@Eceni as a self-confessed tech bro, I'm loving the idea of larping in decision making, and I think the #QuadraticVoting proposal is really interesting. But please, what value does #Blockchain add, to offset its disproportionate energy and consequently environmental cost?
@simon_brooke I last came across Quadratic Voting when discussing the idea of a mutual national company (such as energy) where members (every adult resident of the nation, in this case) have to decide the priorities for the coming year at the AGM. Do you, for instance, want last year's profits a) paid as a dividend to members, b) used to subsidise energy bills, c) invested into future infrastructure, and/or d) paid as bonuses and wages to employees?
@simon_brooke Agreed, there's little need for blockchain in that setup though as voter ID would be through member number. I've yet to find an application of blockchain that can't be done without it. It's still a solution waiting for a problem.
@thecommongreen Thinking about it very hard over the past half hour, I think the method of recording votes (as distinct to the electoral system) used in the UK is pretty hard to beat. It would be better if the voting record (ballot paper) were destructively modified, e.g. by punching a hole rather than making a mark...
But any system of recording which involves computer software has to be suspect, because it is extremely hard for lay observers to verify that the correct software is in use.
@thecommongreen our current system allows observers to observe voting records being put into the sealed ballot box, the ballot box loaded sealed into a van, the ballot box being unloaded from the van with seals still attached, the box being opened, and the individual records being tallied.
The only point where the chain of custody is at risk is in the van itself, and the seals SHOULD be adequate protection there.
@simon_brooke Aye. When thinking about the risk of attack on a voting system we have to think not just about the likelihood of success but also the magnitude.
If you can change one paper vote (rubbing out the cross and replacing it) it doesn't mean you can do that hundreds or thousands of times without notice.
However, hacking a voting machine to change one vote isn't much different from hacking a machine to change hundreds or thousands of votes.
@peterbrown@simon_brooke They're pretty conventional off-the-shelf pencils, usually chosen for price rather than than anything else (you can buy them on ebay etc for a couple of quid a box). The real advantage of pencil is that, unlike ink, if you fold your ballot paper there's little risk of your mark bleeding over to another part of the page and voiding your vote.
@thecommongreen Strongly agree with everything you say here. However the voting token is created – whether it's a ballot paper hand marked by the voter, or a card printed by the voting machine, or anything – it must be a durable physical item not easily forged, not easily modified, and capable of archival storage, which can be personally verified both by the voter and by a lay observer, without the need for any 'black box' technology.
@Eceni agreed that proof of work in #Bitcoin is a huge cost which other #blockchain implementations don't have. But cryptographically signing each block is still a cost, which an insert-only database table, or write-once-read-many ('WORM') hardware device, doesn't have. The only value blockchain adds is when there's no one in the system who's trustworthy. WORM hardware even solves that problem.
@Eceni OK, let's start with the idea of privileges on database tables. SQL database engines do it by granting and denying privileges. Two of the privileges which can be granted are 'select' (allows you to read records) and 'insert' (allows you to create records).
So
revoke update, delete on votes from all;
grant select, insert on votes to voters;
gives a table that the group 'voters' can write to an read from, but not modify or delete records from.
@Eceni The snag here is that the person who has administrative privilege on the database could vary those privileges, so if there isn't anyone you can mutually trust to be administrator, this doesn't work. The alternative is WORM hardware, of which the most common example is CD-ROM drives. The WORM device is permanently physically modified in a non-reversible way when writing it, so any attempt to modify the data will fail: data may be destroyed but even that is permanently obvious. >>>
@Eceni Standard CD drives would not work for the recording votes application, because they write only in fairly large blocks, which cannot be appended to. But the principle (in this case using a laser to burn permanent holes in a metal film encapsulated in transparent plastic discs) can be used to write record-at-a-time to a device, and this practice is used in the financial services industry. >>>
@Eceni (But note that as of 2021, the US FCA was proposing removing the requirement for financial services firms in the US to keep financial records on WORM media)
@Eceni it's also worth pointing out that the very same software engineers who, like me, are protesting that blockchain adds no benefit except in environments where there is no one who can be trusted, use git, every day, for permanent storage of edits to our system; and git is, underneath, a Merkle tree, which is a form of branching blockchain.
@Eceni But our excuse is that when you're developing software collaboratively with people you'll never meet, there genuinely may be no one in the system that anyone else can wholly trust, and that being able to go back FOR CERTAIN to a version of the software before a given bug was introduced is genuinely a good thing worth paying the extra compute cost for.
@Eceni Finally, although a CD ROM is an example of WORM media which everyone is familliar with now, the principle is as old as the hills.
A tally stick is an example of write once, read many media; and the practice of requiring legal documents to be written and signed in indelible ink represents the same thinking.
@Eceni@simon_brooke the problem with any technological solution to the problem of trust is a vanishingly tiny fraction of the population have any reason to trust the technology hasn't been compromised. You can prove the principle mathematically, but not prove the implementation and infrastructure is sound.
That's why I favour public key encryption for point-to-point verifiable messages and https, but crosses on physical paper ballots anyone can recount for something as important as voting.
We started w @ruthcatlow of Furtherfield who has created an app w quadratic voting on the blockchain - it's gathering her useful data and teaching people about more flexible voting systems they can trust.
I am considering folding something like this into a novel - so it's a fictional version of our world - but I want to explore more flexible voting systems that ppl can trust.
I'm still not clear if there's a problem w blockchain?
@Eceni@petealexharris I have an allergic reaction to #blockchain. It has been the centre of so many scams. It has a real energy cost, but it is not very large (I think of the order of 4 million transactions per kilowatt hour, but I'm very mentally ill this morning and my memory is not to be trusted).
It does work, however. It has the benefit that it can be replicated across the network with its integrity guarantees intact.
Having a physical record of every vote is necessary, however.
@Eceni Yes, that is the guarantee; and in a situation where there is no one you can trust, the cost may be justified.
But, WORM hardware makes the same guarantee, and may have (not necessarily does have) lower energy cost.
The benfit of blockchain over WORM is that a blockchain can be replicated many times over a network, with the guarantee that each copy is identical, at least as far back as the most recent time it was copied.
@adamgreenfield@simon_brooke What’s the cost? Who has to pay it? Where does the money go? What happens if we don’t achieve some kind of trust-based human alignment?
NB. I’m writing this just now so theses re not rhetorical questions!
@simon_brooke@Eceni Genuine trust can only be developed within a framework of repeated interactions. It does not readily scale, and the attempt to make it to do so is a category error. As for “alignment,” well, I also believe that’s a fool’s errand. (We can cooperate on local shared goals without necessarily being globally “aligned,” right? What we’re interested in, I think, is cooperation.)
@adamgreenfield@Eceni I know that question was directed at Adam, but: the cost of hashing every commit is individually small – I've run a few just now to test, and it's about a third of a second CPU time on this machine, so about 4 million transactions per kilowatt hour. So maybe my objection is overstated.
But, contra Adam, I simply do not believe there's a natural human community in which no one is consensually trusted. Untrustworthy people exist, but they're not common.
@adamgreenfield@Eceni Having said that, I've now run the numbers and feel that my knee-jerk reaction to 'but with a blockchain' was overstated in this case. Yes, it adds compute cost, but the cost is small, and the value in terms of consensual trust may be worth it.
However, as @thecommongreen and I were discussing in an earlier thread, voting systems where every vote has to go through a black box (e.g. an app) are generally not to be trusted!
@Eceni@adamgreenfield@thecommongreen I think (as a person who works as a polling clerk on election days) that the actual MECHANISM we use for voting is about as trustworthy as it is possible for it to be. This is not an endorsement of the electoral system, which is clearly full of abuses!
@Eceni@simon_brooke Ohhh you had me right up to that last bit. Do you know much about how the assembly system has worked in the AANES – in Rojava, that is – since 2015? Based on that & other experiences, my argument is that nested, confederal neighborhood assemblies need to happen outside the state if they are to have any legitimacy at all.
@simon_brooke@Eceni (I write about this at some length in my new book, comparing it to Spanish new municipalism, which took place inside the parameters of the current, conventional electoral system, and – CW: harsh judgment – appears to have produced little to no lasting material or psychic change.)
@Eceni@simon_brooke Oh, and again: I don’t advocate for these systems because they “make better decisions,” although they almost certainly do. I advocate for them because of the transformation of affect and subjectivity that takes place among participants. It feels different to help determine the circumstances of your own being, rather than sitting idly by as history steamrollers you and your community.
@adamgreenfield@Eceni I'm in agreement here. The state will not, contra Marx, 'naturally wither away'. Rather, it will resist its dismantling with coercion, violence and oppression. We already see this in the draconian treatment of #InsulateBritain and #JustStopOil.
The good society has to emerge from seeds within nation states, but at some stage it has to break with it; and how that can be done without violence needs careful thought.
We have general elections. We need to trust the result.
Either we completely change our democratic system (and while I think that is essential, I think we do it through the existing system and with more trust, not less)
OR
We find a way to trust the result.
This is not a category error. To say it is, is just avoiding the problem.
We need ways to trust what happens in our institutions. If you know one, tell me.
@Eceni@simon_brooke Ah, well, you know I’m a build-legitimacy-outside-the-current-system, local-institution, dual-power kind of a guy. I’d rather build those institutions on a Labour or Democratic terrain, but that’s just harm reduction, not a belief that those parties can or will save us.
@adamgreenfield@simon_brooke And in the book, I'm building an entire parallel polis because I think the current system is wholly broken. Though there is a faction in the movement that's working inside the system - so we get to see both running together. Or at least, will in book 2. Book 1 just gets us to the night after the General Election. :)
@Eceni@adamgreenfield I believe that we have to do this. Your interviewee's comment about NATO in your this-week's podcast triggered me to thinking about foreign policy in the good society, and I need to write something about that; but I don't have it formed yet.
If a good society is unable to resist violence by nation states, it cannot continue to be a good society; and if good societies cannot show solidarity when one is attacked, they'll be picked off one by one. >>>
@Eceni@simon_brooke I’m sorry, but with all due respect that’s nonsense. For the women of Rojava, particularly, the alternative to armed self-defense was being sold into sexual slavery by the jihadi Salafists of Daesh, with their scriptural justification for everything from beheading captives to ethnic cleansing to rape camps. I don’t think one can so easily dismiss the instance on one’s own bodily autonomy as “militarism.”
@Eceni@adamgreenfield I've an essay on the defence of the good society which is very much in draft form, because I am not happy with it; but I'll share it by email with anyone sufficiently interested to provide constructive criticism.
@Eceni@adamgreenfield on the other hand its hard to see how the preparation for and execution of an organised response to an organised violent attack can be anything but corrosive to a good society.
@simon_brooke@Eceni Again, see the example of the YPG/YPJ. The bounding conditions are different, surely, but in this case it certainly seems like a society of armed women in particular can be a good one.
Add comment