693
Lemmy votes ARE public, should they be anonymous?
(discuss.tchncs.de)
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
For anyone interested, there are a few papers on cryptographically secure voting, where both voter anonymity and election integrity are preserved.
Most designs consider three separate entities, where if you accumulate the information between those entities you would be able to identify a voter and his vote, but each entity on itself does not hold enough information.
The problem isn't keeping votes anonymous, that's easy. The problem is bots/spam. You could just create a new instance and then upvote a post from another instance a thousand times. If the votes are anonymous for the other instance it's tough to say if they are genuine users or just bots.
That's the main issue here, when votes are anonymous you could easily just spam votes with no way to trace it back. If it's a rogue instance then fine, you can ban the whole instance. But imagine if lemmy.world starts using fake votes in the background towards other instances.
What keeps from doing that right now? You can just create an instance and bot accounts on that
It would be damn easy to look up the instance and their "users" and see that the users are not genuine. Then ban the whole instance.
If you are worried about duplicates, aka a single bot spamming multiple votes, then that's feasible to mitigate.
If you are worried about multiple bots spamming one vote each, that's harder to mitigate and it comes down to how the instances handles bot accounts in general. IMO it's best to ignore the bot problem and instead focus on designing a vote weighting system that favors similar instances.
Would make the whole thing even worse, as I could create several new instances with 10 bot users each, then hammer out the votes.
The entire problem is that you can't trace back each vote to a genuine user. It would be bad in case of fake instances that create 100 user accounts and upvote/downvote stuff, but you can ban the instance. It would be a disaster if a big instance creates fake votes (like lemmy.world suddenly adds 1000 fake users and uses them to manipulate other instances, if votes were anonymous you couldn't check if it's genuine lemmy.world users or fake accounts).
Thanks @souperk@reddthat.com,
i believe many users will be interested in these papers about cryptographically secure voting.
Amongst them there would be :
@rimu@piefed.social
@SorteKanin@feddit.dk
@brbposting@sh.itjust.works
Not sure if you are being sarcastic or not but I found this review.
https://www.mdpi.com/2073-8994/14/5/858
I had done some research about a year ago, but I don't have the papers saved.
No I was not sarcastic. So now i am trying to read your paper and i think that it is above my knowledge level.
As a layman i had the intuition that instead of having two accounts as i proposed for voting and commenting which was implemented by @rimu, we might have had something like blockchain or filecoin or some coin that would represent voting power and that would be based on our commenting value... so that coin would have been an intermediary to make voting anonymous.
Finally i know enough about science that i know that i don't know much.
Edit : after a rapid overview of the article i would say that this method :
"Blind Signature-Based e-Voting"
would be most appropriate to our social media voting and i noticed the work they have done is more targeting national elections where the outcome is much more important.
This isn't going to solve anything. Cryptographically secure voting helps when you can ensure that each person only gets to vote once. But anyone can just sign up for more accounts or make loads of bot accounts and vote multiple times. This solves nothing.
That's interesting. I have read multiple comments to the effect that it would not be possible for lemmy to implement anonymous voting because the underlying ActivityPub protocol does not support it. So it sounds like solutions do exist, although I suppose the effort required to modify ActivityPub is too much, more likely the feature will be included in some successor to the fediverse.
Wow neat!! Eating our cake & having it
Thanks @A_A@lemmy.world