Proposing a New OSMF Board Election System

Yes, but OSM is primarily an online community, so paper voting is out of the question. I never stated that my solution is perfect; the specification contains a limitation section with points for consideration. However, I am strongly convinced that anything other than OpaVote will be a better choice for OSMF voting in the future, whether it is an in-house voting or the proposed decentralized voting.

Yes. For computer transactions you can have anonymous or you can have secure. Applications that need security, like banks, are not anonymous at all, and the bank knows exactly what transactions you’ve made with them. When voting in person with paper, you can arrange it so that all the involved parties can watch the voting process, see who voted, and not see how they voted, all the while maintaining zero trust in other parties, including who is running the election. That is not possible online.

I haven’t given much thought to this yet, but I am sure there exists a reasonable solution for that. Thank you for pointing this out!

On mobile, wallets come in a form of an application with an embedded web browser. The experience is pretty much similar but with a different interface.

Could you please point me out in the good direction? I am completely new to this act!

In general: OpaVote is not ideal. It would be nice to have a better system.

But also having operating system for servers better than Linux also would be nice. And having better SSD.

It does not make sense for us to start producing own SSD, writing own OS or implementing own voting system for dedicated use by OSMF. Voting system is easiest from this three, but still it is not a weekend project. And there is opportunity cost here.

(though one of OSM mappers can design and produce own SSD, write own OS or implement system strictly better than OpaVote)

1 Like

My response will be slightly off-topic.

Firstly, never say never :slightly_smiling_face::

I believe there is a lot yet to discover when it comes to zero-knowledge proofs and zero-trust security in general. Just because something is not possible today, doesn’t mean that it will not be possible tomorrow. The mathematics is a really deep subject that we are still trying to understand.

I couldn’t prepare a more specific response because your example lacked some detail. For instance, if nobody can see the votes, who is the one counting the votes? In the real world, it usually involves a selected group of people (so there is someone who can see the votes).

General response to the community

Let me post a small clarification.

I am not saying we should all go and implement the proposed solution right now, nor change the current OpaVote system. The primary goal of this thread is to have a broader discussion about current election issues and a potential solution (I avoid talking about issues without presenting some solution). Today, please see it as just food for thought.

Yes, but not in this case (or at least my case).

When I checked the console logs during voting, the application script crashed due to a missing .js file import (which was blocked by the adblocker). This prevented the voting table from being rendered properly, which is done in a later part of the application script. The table itself was not blocked by the adblocker; it simply never rendered because of a broken script.

And sadly, because OpaVote is proprietary software, there is no simple way of resolving that issue (despite knowing the exact root cause). (I did report my findings to the OpaVote but as previously stated, I received no further response)

The problem with this, is that you’ve presented it in a way that isn’t “here’s a problem, and a potential solution”. You’ve presented it as “here’s a solution to a problem that hasn’t been discussed”. I see absolutely nothing in your original post talking about election issues outside of the comparison between OpaVote and your project, and having to then clarify it in a reply later just echos this.

If you want to have that discussion, start a new thread that actually talks about it, without bringing up this project.


Hey! Please notice:

You are free to spend your time on whatever you want, but here you are also making explicit requests of other people in the community. That does come at a cost to the project.

In addition, what you have done so far, describing an “OSMF voting system” that actually has nothing to do with the OSMF, is at best disingenuous. That doesn’t help with trust.


This is a voting system designed for the OSMF board elections.

What do you mean it has nothing to do with the OSMF?

This is not a general-use voting specification.

Don’t roll your own.


I think there is some misunderstanding. The proposed specification relies only on well-established cryptography protocols (primarily blind signatures and asymmetric cryptography). The application does not “roll it’s own” crypto.

BTW. I don’t really understand your answer in the context of “This is not a general-use voting specification”. Could you clarify?

I would like to cryptographically second this proposal.


This thread is proof that we need a :popcorn: reaction.


The Privacy point is basically something that has to be accepted when using a SaaS product. Nobody running a SaaS application is running their own email server and likely will be using some kind of cloud product. Running physical servers makes sense if you’re OSM, but not for a lot of SaaS applications.

And for security, again, welcome to every SaaS voting application, except the alternative of running our own is exactly the same, would you trust voting for an organisation using a platform run by that organisation? I wouldn’t. I’d trust a successful third party more, you wouldn’t survive if you were doctoring results.


On mobile, wallets come in a form of an application with an embedded web browser. The experience is pretty much similar but with a different interface.

so you would again need to trust that the app version you install on your mobile device would be the same as the one of which you have read the source code.


In the real world, it usually involves a selected group of people (so there is someone who can see the votes).

everybody can go to watch when the votes are counted, counting the votes is a public act (e.g. in German elections, but likely in any democratic country, although I have not checked it)


Breaking news: vulnerability found in well-established cryptography protocols.

1 Like

I’m always in favor of replacing proprietary software with free software.

But as @woodpeck says -

[…] Personally, while I certainly possess the ability to install a crypto wallet extension into my web browser, I’m not even sure if I would (because I dislike anything to do with cryptocurrency […]

A free software solution that does not involve cryptocurrency would have my support.

1 Like