo contains a NFC chip, private keys can be stored securely
MiFare for SmartX might be used in epassports, so could be an option
Android Studio project
There is a black bar on the bottom of the screen in OCR mode (portrait) and to the right (landscape). This causes the preview of the camera to not be fully visible.
A central authority issues blocks
Why a central authority?
Advantage:
Disadvantage:
Authority is still in control?
Smart contracts creating own currency simple example, including freezing accounts
Explain choices and list pros and cons
Blockchain choice (eth, multichain)
Signing with passport, options and possible improvement if ICAO standard is changed so more can be signed.
State that we can ignore problems like gas cost and block times.
Find 4 more multichain alternatives.
How can blockchain technology be used to prevent a person from voting more than once?
Upon regisration, issue a single spendable token to registered voter, associated to their blockchan ID.
How can you verify identity without sacrificing anonymity?
Bitcongress proof of tally system (section 5)
Simple security tips/guidelines
Anti tampering app
Source
Anti tampering device
SafetyNet
Obfuscation
Good read
Options
Source
Byte code encryption does not work:
To top it up, not so long ago a security engineer, frustrated by false claims of vendors whose tools implement bytecode encryption, has put together an article [3] showing how easily OpenJDK can be modified to defeat any byte code encryption scheme.
AOT compiler
Since Android 5.0 Google uses ART (Android RunTime), which uses an AOT compiler instead of a JIT compiler. But Android 7.0 has an JIT/AOT compiler, which uses profiling to determine which functions are โhotโ
Packing
Static analysis tools:
Penetration testing cheatsheet
Create a risk analysis for permissions
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.