We are pleased to introduce a new version of WE.Vote — an online voting service based on the mainnet. First launched for commercial use in November 2020, WE.Vote has now received an update to version 1.4. This post provides details about the changes made in the update.
Keeping seed phrase within the WE.Vote service
Voting in WE.Vote requires preliminary voter registration. Each registered user has a dedicated pair of encryption keys (public and private) based on a seed phrase. Every pair of encryption keys is registered in the smart contract to act as an identifier of its owner. The voting service accepts a vote with this identifier, and then the vote is signed using the encryption keys, in order to guarantee authenticity and ballot secrecy. You can read more about encryption keys and seed phrases in the WE.Vote service documentation.
Users are responsible for the security of their seed phrases. In a traditional scenario for a decentralized application, these phrases are not saved on the application server. If a user loses their seed phrase, they may reset it and restore access to participate in future ballots. However, they will miss out on the chance to take part in ballots that have already started because in these cases the user is identified via the seed phrase that has been lost.
Though seed phrases are mnemonic memory aids, not everyone remembers or retains this information. In our user feedback, we noticed that our users (especially those who are without blockchain background) wished to simplify working with seed phrases, and some were even willing to trust the platform to retain their seed phrases for them.
In WE.Vote 1.4 we offer a new, alternative way to keep the phrase at our protected cloud. In this scenario an isolated service creates your personal pair of encryption keys and saves the data in encrypted form in the Waves Enterprise cloud. When a user casts a vote, it is encrypted locally on their device and then signed with their personal pair of encryption keys in the cloud. As a result, the pair of keys is not transferred from the cloud and therefore cannot be intercepted.
You can choose the method for keeping your phrase — either locally or in the cloud — when you register in the WE.Vote service or at a later time, but you should do so when you are not in the participant list of an active ballot. If you choose to keep your seed phrase in the cloud, you will only need a login and a password to cast your vote. Please note: resetting your WE.Vote entry password does not affect your access to your seed phrase.
In WE.Vote 1.4 we have updated the UI to make actions in our service closer to the voting experience in the real world. In order to achieve this, we have made the UX more smooth and also introduced a role model to separate administrators and voters. Additionally, we have updated the user manual to align it to the new UI, and to cover all the ballot management stages and other important matters in detail.
Thanks to support for different types of ballot, including majority and weighted ballots, and ballots with a deciding vote, WE.Vote is suitable for national and local elections, as well as for ballots by management boards in any type of business including joint-stock companies, non-commercial organizations and other entities.