Skip to content
Christian Palazzo edited this page Apr 13, 2024 · 31 revisions

Agora Logo

Welcome to the Agora wiki.

What is Agora

Agora is a e-voting platform based on a public Blockchain network and a Zero-Knowledge proof protocol. The objectives of this research project are:

  • To demonstrate how, using the zero-knowledge proof cryptography, it is possible to guarantee those indispensable conditions in a voting system such as privacy and secrecy of the vote even with an open, distributed and transparent technology such as a public blockchain;
  • To demonstrate how electronic voting opens to new scenarios and voting mechanisms: as an example we want to develop a points voting system;
  • Enforce transparent governance to facilitate the adoption of democratic rules in regions where these are absent or in any case not very transparent;
  • Counter the tendency towards abstentionism by giving voters a tool that allows them to regain trust in the institutions;

Introduction

The most indispensable operations of a democracy are elections. Over the last few years there has been a progressive decline in voter turnout in Europe and Western countries in general. The causes of this phenomenon can be different and we will not investigate them here, but electronic voting could represent a change that would allow people to regain trust in institutions and elections.

Electronic voting allows operations to be carried out remotely but many concerns have been expressed about the fact that they can be manipulated. The latest algorithms guarantee privacy, anonymity and transparency of voting mechanisms, along with clear verifiability of the vote. Despite this, security incidents still occur and an electronic vote system that satisfies all the required characteristics has yet to be realized.

Blockchain technology and Dapps have high potential compared to electronic voting due to its characteristics of immutability, traceability and transparency. In recent years, many steps forward have also been made in terms of voting privacy and secrecy thanks to the implementation of zero-knowledge proof encryption.

Agora wants to take a step forward in the direction of the realization of a governance system really transparent and attractive for voter, anyway many critical issues are still open such as:

  • the possibility of impersonation due to the difficulties in authenticating the voter;
  • scalability problems especially on a large amount of data;
  • the possibility of cyber attacks of various types (security of the system);
  • compliance of the system with different regulations (e.g GDPR);

Anyway one of the most important technical aspects that we want to investigate with Agora, is the possibility to introduce privacy and confidentiality transactions in a system, the blockchain technology, that is by its nature open, public and transparent. This possibility opens scenarios that go beyond the use case of blockchain technology explored in Agora, a governance system.

Privacy and Blockchain

Data privacy refers to protection of personal and sensitive information and the right of individuals to control how their personal information is collected, stored, used and shared. In the context of a digital election, the privacy element is vital, in order to protect individuals and the integrity and transparency of the voting mechanism.

However, in the blockchain context there is a lack of rigor in terms of privacy. To reach the required level of privacy required by a digital governance is an issue that needs to be addressed. There are different protocols that introduce privacy in the context of blockchain.

Privacy in blockchain can be divided into two main categories:

  • anonymity of the user;
  • confidentiality of the transactions;

Anonymity is concerned with hiding the sender’s or receiver identity, confidentiality addresses the requirements of hiding transaction values.

Blockchain by their nature does not preserve privacy because of their mechanism of block approvals. All transaction data, including account details, inputs, outputs and states are visible to anyone on the blockchain and privacy can not be preserved. One solution is to encrypt the data but if the value is hidden the data cannot be verified. The need is to combine public verifiability and confidentiality.

Confidentiality can be divided into three categories:

  • conditional privacy: the system has the ability to make the data visible to a third party.
  • unconditional privacy: generally speaking this can be dangerous in the context of a blockchain because it can permit criminal activities.
  • Selective disclosure: Only some data is visible and the other data is hidden, this is the case of a voting system based on a blockchain, where we can make visible the person who voted, but not how they voted. Range proof allows to prove that a voter is more than 18 years old, but it does not reveal how the person voted.

The transparency of blockchain transactions combined with network traffic analysis permits to reveal the IP address that made the transaction. This is a big problem from a privacy point of view. The different techniques available to provide a solution to anonymity and confidentiality can be divided into different categories:

  • layer 0: network layer methods, the mechanism operates at network level;
  • layer 1: on-chain methods, the mechanism operates at at blockchain protocol;
  • layer 2: off-chain methods, the mechanism operates outside the the main blockchain, but achieve privacy on the blockchain;

Layer 0 solutions include the use of technologies like Tor Network and I2P.

  • Tor: The Onion Router is a common choice to enable anonymous communications.
  • I2P: Invisible Internet Project, is an anonymous network built on the internet.

A third solution can be a silver bullet for privacy in the blockchain but it is not yet production ready: Indistinguishability Obfuscation, with this technique the inner mechanism of a smart contract is totally hidden. The technique consists in mixing the smart contract logic with random elements, making it computationally infeasible for an attacker to distinguish between two different program executions even if the attacker has complete access to the program code. Other techniques, not production ready are: homomorphic encryption, secure multiparty computer, trusted hardware-assisted confidentiality.

A possible technique that ensures total anonymity is the anonymous ring signature, where a group of signers sign each other the transaction but no one knows who is the signer. All the techniques mentioned above does not include the smart contracts, introduced in ethereum with the ERC-20 standard:

  • Zether: allow a private transaction that supports confidentiality and anonymity, it is implemented on the Ethereum blockchain.
  • Privacy using layer 2 protocols
  • Privacy managers
  • Privacy using zero-knowledge

Zero-Knowledge proof

Zero-knowledge proof is a cryptographic protocol originally developed in 1985. In the context of blockchain networks allow users to verify the validity of a transaction without revealing details of the transaction. The future of blockchain is going to be heavily oriented around the techniques that revolve around this protocol. The following papers illustrates the ZK proofs with Ethereum:

Zk-STARKS is an improvement of Zk-SNARKS, the original paper can be found here.

A tool that implements a Zk-SNARKS on Ethereum is ZoKrates.

How the Zero-Knowledge proof protocol works in Agora.

In order to explain, at high level, how the protocol is implemented in Agora, let's proceed by an example.

Le't assume that a public authority (a system admin) "register" (deploy a smart contract on the blockchain) an election: we have the candidate A and the Candidate B, and there are 20 points available to be distributed among the candidates.

Then the public autority starts the election, and every voter who has the right to vote (owns a Digital Electoral Card, another smart contract deployed on the blockchain) votes:

[draw that illustrate the voting]

Every vote is in a "sealed envelope", it means that the vote is encrypted following a certain schema.

The election smart contract, based on the voter DEC smart contract, checks that the voter has the right to vote and prevents a voter to vote twice.

At the end of the election, we use a certain protocol in order to aggregate the votes (still encrypted) without revealing any specific votes: what will be disclosed is the sum of the points for the candidate A and the sum of the points for the candidate B. There is no way to decrypt the single vote we can only decrypt the sum and we can't know who voted for whom.

Anyway, even if we check that the voter has already voter or not, there are many ways with which the voter can cheat. So we need a zero-knowledge proof during the operation of vote. The zero-knowldge proof protocol consists of proving a statement about a secret without revealing the secret. In our use case, the voter demonstrates that:

  1. The sum of the points assigned to the candidates does not exceed 20;
  2. Since a voter can assign negative points in that way that the sum is 20, the second proof verifies that the poins assigned are positive integers;
  3. The third proof consist to demostrate that the voter knows for whom he/she is voting;

How this is implemented is better explained in the technical documentation that is part of this wiki.

Donations

Agora is an open source project built with the effort of voluntary work.

You can help this project by making a crypto donation here:

Wallet qr code

There is also a related crowdfunding campaign (in italian):

crowdfunding

Works References

Clone this wiki locally