Public manifest
Election definition, ballot styles, public parameters, device identities, and audit rules are published before voting begins.
Free voting-machine reference idea
Cryptographers, election officials, voting-system experts, civic technologists, accessibility advocates, auditors, and public servants everywhereare challenged to make it even better.
The model below is offered as something that may work, not as a standard. Improve it, break it, fork it, simplify it, prove it, or replace it. We can do better than black boxes, blind trust, and civic confusion.
Voting machine model
Voting should not feel like gambling because the public cannot inspect the machine, the evidence, or the count. A better system makes the evidence path visible while preserving ballot secrecy. The machine is not the authority. It is a consent-bearing witness for voter intent, lawful inclusion, and audit-ready public evidence.
Election definition, ballot styles, public parameters, device identities, and audit rules are published before voting begins.
Check-in proves eligibility, then separates identity from the ballot path so voter identity cannot be bound to selections.
The voter marks choices, reviews a human-readable record, and can correct errors before casting.
The ballot is encrypted, signed by the device path, and committed to an append-only evidence trail.
The voter receives proof that a ballot was included, not proof of which choices were made. Receipts must not become coercion tools.
Paper evidence, public commitments, threshold controls, and post-election audits allow verification without trusting one machine.
Threat model
The reference platform is only useful if it is designed against the failures people already fear. A voting system should not require blind trust in a vendor, a network, a clerk, a party, a black-box model, or a charismatic reformer.
No single device, vendor, network path, or administrator should be able to silently rewrite the result.
Critical actions should require divided authority, threshold controls, independent records, and public verification.
The platform should be referenceable, inspectable, forkable, and not dependent on one private owner becoming the election priesthood.
Voters, officials, observers, and auditors need a system they can understand well enough to trust without pretending to be cryptographers.
Reference model, not standard
The Governance and Games branch contains the voting-machine lineage as part of a broader access-control, governance, and game-system family. Treat it as a public sketch: a thing to test, harden, attack, improve, and translate into clearer reference implementations.
A better reference platform should make voter intent reviewable, preserve ballot secrecy, prove inclusion without enabling coercion, support public audit, and avoid concentrating trust in a single device, vendor, administrator, or hidden process.
References and voting information
This page is educational, not legal advice or an election-system certification claim. Rules vary by jurisdiction, party, deadline, and election type. Voting-system requirements are technical, legal, operational, and public-trust problems at once.
Boundary note
This page does not endorse candidates, parties, vendors, systems, or unlawful voting behavior. It offers a technical challenge and a public reference idea. If a machine asks for blind trust, build a better witness. If a public system cannot survive audit, it should not ask the public to surrender confidence.