Transparency of Russia’s Blockchain Voting Setup Put Under a Microscope

Russia’s blockchain vote was the largest DLT-powered experiment in the country, but whether it went well or not is another matter
Russia’s blockchain vote was the largest DLT-powered experiment in the country, but whether it went well or not is another matter

From June 25 to July 1, the Russian government held a public vote with the goal of finding out whether the country’s constitution should be amended. Part of the vote was held on blockchain to “ensure security and transparency,” according to the government, making it the country’s most extensive DLT project to date.

But this didn’t stop independent researchers from registering over 20 million “abnormal” votes and arguing that it was one of the most falsified voting events in the modern history of Russia. So what was blockchain’s role in all of this, exactly?

What was the referendum all about?

The amendments to the constitution generally reflect the government’s course toward so-called “traditional values,” or a right-leaning conservative agenda championed by President Vladimir Putin. Specifically, some of the proposed changes mentioned God and essentially outlawed same-sex marriage.

However, the vote was arguably built around one single amendment, allowing Putin to run for two more six-year terms after his current one expires in 2024. Citizens could vote only for or against all 206 proposed changes at once.

A Bitfury-developed blockchain involved?

Notably, residents of Moscow and Nizhny Novgorod could participate in-person or cast their votes electronically from June 25 to 30. The e-voting system was reportedly based on the Exonum blockchain platform developed by Bitfury, and was maintained by the Department of Information Technologies of Moscow. Neither Bitfury nor DIT provided comments at Cointelegraph’s request.

According to the Moscow government’s website, the blockchain was used to ensure security and transparency, helping to anonymize and encrypt each vote to provide safety and immutability of data. The choice of blockchain seems to fall in line with Russia’s latest policies that favor decentralized technology and oppose cryptocurrencies amid general regulatory uncertainty.

Golos, an independent Russian election monitoring group, has since stated that the e-voting was held on an illegal basis, as the nation’s Central Electoral Commission had no right to create a separate entity overviewing the procedure.

The blockchain was reportedly built on a proof-of-authority consensus algorithm on which all transactions were allegedly handled by approved accounts that stored the encrypted votes on the blockchain and then deciphered them using smart contracts.

Blockchain is an efficient solution when decentralization and transparency are the key goals, meaning that it is suitable for voting procedures. Artem Grigorev, head of the research lab at the Russian Association of Cryptocurrency and Blockchain’s analytical center, elaborated to Cointelegraph on how blockchain should operate in this instance:

“The [blockchain] technology makes it possible to create a mutually reliable environment for the vote organizers and the voters themselves. The mathematical algorithms act as an arbiter between the two sides, ensuring that all data is immutable and authentic, which means that the participants don’t have to trust each other.”

In order to ensure transparency, a blockchain-based e-voting system should allow all participants — such as constituents, observers, and social or political organizations — to set up their own nodes on the blockchain, Grigorev noted.

The e-vote didn’t go smoothly

Over the five days of e-voting, the system experienced several hiccups. Not only did it crash soon after going live on June 25, it also started to show abnormal results in certain regions on the spot. As reported by Russian news outlet Meduza, nearly 7,300 people signed on to vote online at a polling station in Troitsky region despite the station only having a total of 2,361 residents eligible to vote.

Another polling station in the same administrative division saw 4,000 people register to e-vote, despite having twice as few residents assigned to it. The local electoral commission called it “a technical malfunction,” confirming that no polling station in Troitsky administrative region had more than 3,500 voters assigned to it, based on the local records.

Further, the ability to vote either in person or remotely led to several double-voting incidents. Local journalist Pavel Lobkov reported on how he successfully managed to vote twice on the same day by first visiting his local polling station and then voting online an hour later.

Yael Iliinsky, a Russian national based in Israel, reportedly managed to vote as many as three times: online via the website, at the Russian embassy in Tel-Aviv and at the Russian consulate in Haifa. Additionally, she claimed that her daughter, who is still a minor, also voted in Haifa because the staff did not check her ID.

Additionally, Meduza reported on a vulnerability that reportedly made it possible to decipher votes before the official count. According to the research, any constituent could theoretically decipher their own vote before it would get decrypted by the electoral commission, and even allow third parties access. To this end, voters could retrieve and save their private key by going to the e-bulletin page, opening the developer console in their web browser, and making a minor adjustment to the “election.js” library (by adding a logpoint and entering: voter secret key is', encryptor.keyPair.secretKey) before casting their vote.

The vulnerability theoretically would have allowed anyone with access to check whether an individual has voted and even which choice they made after inducing them to save their private keys. According to local opposition reports, state-funded entities in Russia were allegedly pushing their employees to vote in favor of changes proposed by the government.

Finally, the data that allegedly belongs to the citizens who participated in the e-vote was reportedly leaked soon after the event. According to Meduza, an archive titled “degvoter.zip,” which contains the personal data of over 1 million Russian nationals, was publicly available for download for at least several hours on July 1 via a government website. The file has since been distributed through various Telegram channels.

Along with the archive, there was a database titled “db.sqlite,” which was not password-protected while reportedly containing passport numbers for over a million e-voters and was encrypted with the SHA256 algorithm. The reporters were allegedly able to decode it “very easily” using free software.

Further, the journalists cross-referenced the leaked data with the Ministry of Internal Affairs’ official service to check the validity of passports used by the voters. They allegedly found that over 4,000 passports registered for the e-vote were invalid.

The Ministry of Digital Development, Communications and Mass Media commented on the investigation, stressing that it excludes “any possibility of leakage,” since the files and passwords were distributed through “secure data channels” and only to authorized personnel.

The agency also said that the passport numbers were encoded and consisted of a randomly obtained sequence of characters, or hash sums, adding that “hash sums are not personal data” and that the “publication of random sets of characters cannot harm citizens.”

Questions over transparency

Like with the Moscow City Duma elections in 2019, where blockchain was also used, the electoral commission did not publish the vote decryption key after the event took place, and provided no information on how to register a node to observe the voting processes. Since participants couldn’t download the data registry and see if it was genuine, the use of blockchain “served no purpose,” as Grigorev told Cointelegraph:

“As far as I’m concerned, it was impossible to register as a blockchain participant (or a network node) and have access to the registry at the e-vote. Therefore, in this particular case, I view the blockchain application as yet another experiment that was not directly related to improving the vote transparency.”

Grigorev noted that the above-mentioned reported data leak was a basic cybersecurity matter that had nothing to do with the blockchain technology itself. However, he added that it is important to “take the reliability of all system components into account” when using blockchain for voting purposes, meaning that all websites, servers, databases, etc. should have been double-checked beforehand.

With all the ballots counted, 77.9% voted for the reform package and 21.3% against, according to the Central Electoral Commission. As for the e-vote results, 62.33% of Moscow voters supported the amendments and 37.37% opposed it. In Nizhniy Novgorod, the results were somewhat similar, with a split of 59.69% and 40.31%.