Free voting-machine reference idea

This is just an idea.

Cryptographers, election officials, voting-system experts, civic technologists, accessibility advocates, auditors, and public servants everywhereare challenged to make it even better.

The model below is offered as something that may work, not as a standard. Improve it, break it, fork it, simplify it, prove it, or replace it. We can do better than black boxes, blind trust, and civic confusion.

Voting machine model

A ballot machine should not be a magic box.

Voting should not feel like gambling because the public cannot inspect the machine, the evidence, or the count. A better system makes the evidence path visible while preserving ballot secrecy. The machine is not the authority. It is a consent-bearing witness for voter intent, lawful inclusion, and audit-ready public evidence.

01

Public manifest

Election definition, ballot styles, public parameters, device identities, and audit rules are published before voting begins.

02

Eligibility split

Check-in proves eligibility, then separates identity from the ballot path so voter identity cannot be bound to selections.

03

Mark and review

The voter marks choices, reviews a human-readable record, and can correct errors before casting.

04

Cryptographic seal

The ballot is encrypted, signed by the device path, and committed to an append-only evidence trail.

05

Inclusion receipt

The voter receives proof that a ballot was included, not proof of which choices were made. Receipts must not become coercion tools.

06

Audit and tally

Paper evidence, public commitments, threshold controls, and post-election audits allow verification without trusting one machine.

EligibilitysplitSecret ballotsealPublic commitmentauditVerified tally

Threat model

Resist the obvious failures.

The reference platform is only useful if it is designed against the failures people already fear. A voting system should not require blind trust in a vendor, a network, a clerk, a party, a black-box model, or a charismatic reformer.

1

Hacking

No single device, vendor, network path, or administrator should be able to silently rewrite the result.

2

Collusion

Critical actions should require divided authority, threshold controls, independent records, and public verification.

3

Capture

The platform should be referenceable, inspectable, forkable, and not dependent on one private owner becoming the election priesthood.

4

Confusion

Voters, officials, observers, and auditors need a system they can understand well enough to trust without pretending to be cryptographers.

Reference model, not standard

Here is a voting machine for free. Can anyone do better?

The Governance and Games branch contains the voting-machine lineage as part of a broader access-control, governance, and game-system family. Treat it as a public sketch: a thing to test, harden, attack, improve, and translate into clearer reference implementations.

A better reference platform should make voter intent reviewable, preserve ballot secrecy, prove inclusion without enabling coercion, support public audit, and avoid concentrating trust in a single device, vendor, administrator, or hidden process.

References and voting information

Start with official rules. Then improve the tools.

This page is educational, not legal advice or an election-system certification claim. Rules vary by jurisdiction, party, deadline, and election type. Voting-system requirements are technical, legal, operational, and public-trust problems at once.

Boundary note

No magic, no sabotage, no blind trust.

This page does not endorse candidates, parties, vendors, systems, or unlawful voting behavior. It offers a technical challenge and a public reference idea. If a machine asks for blind trust, build a better witness. If a public system cannot survive audit, it should not ask the public to surrender confidence.