The Hackingdistributed blog has developed a vote-buying attack based on the widespread electro-based CarbonVote system, based on ETH, which has recently been upgraded as CarbonvoteX able to function as a voting system on all ERC20 tokens.
The blockchain, unmodifiable, incorruptible, public, seems a perfect system to have simple and secure votes. Yet, through the use of smart contracts, it is possible to carry out the widespread corruption of electoral procedures through the purchase and sale of votes.
The same blog then presents a new type of attack, called “Dark Dao”, through a decentralized cartel for the hidden purchase of votes on the blockchain.
The traditional electoral systems have always faced the problem of the votes of exchange or the sale of votes, but they managed to limit the damage through three measures:
- Making these practices illegal;
- Through the secrecy of the vote, which prevents the control of the result;
- Through the non-obligatory nature of the corrupt promise.
Making an example adapted to our tradition, if a candidate promises a kilo of pasta for each vote, first of all, it is a criminal offense, secondly, the performance (the vote) is not verifiable and therefore the counter-performance is not required.
All these impediments do not exist in voting by blockchain. In all cases in which the keys related to the vote are generated externally, as for CarbonVote, it is possible to prepare a smart contract that, once signed, will limit or drive the possibility of voting and that holds the relative tokens until the vote, easily verifiable by an oracle, is not certified.
In this way, there is the security, not possible in the ordinary vote, that only the homogeneous votes are paid, but a contract of this kind also has the negative side of being verifiable by all the parties involved.
This problem can be overcome through the use of hardware such as Intel SGX that allow you to verify that a remote part is executing a certain part of the program without there being direct contact between the parties. This feature, originally designed to avoid the copying of files granted under a temporary license, thus becomes the remote and anonymous verifier of the consistency of the vote with the indications provided remotely.
So we come to the final and most worrying phase, the Dark Dao: if we imagine a network of SGX machines that run a DAO with the same techniques that make decentralized exchanges work, with a wallet in the middle that contains the prizes for the individual payments of votes sold, we have a completely decentralized, trustless and anonymous system for the purchase and handling of votes.
The system would be “Dark”, because no one would know who participates in it and the only information that can be verified from outside, by the buyer of the votes, would be the amount of funds that are gradually used.
In short, decentralization and anonymity would become double-edged weapons, useful for keeping the vote safe, but also for those who wanted to buy without problems.