Los Angeles voters in last month’s primary election found themselves in a familiar situation: stuck in traffic. But they weren’t in the comfort of their cars on the freeway. Instead, due to mishaps with new ballot-marking devices, some voters stood in line for more than 2 hours and others didn’t get to vote at all.

Los Angeles County is one of a growing number of public authorities testing open source components for voting systems. It began work on its US $300 million Voting Solutions for All People (VSAP) project in 2009, announcing at the time that its source code would be open and belong to the county. Most American voting systems belong to one of a handful of certified commercial suppliers, which keep their source code close to their chests.

VSAP, which Los Angeles County used for the first time this year, has yet to open its code to public scrutiny, but the code does belong to the county. A county spokesperson told Politico it still plans to share the code once it resolves security and licensing issues.

Open source code would add to the transparency of the process, says elections expert Peter Wolf of the intergovernmental International Institute for Democracy and Electoral Assistance (IDEA) in Stockholm. That can assuage concerns from opposition political parties, competing voting system providers, and voters.

At least 22 countries have reported to IDEA that they had experimented with some form of open source voting, and the list is growing. In the United States, voting is administered at the county level, so there is a plethora of experiences to compare. 

Microsoft is also involved in an open-source vote verification system, tested in this year’s Wisconsin primary election. It would allow a voter to confirm that their vote was counted.

Last year, DARPA announced that the agency was building its own $10 million open source system that will showcase new verifiably secure hardware. Its hardware is not a complete voting system, either, but it might “kick industry in the pants,” says open-source voting technology evangelist Gregory Miller, chief operating officer of the nonprofit Open Source Elections Technology (OSET) Institute.

Miller and another maker of open source voting technology, computer scientist Juan Gilbert at the University of Florida in Gainesville, both claim that the main three commercial vendors have adopted ideas first implemented by the open source movement.

“That was definitely a success,” Gilbert says. “Our goal was to change voting.”

Samira Saba, communications director of Smartmatic, a major election systems supplier that was also VSAP’s commercial partner, says that Smartmatic uses open-source components in the operating systems, development frameworks, toolchains, and encryption libraries of some of its products.

“One risk with open source is assuming automatically you will have extra scrutiny.”

Since Gilbert isn’t trying to build a commercial platform, he hasn’t spent the $700,000 or so and the year it might take to obtain U.S. federal certification for his ballot-marking device, the Prime III, but the states of New Hampshire and Ohio have adopted versions for use by voters with disabilities.

That financial barrier to entry is one reason why free and open source voting systems may not be commercially viable without a change in the business model, as has happened in other businesses. Instead of charging for the right to use the software and hardware, for example, companies could charge users to get support for open systems. 

“It will become a business of systems integration,” Miller says. The OSET Institute predicts that such a business built on open source infrastructure could save taxpayers around 60 percent of what they now pay to voting technology companies.

Saba, of Smartmatic, says that the company recommends to clients that they disclose their system’s source code to relevant stakeholders—though not necessarily the whole world—for the sake of transparency. “We believe this is the way of the future,” she says.

One example of that approach was Switzerland’s new online voting system (not built by Smartmatic). However, when somebody leaked the code last year, security researchers found multiple flaws not detected by the professional auditors with whom Swiss authorities had shared the code.

Though many supporters expect open source voting technology to offer an opportunity for better security, the opportunity is no guarantee, Wolf says. He once reviewed the public code for a national online voting software and noticed that it hadn’t gotten a lot of attention from other reviewers. 

“One risk with open source is assuming automatically you will have extra scrutiny,” Wolf says, “And it will not necessarily happen. It depends a lot on the community.” 

Voting technology oversight turns out to be a lot like other forms of oversight in a democracy. Opening the source may enable some oversight, but it won’t assure it on its own. Nor can it prevent the paper jams that caused last month’s voter traffic jams in Los Angeles.

“Other technology runs 24/7 and you can learn from failures. Elections technology has to work on the day and it’s almost always new,” Wolf says. “Open source or not, this is always hard to get right.”

Open/Close is a series of stories by Lucas Laursen for IEEE Spectrum that explores how openness and technology interact. The open source movement emerged from software, but has spread in many directions since, to hardware-focused Fab Labs and even voting booths. Openness offers plenty of tempting benefits: oversight by the crowd, preventing duplication of effort, and the ability to empower vulnerable people. But it also results in innumerable software forks, doesn’t always attract a critical mass of users, and can threaten privacy. This series will address how the tensions between open and closed technology are playing out in the engineering world.

The Conversation (0)

The Spectacular Collapse of CryptoKitties, the First Big Blockchain Game

A cautionary tale of NFTs, Ethereum, and cryptocurrency security

8 min read
Vertical
Mountains and cresting waves made of cartoon cats and large green coins.
Frank Stockton
Pink

On 4 September 2018, someone known only as Rabono bought an angry cartoon cat named Dragon for 600 ether—an amount of Ethereum cryptocurrency worth about US $170,000 at the time, or $745,000 at the cryptocurrency’s value in July 2022.

It was by far the highest transaction yet for a nonfungible token (NFT), the then-new concept of a unique digital asset. And it was a headline-grabbing opportunity for CryptoKitties, the world’s first blockchain gaming hit. But the sky-high transaction obscured a more difficult truth: CryptoKitties was dying, and it had been for some time.

The launch of CryptoKitties drove up the value of Ether and the number of transactions on its blockchain. Even as the game's transaction volume plummeted, the number of Ethereum transactions continued to rise, possibly because of the arrival of multiple copycat NFT games.

That perhaps unrealistic wish becomes impossible once the downward spiral begins. Players, feeling no other attachment to the game than growing an investment, quickly flee and don’t return.

Whereas some blockchain games have seemingly ignored the perils of CryptoKitties’ quick growth and long decline, others have learned from the strain it placed on the Ethereum network. Most blockchain games now use a sidechain, a blockchain that exists independently but connects to another, more prominent “parent” blockchain. The chains are connected by a bridge that facilitates the transfer of tokens between each chain. This prevents a rise in fees on the primary blockchain, as all game activity occurs on the sidechain.

Yet even this new strategy comes with problems, because sidechains are proving to be less secure than the parent blockchain. An attack on Ronin, the sidechain used by Axie Infinity, let the hackers get away with the equivalent of $600 million. Polygon, another sidechain often used by blockchain games, had to patch an exploit that put $850 million at risk and pay a bug bounty of $2 million to the hacker who spotted the issue. Players who own NFTs on a sidechain are now warily eyeing its security.

Remember Dragon

The cryptocurrency wallet that owns the near million dollar kitten Dragon now holds barely 30 dollars’ worth of ether and hasn’t traded in NFTs for years. Wallets are anonymous, so it’s possible the person behind the wallet moved on to another. Still, it’s hard not to see the wallet’s inactivity as a sign that, for Rabono, the fun didn’t last.

Whether blockchain games and NFTs shoot to the moon or fall to zero, Bladon remains proud of what CryptoKitties accomplished and hopeful it nudged the blockchain industry in a more approachable direction.

“Before CryptoKitties, if you were to say ‘blockchain,’ everyone would have assumed you’re talking about cryptocurrency,” says Bladon. “What I’m proudest of is that it was something genuinely novel. There was real technical innovation, and seemingly, a real culture impact.”

This article was corrected on 11 August 2022 to give the correct date of Bryce Bladon's departure from Dapper Labs.

This article appears in the September 2022 print issue as “The Spectacular Collapse of CryptoKitties.”

Keep Reading ↓Show less
{"imageShortcodeIds":[]}