Inside Look at On-Chain Blockchain Vote Buying & “Dark DAO” Attacks
Online voting has received a lot more attention since the concept of the blockchain technology was introduced. Blockchains basically act as bulletin boards, which have existed for a long time in concept, but never truly established until now. They can even enable traders to create smart contracts that require no authority that would ensure that both parties would respect the agreement. One bad thing about this is that these smart contracts have a negative side to them, and that they can be used for buying elections as well.
Blockchain Voting – Not As Transparent As Believed
Despite all the good that blockchains can do, and are doing, it was only a matter of time before someone might come along and find a way to use this technology in a way that will corrupt it. Soon after the introduction of the blockchain voting, voting schemes and attacks appeared as well.
The schemes are facing a number of challenges which prove to be more than efficient obstacles. However, it is believed that the scammers will eventually find a way to bypass all of them. On the other hand, there is a concept of vote buying, which works in a different way.
The concept of vote buying is nothing new, and has been present in political systems for ages. It is viewed as one of the many forms of election fraud, and has been present during pretty much any election ever around the world. The price of votes can vary, a lot, and it can be pretty much anything that the vote buyer is willing to give, and the vote seller is willing to accept.
However, it would seem that schemes involving the vote buying usually get broken down for several reasons. The first one is pretty obvious, and that is the fact that vote buying is a crime in most countries. Next, it is pretty hard to force someone to comply with your demands when the voting is a secretive procedure designed to protect the voter's choice. Finally, the voters don't have any proof that their vote will actually be paid for, which brings the whole arrangement to uncertainty for both parties.
In the world of the blockchain, however, things work differently. By using smart contracts, vote buying has become a much more efficient method of securing votes, and the prosecution is ruled out due to various complications due to jurisdictions, as well as pseudonymity.
Basically, what this means, is that blockchain vote buying is much more difficult to root out, since it brings certainty to the included parties. There have been various concepts of how to fix issues like this, and some have even proved to be successful. However, blockchains are not implementing any of them.
How Can Blockchain Voting Be Influenced?
The way that blockchain voting works is pretty simple. Token holders can give a vote for each token that they hold. This, of course, allows them to change their vote as many times as they want, until the closing block. This is where voting schemes are using smart contracts to ensure that the voter will vote in one way or another, or that they will completely abstain from voting.
After they prove that they have done as instructed, the smart contract obligates the vote buyer to pay up whatever amount was promised to the voter. There are certain downsides to making this type of contract, but nothing that would be a real difficulty for the vote buyer to determine whether or not did the vote seller did as instructed.
Another method of securing votes is the trusted hardware. This is the hardware that was usually used in order to prove that one of the hardware users is running a code that is not malicious. It can also be used to ensure that the users are not taking unwanted advantages when provided with access to certain information.
If used for the purpose of securing votes, like in case of crypto wallets based on trusted hardware, the allowed behavior of voters will be largely restricted. This will, of course, require the wallet to be infected with a malicious program and the vote buyer will have to ensure the vote seller that their funds will not be stolen. Instead, they would only use it to monitor the activities inside the wallet, and ensure that the vote seller did not change their vote during the election.
The Rise Of Dark DAOs
One of the biggest concerns regarding the concept of vote buying comes from combining trusted hardware with the concept of DAO. To understand this, we first need to explain what a Dark DAO is.
Basically, this is a decentralized cartel that can buy votes on the blockchain ‘in the dark'. The anonymity of the process is so big that not even the creator of DAO can know how many participants there are, how much money has passed through the deal, or what exactly is the logic behind the attack. Basically, through the use of Dark DAO, users can be manipulated, controlled, and even shackled completely by the schemers.
The Dark DAO can serve as a cloud that hides all of the activities that happen within, as well as all communication. A deal can then be struck, that the vote seller will run the malicious code that buyer has provided, and the buyer will pay the seller once the attack has been conducted. Meanwhile, all of this is completely hidden from the ‘outside world', and nobody can know what has actually transpired within the cloud.
In fact, the entire process is so well-hidden that not even the buyers will know just how many users are participating. This level of anonymity allows for the system to accumulate users, pay them to run the code, and allow them to leave unobserved by anybody. This is also a very popular method of selling votes, considering that most small users firmly believe that their votes do not matter anyway. So, why not sell them and make a profit?
Users that do not plan to vote either way are even more susceptible to this kind of attack, since they are getting a payment for not doing anything.
The danger regarding these attacks comes from the fact that they are completely undetectable. The organization that is conducting the purchase of votes exists outside of the blockchain, and thus it cannot be detected, nor can the attack be censored or stopped.
Obviously, this type of voting manipulation already poses a major issue. There are still problems that the vote buyers are facing, and the process is not as smooth as they might wish it to be. However, aspects like trusted hardware continue to develop and improve, which will eventually lead to their more effective misuse.