Paper 2023/741
The Referendum Problem in Anonymous Voting for Decentralized Autonomous Organizations
Abstract
A natural approach to anonymous voting over Ethereum assumes that there is an off-chain aggregator that performs the following task. The aggregator receives valid signatures of YES/NO preferences from eligible voters and uses them to compute a zk-SNARK proof of the fact that the majority of voters have cast a preference for YES or NO. Then, the aggregator sends to the smart contract the zk-SNARK proof, the smart contract verifies the proof and can trigger an action (e.g., a transfer of funds). As the zk-SNARK proof guarantees anonymity, the privacy of the voters is preserved by attackers not colluding with the aggregator. Moreover, if the SNARK proof verification is efficient the GAS cost will be independent on the number of participating voters and signatures submitted by voters to the aggregator. In this paper we show that this naive approach to run referenda over Ethereum can incur severe security problems. We propose both mitigations and hardness results for achieving voting procedures in which the proofs submitted on-chain are either ZK or succinct.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. 5th Distributed Ledger Technology Workshop (DLT 2023)
- Keywords
- blockchaine-votingzero-knowledgeconsensus
- Contact author(s)
-
artem @ aragon org
vincenzo @ aragon org
peppevisconti93 @ gmail com - History
- 2023-05-25: revised
- 2023-05-23: received
- See all versions
- Short URL
- https://ia.cr/2023/741
- License
-
CC BY-NC
BibTeX
@misc{cryptoeprint:2023/741,
author = {Artem Grigor and Vincenzo Iovino and Giuseppe Visconti},
title = {The Referendum Problem in Anonymous Voting for Decentralized Autonomous Organizations},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/741},
year = {2023},
url = {https://eprint.iacr.org/2023/741}
}
