Make Democracy Great Again with Bitcoin
2023 Guatemalan Presidential Election
"You eliminate 99% of the attack surface to a single moment in time, which is the beginning. And when you do that, would-be attackers are forced to take risks and make mistakes. You know, when someone is planning on doing election fraud, this doesn't mean that it's impossible for them to do it. But it narrows the window so much that they are likely going to mess up. And when they mess up, you catch them."
~ @carlostoriello
Guatemala has a long history of corruption and fraud amid its political circles. Simple Proof was implemented in that context by ITZ DATA as an immutable backup solution for the Guatemalan Supreme Elections Tribunal (TSE) –– the highest electoral authority in the country.
"The Simple Proof solution, named Immutable Backup, leverages the OpenTimestamps protocol to record proofs of documents in a tamper-evident manner on the bitcoin blockchain," Rafael Cordón, co-founder of Simple Proof, told Bitcoin Magazine. "TSE used Simple Proof to safeguard official election documents and protect critical information from artificial intelligence and disinformation, ensuring that any tampering of documents is made evident and any citizen can independently verify the information for themselves."
Guatemala’s citizens can check any given tally sheet and verify its proof of timestamp through a dedicated web portal. Each sheet contains the sum of votes for each candidate at a voting poll. Therefore, transparency is provided to the population regarding the tally sheets that were scanned and used to count the votes, as well as when each tally sheet was timestamped.
It is important to note that this setup can’t attest whether a given tally sheet is valid or not; there is still a trust assumption towards TSE. However, it is an improvement over just taking officials for their word, as it is, for example, easier to spot outliers among all the tally sheets. Rather than being able to tell voters specific validity information for any single tally sheet, OpenTimestamps allows an overview of the entire context of the elections.
Mini-Documentaries
OpenTimestamps
I’ve spent the past few weeks working on (1) an old (2) project of mine, OpenTimestamps, and it’s ready for a public alpha release. It’s timestamping infrastructure with three big advantages over the existing alternatives:
- Trust — OpenTimestamps uses the decentralized, publicly auditable, Bitcoin blockchain, removing the need for trusted authorities; OpenTimestamps’s architecture is designed to support multiple, cross-checked, notarization methods in the future.
- Cost — OpenTimestamps scales indefinitely, allowing timestamps to be created for free by combining an unlimited number of timestamps into one Bitcoin transaction.
- Convenience — OpenTimestamps can create a third-party-verifiable timestamp in about a second; you don’t need to wait for a Bitcoin confirmation.
What Can and Can’t Timestamps Prove?
A timestamp proves that a message existed prior to some point in time; timestamps are occasionally referred to as “proofs-of-existence”. Being able to prove that data existed prior to a point in time is surprisingly useful. Let’s look at some use-cases to understand why:
Record Integrity
Our colocation centre informed us that someone broke into the cage the backend servers are located in last night; the last off-site backups were a week ago. The auditors want to know which records the intruders might have changed after they broke in. What do I tell them?
If we know when the intrusion happened, and have trustworthy timestamps for all records on the servers, we can use those timestamps to prove records existed prior to the intrusion. This lets post-intrusion auditing and recovery efforts focus on a much smaller set of data.
However, timestamps can’t help you if you don’t know when the intrusion happened, nor can they help for records created after: the intruder could have just as easily made the timestamp on data they’ve modified. But still, this is an excellent use of timestamping, one that usually helps, and will never make the problem any worse.
Software Signing and PGP
I need to install this two-year-old software package to recover old records, but the developer revoked their PGP key six months ago - apparently their laptop got stolen. How do I know I’m getting the real thing?
PGP revocations have dates on them, so if the revocation is dated after the signature on the software - and there’s a valid timestamp for that signature - you’re good to go (3) Again, this is an excellent timestamping use case.
Evidence Authenticity
I found a two-year-old snapshot of the defendant’s website on a public archiving service, but is it authentic?
A timestamp on a website snapshot doesn’t necessarily mean the snapshot is authentic, but it does greatly limit the scope of who might have tampered with the data. How likely is it that someone hacked into the archiving service, well before they knew there would be a lawsuit?
I run a website archiving service, but I don’t have the resources to hire auditors or security consultants. How can I prove our archives haven’t been modified after the fact?
Simple answer: timestamps only make your problem better, not worse!
My colleague said X in an IRC chat last year, but ever since the project failed they’re now claiming they said Y. How do I prove they’re lying?
A timestamp only proves a message existed, not the message. Last year, would you have known the significance of X and Y? If so, you could have timestamped two conflicting IRC logs.
This anonymous crypto-currency ByteCoin looks pretty cool, the technology is legit, and there’s a two-year old community around it. It can’t be a recently-created pre-mined scam with a fake community, right?
Timestamps can’t help you here: ByteCoin’s creators wouldn’t have timestamped anything. Additionally, keep in mind that even if they did, creating a crypto-currency from scratch could have very well taken two years - enough time to create perfectly valid timestamps for things that the public never saw.
Ownership
I want to secure land titles on the blockchain with timestamps!
Timestamps do not by themselves solve the doublespend problem; Bitcoin is a lot more than just a way to timestamp data.
Having said that, timestamps can provide evidence that ownership records are accurate; my client Verisart aims to do exactly that in for art provenance records. While a timestamp on an art provenance record such as a gallery sales receipt doesn’t by itself prove that record is valid, it can limit the scope of potential fraud, allowing provenance investigators to focus their efforts by eliminating many of the possible fraud scenarios they may be dealing with.