def test_tally_spoiled_ballots_accumulates_valid_tally(
self, everything: ELECTIONS_AND_BALLOTS_TUPLE_TYPE):
# Arrange
metadata, ballots, secret_key, context = everything
# Tally the plaintext ballots for comparison later
plaintext_tallies = accumulate_plaintext_ballots(ballots)
# encrypt each ballot
store = BallotStore()
seed_hash = EncryptionDevice("Location").get_hash()
for ballot in ballots:
encrypted_ballot = encrypt_ballot(ballot, metadata, context,
seed_hash)
seed_hash = encrypted_ballot.tracking_hash
self.assertIsNotNone(encrypted_ballot)
# add to the ballot store
store.set(
encrypted_ballot.object_id,
from_ciphertext_ballot(encrypted_ballot,
BallotBoxState.SPOILED),
)
# act
result = tally_ballots(store, metadata, context)
self.assertIsNotNone(result)
# Assert
decrypted_tallies = self._decrypt_with_secret(result, secret_key)
self.assertCountEqual(plaintext_tallies, decrypted_tallies)
for value in decrypted_tallies.values():
self.assertEqual(0, value)
self.assertEqual(len(ballots), len(result.spoiled_ballots))
def test_cast_ballot(self):
# Arrange
keypair = elgamal_keypair_from_secret(int_to_q(2))
election = election_factory.get_fake_election()
metadata, context = election_factory.get_fake_ciphertext_election(
election, keypair.public_key
)
store = BallotStore()
source = election_factory.get_fake_ballot(metadata)
self.assertTrue(source.is_valid(metadata.ballot_styles[0].object_id))
# Act
data = encrypt_ballot(source, metadata, context, SEED_HASH)
result = accept_ballot(data, BallotBoxState.CAST, metadata, context, store)
# Assert
expected = store.get(source.object_id)
self.assertEqual(expected.state, BallotBoxState.CAST)
self.assertEqual(result.state, BallotBoxState.CAST)
self.assertEqual(expected.object_id, result.object_id)
# Test failure modes
self.assertIsNone(
accept_ballot(data, BallotBoxState.CAST, metadata, context, store)
) # cannot cast again
self.assertIsNone(
accept_ballot(data, BallotBoxState.SPOILED, metadata, context, store)
) # cannot cspoil a ballot already cast
def step_3_cast_and_spoil(self) -> None:
"""
Accept each ballot by marking it as either cast or spoiled.
This example demonstrates one way to accept ballots using the `BallotBox` class
"""
# Configure the Ballot Box
self.ballot_store = BallotStore()
self.ballot_box = BallotBox(self.metadata, self.context,
self.ballot_store)
# Randomly cast or spoil the ballots
for ballot in self.ciphertext_ballots:
# if randint(0, 1):
# accepted_ballot = self.ballot_box.cast(ballot)
# else:
# accepted_ballot = self.ballot_box.spoil(ballot)
accepted_ballot = self.ballot_box.cast(ballot)
self._assert_message(
BallotBox.__qualname__,
f"Accepted Ballot Id: {ballot.object_id} state: {get_optional(accepted_ballot).state}",
accepted_ballot is not None,
)
# Send Over Network
send_over_network(self.ciphertext_ballots)
def cast_spoil(ballot_id: str, do_cast: bool, ballots_encrypted: List,
store: BallotStore, metadata: InternalElectionDescription,
context: CiphertextElectionContext) -> (bool, BallotStore):
"""
:param context:
:param metadata:
:param store:
:param ballots_encrypted:
:param ballot_id:
:param do_cast: cast ballot if true, spoil otherwise (could be cleaner...)
:return: Status code and the new store. store gets modified in accept_ballot without being explicitly returned
"""
# Search for the ballot with ballot_id in ballots_encrypted
ballot = next((b for b in ballots_encrypted if b.object_id == ballot_id),
None)
if not ballot:
return False, store
if do_cast:
accepted_ballot = accept_ballot(ballot, BallotBoxState.CAST, metadata,
context, store)
assert (store.get(accepted_ballot.object_id) == accepted_ballot)
return True, store
else:
accepted_ballot = accept_ballot(ballot, BallotBoxState.SPOILED,
metadata, context, store)
assert (store.get(accepted_ballot.object_id) == accepted_ballot)
return True, store
def generate(self, number_of_ballots: int = DEFAULT_NUMBER_OF_BALLOTS):
"""
Generate the sample data set
"""
rmtree(RESULTS_DIR, ignore_errors=True)
(
public_data,
private_data,
) = self.election_factory.get_hamilton_election_with_encryption_context()
plaintext_ballots = self.ballot_factory.generate_fake_plaintext_ballots_for_election(
public_data.metadata, number_of_ballots
)
self.encrypter = EncryptionMediator(
public_data.metadata, public_data.context, self.encryption_device
)
ciphertext_ballots: List[CiphertextBallot] = []
for plaintext_ballot in plaintext_ballots:
ciphertext_ballots.append(
get_optional(self.encrypter.encrypt(plaintext_ballot))
)
ballot_store = BallotStore()
ballot_box = BallotBox(public_data.metadata, public_data.context, ballot_store)
accepted_ballots: List[CiphertextAcceptedBallot] = []
for ballot in ciphertext_ballots:
if randint(0, 100) % 10 == 0:
accepted_ballots.append(ballot_box.spoil(ballot))
else:
accepted_ballots.append(ballot_box.cast(ballot))
ciphertext_tally = get_optional(
tally_ballots(ballot_store, public_data.metadata, public_data.context)
)
decrypter = DecryptionMediator(
public_data.metadata, public_data.context, ciphertext_tally
)
for guardian in private_data.guardians:
decrypter.announce(guardian)
plaintext_tally = get_optional(decrypter.get_plaintext_tally())
publish(
public_data.description,
public_data.context,
public_data.constants,
accepted_ballots,
ciphertext_tally,
plaintext_tally,
public_data.guardians,
)
publish_private_data(
plaintext_ballots, ciphertext_ballots, private_data.guardians
)
def _generate_encrypted_tally(
self,
metadata: InternalElectionDescription,
context: CiphertextElectionContext,
ballots: List[PlaintextBallot],
) -> CiphertextTally:
# encrypt each ballot
store = BallotStore()
for ballot in ballots:
encrypted_ballot = encrypt_ballot(ballot, metadata, context,
int_to_q_unchecked(1))
self.assertIsNotNone(encrypted_ballot)
# add to the ballot store
store.set(
encrypted_ballot.object_id,
from_ciphertext_ballot(encrypted_ballot, BallotBoxState.CAST),
)
tally = tally_ballots(store, metadata, context)
self.assertIsNotNone(tally)
return get_optional(tally)
def handle_ballot(request: AcceptBallotRequest, state: BallotBoxState) -> Any:
ballot = CiphertextBallot.from_json_object(request.ballot)
description = ElectionDescription.from_json_object(request.description)
internal_description = InternalElectionDescription(description)
context = CiphertextElectionContext.from_json_object(request.context)
accepted_ballot = accept_ballot(
ballot,
state,
internal_description,
context,
BallotStore(),
)
return accepted_ballot
def create() -> Tuple:
"""
An election with only one guardian and random keys gets generated.
More configuration options and the ability to hold a key ceremony should be added later.
"""
# Open an election manifest file
with open(os.path.join(ELECTION_MANIFEST), "r") as manifest:
string_representation = manifest.read()
election_description = ElectionDescription.from_json(
string_representation)
# Create an election builder instance, and configure it for a single public-private keypair.
# in a real election, you would configure this for a group of guardians. See Key Ceremony for more information.
# TODO: Allow real key ceremony
builder = ElectionBuilder(
number_of_guardians=
1, # since we will generate a single public-private keypair, we set this to 1
quorum=
1, # since we will generate a single public-private keypair, we set this to 1
description=election_description)
# We simply generate a random keypair. For a real election this step should
# be replaced by the key ceremony
keypair = elgamal_keypair_random()
builder.set_public_key(keypair.public_key)
# get an `InternalElectionDescription` and `CiphertextElectionContext`
# that are used for the remainder of the election.
(metadata, context) = builder.build()
# Configure an encryption device
# In the docs the encrypter device gets defined when encrypting a ballot.
# I think for our usecase it makes more sense to define one encrypter and use for the whole election
device = EncryptionDevice("polling-place-one")
encrypter = EncryptionMediator(metadata, context, device)
store = BallotStore()
ballot_box = BallotBox(metadata, context, store)
return metadata, context, encrypter, ballot_box, store, keypair
def setUp(self):
self.key_ceremony = KeyCeremonyMediator(self.CEREMONY_DETAILS)
self.guardians: List[Guardian] = []
# Setup Guardians
for i in range(self.NUMBER_OF_GUARDIANS):
sequence = i + 2
self.guardians.append(
Guardian(
"guardian_" + str(sequence),
sequence,
self.NUMBER_OF_GUARDIANS,
self.QUORUM,
))
# Attendance (Public Key Share)
for guardian in self.guardians:
self.key_ceremony.announce(guardian)
self.key_ceremony.orchestrate(identity_auxiliary_encrypt)
self.key_ceremony.verify(identity_auxiliary_decrypt)
self.joint_public_key = self.key_ceremony.publish_joint_key()
self.assertIsNotNone(self.joint_public_key)
# setup the election
self.election = election_factory.get_fake_election()
builder = ElectionBuilder(self.NUMBER_OF_GUARDIANS, self.QUORUM,
self.election)
self.assertIsNone(
builder.build()) # Can't build without the public key
builder.set_public_key(self.joint_public_key)
self.metadata, self.context = get_optional(builder.build())
self.encryption_device = EncryptionDevice("location")
self.ballot_marking_device = EncryptionMediator(
self.metadata, self.context, self.encryption_device)
# get some fake ballots
self.fake_cast_ballot = ballot_factory.get_fake_ballot(
self.metadata, "some-unique-ballot-id-cast")
self.more_fake_ballots = []
for i in range(10):
self.more_fake_ballots.append(
ballot_factory.get_fake_ballot(
self.metadata, f"some-unique-ballot-id-cast{i}"))
self.fake_spoiled_ballot = ballot_factory.get_fake_ballot(
self.metadata, "some-unique-ballot-id-spoiled")
self.assertTrue(
self.fake_cast_ballot.is_valid(
self.metadata.ballot_styles[0].object_id))
self.assertTrue(
self.fake_spoiled_ballot.is_valid(
self.metadata.ballot_styles[0].object_id))
self.expected_plaintext_tally = accumulate_plaintext_ballots(
[self.fake_cast_ballot] + self.more_fake_ballots)
# Fill in the expected values with any missing selections
# that were not made on any ballots
selection_ids = set([
selection.object_id for contest in self.metadata.contests
for selection in contest.ballot_selections
])
missing_selection_ids = selection_ids.difference(
set(self.expected_plaintext_tally))
for id in missing_selection_ids:
self.expected_plaintext_tally[id] = 0
# Encrypt
encrypted_fake_cast_ballot = self.ballot_marking_device.encrypt(
self.fake_cast_ballot)
encrypted_fake_spoiled_ballot = self.ballot_marking_device.encrypt(
self.fake_spoiled_ballot)
self.assertIsNotNone(encrypted_fake_cast_ballot)
self.assertIsNotNone(encrypted_fake_spoiled_ballot)
self.assertTrue(
encrypted_fake_cast_ballot.is_valid_encryption(
self.context.crypto_extended_base_hash, self.joint_public_key))
# encrypt some more fake ballots
self.more_fake_encrypted_ballots = []
for fake_ballot in self.more_fake_ballots:
self.more_fake_encrypted_ballots.append(
self.ballot_marking_device.encrypt(fake_ballot))
# configure the ballot box
ballot_store = BallotStore()
ballot_box = BallotBox(self.metadata, self.context, ballot_store)
ballot_box.cast(encrypted_fake_cast_ballot)
ballot_box.spoil(encrypted_fake_spoiled_ballot)
# Cast some more fake ballots
for fake_ballot in self.more_fake_encrypted_ballots:
ballot_box.cast(fake_ballot)
# generate encrypted tally
self.ciphertext_tally = tally_ballots(ballot_store, self.metadata,
self.context)
def test_ballot_store(self):
# Arrange
keypair = elgamal_keypair_from_secret(int_to_q(2))
election = election_factory.get_fake_election()
metadata, context = election_factory.get_fake_ciphertext_election(
election, keypair.public_key)
# get an encrypted fake ballot to work with
fake_ballot = election_factory.get_fake_ballot(metadata)
encrypted_ballot = encrypt_ballot(fake_ballot, metadata, context,
SEED_HASH)
# Set up the ballot store
subject = BallotStore()
data_cast = CiphertextAcceptedBallot(
encrypted_ballot.object_id,
encrypted_ballot.ballot_style,
encrypted_ballot.description_hash,
encrypted_ballot.previous_tracking_hash,
encrypted_ballot.contests,
encrypted_ballot.tracking_hash,
encrypted_ballot.timestamp,
)
data_cast.state = BallotBoxState.CAST
data_spoiled = CiphertextAcceptedBallot(
encrypted_ballot.object_id,
encrypted_ballot.ballot_style,
encrypted_ballot.description_hash,
encrypted_ballot.previous_tracking_hash,
encrypted_ballot.contests,
encrypted_ballot.tracking_hash,
encrypted_ballot.timestamp,
)
data_spoiled.state = BallotBoxState.SPOILED
self.assertIsNone(subject.get("cast"))
self.assertIsNone(subject.get("spoiled"))
# try to set a ballot with an unknown state
self.assertFalse(
subject.set(
"unknown",
CiphertextAcceptedBallot(
encrypted_ballot.object_id,
encrypted_ballot.ballot_style,
encrypted_ballot.description_hash,
encrypted_ballot.previous_tracking_hash,
encrypted_ballot.contests,
encrypted_ballot.tracking_hash,
encrypted_ballot.timestamp,
),
))
# Act
self.assertTrue(subject.set("cast", data_cast))
self.assertTrue(subject.set("spoiled", data_spoiled))
self.assertEqual(subject.get("cast"), data_cast)
self.assertEqual(subject.get("spoiled"), data_spoiled)
self.assertEqual(subject.exists("cast"), (True, data_cast))
self.assertEqual(subject.exists("spoiled"), (True, data_spoiled))
# test mutate state
data_cast.state = BallotBoxState.UNKNOWN
self.assertEqual(subject.exists("cast"), (False, data_cast))
# test remove
self.assertTrue(subject.set("cast", None))
self.assertEqual(subject.exists("cast"), (False, None))
class TestEndToEndElection(TestCase):
"""
Test a complete simple example of executing an End-to-End encrypted election.
In a real world scenario all of these steps would not be completed on the same machine.
"""
NUMBER_OF_GUARDIANS = 5
QUORUM = 3
REMOVE_OUTPUT = False
# Step 0 - Configure Election
description: ElectionDescription
election_builder: ElectionBuilder
metadata: InternalElectionDescription
context: CiphertextElectionContext
constants: ElectionConstants
# Step 1 - Key Ceremony
mediator: KeyCeremonyMediator
guardians: List[Guardian] = []
coefficient_validation_sets: List[CoefficientValidationSet] = []
# Step 2 - Encrypt Votes
device: EncryptionDevice
encrypter: EncryptionMediator
plaintext_ballots: List[PlaintextBallot]
ciphertext_ballots: List[CiphertextBallot] = []
# Step 3 - Cast and Spoil
ballot_store: BallotStore
ballot_box: BallotBox
# Step 4 - Decrypt Tally
ciphertext_tally: CiphertextTally
plaintext_tally: PlaintextTally
decrypter: DecryptionMediator
def test_end_to_end_election(self) -> None:
"""
Execute the simplified end-to-end test demonstrating each component of the system.
"""
self.step_0_configure_election()
self.step_1_key_ceremony()
self.step_2_encrypt_votes()
self.step_3_cast_and_spoil()
self.step_4_decrypt_tally()
self.step_5_publish_and_verify()
def step_0_configure_election(self) -> None:
"""
To conduct an election, load an `ElectionDescription` file
"""
# Load a pre-configured Election Description
# TODO: replace with complex election
self.description = ElectionFactory().get_simple_election_from_file()
print(f"""
{'-'*40}\n
# Election Summary:
# Scope: {self.description.election_scope_id}
# Geopolitical Units: {len(self.description.geopolitical_units)}
# Parties: {len(self.description.parties)}
# Candidates: {len(self.description.candidates)}
# Contests: {len(self.description.contests)}
# Ballot Styles: {len(self.description.ballot_styles)}\n
{'-'*40}\n
""")
self._assert_message(
ElectionDescription.is_valid.__qualname__,
"Verify that the input election meta-data is well-formed",
self.description.is_valid(),
)
# Create an Election Builder
self.election_builder = ElectionBuilder(self.NUMBER_OF_GUARDIANS,
self.QUORUM, self.description)
self._assert_message(
ElectionBuilder.__qualname__,
f"Created with number_of_guardians: {self.NUMBER_OF_GUARDIANS} quorum: {self.QUORUM}",
)
# Move on to the Key Ceremony
def step_1_key_ceremony(self) -> None:
"""
Using the NUMBER_OF_GUARDIANS, generate public-private keypairs and share
representations of those keys with QUORUM of other Guardians. Then, combine
the public election keys to make a joint election key that is used to encrypt ballots
"""
# Setup Guardians
for i in range(self.NUMBER_OF_GUARDIANS):
self.guardians.append(
Guardian("guardian_" + str(i), i, self.NUMBER_OF_GUARDIANS,
self.QUORUM))
# Setup Mediator
self.mediator = KeyCeremonyMediator(self.guardians[0].ceremony_details)
# Attendance (Public Key Share)
for guardian in self.guardians:
self.mediator.announce(guardian)
self._assert_message(
KeyCeremonyMediator.all_guardians_in_attendance.__qualname__,
"Confirms all guardians have shared their public keys",
self.mediator.all_guardians_in_attendance(),
)
# Run the Key Ceremony process,
# Which shares the keys among the guardians
orchestrated = self.mediator.orchestrate()
self._assert_message(
KeyCeremonyMediator.orchestrate.__qualname__,
"Executes the key exchange between guardians",
orchestrated is not None,
)
self._assert_message(
KeyCeremonyMediator.all_election_partial_key_backups_available.
__qualname__,
"Confirm sall guardians have shared their partial key backups",
self.mediator.all_election_partial_key_backups_available(),
)
# Verification
verified = self.mediator.verify()
self._assert_message(
KeyCeremonyMediator.verify.__qualname__,
"Confirms all guardians truthfully executed the ceremony",
verified,
)
self._assert_message(
KeyCeremonyMediator.
all_election_partial_key_verifications_received.__qualname__,
"Confirms all guardians have submitted a verification of the backups of all other guardians",
self.mediator.all_election_partial_key_verifications_received(),
)
self._assert_message(
KeyCeremonyMediator.all_election_partial_key_backups_verified.
__qualname__,
"Confirms all guardians have verified the backups of all other guardians",
self.mediator.all_election_partial_key_backups_verified(),
)
# Joint Key
joint_key = self.mediator.publish_joint_key()
self._assert_message(
KeyCeremonyMediator.publish_joint_key.__qualname__,
"Publishes the Joint Election Key",
joint_key is not None,
)
# Save Validation Keys
for guardian in self.guardians:
self.coefficient_validation_sets.append(
guardian.share_coefficient_validation_set())
# Build the Election
self.election_builder.set_public_key(get_optional(joint_key))
self.metadata, self.context = get_optional(
self.election_builder.build())
self.constants = ElectionConstants()
# Move on to encrypting ballots
def step_2_encrypt_votes(self) -> None:
"""
Using the `CiphertextElectionContext` encrypt ballots for the election
"""
# Configure the Encryption Device
self.device = EncryptionDevice("polling-place-one")
self.encrypter = EncryptionMediator(self.metadata, self.context,
self.device)
self._assert_message(
EncryptionDevice.__qualname__,
f"Ready to encrypt at location: {self.device.location}",
)
# Load some Ballots
self.plaintext_ballots = BallotFactory().get_simple_ballots_from_file()
self._assert_message(
PlaintextBallot.__qualname__,
f"Loaded ballots: {len(self.plaintext_ballots)}",
len(self.plaintext_ballots) > 0,
)
# Encrypt the Ballots
for plaintext_ballot in self.plaintext_ballots:
encrypted_ballot = self.encrypter.encrypt(plaintext_ballot)
self._assert_message(
EncryptionMediator.encrypt.__qualname__,
f"Ballot Id: {plaintext_ballot.object_id}",
encrypted_ballot is not None,
)
self.ciphertext_ballots.append(get_optional(encrypted_ballot))
# Next, we cast or spoil the ballots
def step_3_cast_and_spoil(self) -> None:
"""
Accept each ballot by marking it as either cast or spoiled.
This example demonstrates one way to accept ballots using the `BallotBox` class
"""
# Configure the Ballot Box
self.ballot_store = BallotStore()
self.ballot_box = BallotBox(self.metadata, self.context,
self.ballot_store)
# Randomly cast or spoil the ballots
for ballot in self.ciphertext_ballots:
# if randint(0, 1):
# accepted_ballot = self.ballot_box.cast(ballot)
# else:
# accepted_ballot = self.ballot_box.spoil(ballot)
accepted_ballot = self.ballot_box.cast(ballot)
self._assert_message(
BallotBox.__qualname__,
f"Accepted Ballot Id: {ballot.object_id} state: {get_optional(accepted_ballot).state}",
accepted_ballot is not None,
)
def step_4_decrypt_tally(self) -> None:
"""
Homomorphically combine the selections made on all of the cast ballots
and use the Available Guardians to decrypt the combined tally.
In this way, no individual voter's cast ballot is ever decrypted drectly.
"""
# Generate a Homomorphically Accumulated Tally of the ballots
self.ciphertext_tally = get_optional(
tally_ballots(self.ballot_store, self.metadata, self.context))
self._assert_message(
tally_ballots.__qualname__,
f"""
- cast: {self.ciphertext_tally.count()}
- spoiled: {len(self.ciphertext_tally.spoiled_ballots)}
Total: {len(self.ciphertext_tally)}
""",
self.ciphertext_tally is not None,
)
# Configure the Decryption
self.decrypter = DecryptionMediator(self.metadata, self.context,
self.ciphertext_tally)
# Announce each guardian as present
for guardian in self.guardians:
decryption_share = self.decrypter.announce(guardian)
self._assert_message(
DecryptionMediator.announce.__qualname__,
f"Guardian Present: {guardian.object_id}",
decryption_share is not None,
)
# Get the Plain Text Tally
self.plaintext_tally = get_optional(
self.decrypter.get_plaintext_tally())
self._assert_message(
DecryptionMediator.get_plaintext_tally.__qualname__,
"Tally Decrypted",
self.plaintext_tally is not None,
)
# Now, compare the results
self.compare_results()
def compare_results(self) -> None:
"""
Compare the results to ensure the decryption was done correctly
"""
print(f"""
{'-'*40}
# Election Results:
""")
# Create a representation of each contest's tally
selection_ids = [
selection.object_id for contest in self.metadata.contests
for selection in contest.ballot_selections
]
expected_plaintext_tally: Dict[str, int] = {
key: 0
for key in selection_ids
}
# Tally the expected values from the loaded ballots
for ballot in self.plaintext_ballots:
if (get_optional(self.ballot_store.get(
ballot.object_id)).state == BallotBoxState.CAST):
for contest in ballot.contests:
for selection in contest.ballot_selections:
expected_plaintext_tally[
selection.object_id] += selection.to_int()
# Compare the expected tally to the decrypted tally
for tally_contest in self.plaintext_tally.contests.values():
print(f" Contest: {tally_contest.object_id}")
for tally_selection in tally_contest.selections.values():
expected = expected_plaintext_tally[tally_selection.object_id]
self._assert_message(
f" - Selection: {tally_selection.object_id}",
f"expected: {expected}, actual: {tally_selection.tally}",
expected == tally_selection.tally,
)
print(f"\n{'-'*40}\n")
# Compare the expected values for each spoiled ballot
for ballot_id, accepted_ballot in self.ciphertext_tally.spoiled_ballots.items(
):
if accepted_ballot.state == BallotBoxState.SPOILED:
for plaintext_ballot in self.plaintext_ballots:
if ballot_id == plaintext_ballot.object_id:
print(f"\nSpoiled Ballot: {ballot_id}")
for contest in plaintext_ballot.contests:
print(f"\n Contest: {contest.object_id}")
for selection in contest.ballot_selections:
expected = selection.to_int()
decrypted_selection = (
self.plaintext_tally.spoiled_ballots[
ballot_id][contest.object_id].
selections[selection.object_id])
self._assert_message(
f" - Selection: {selection.object_id}",
f"expected: {expected}, actual: {decrypted_selection.tally}",
expected == decrypted_selection.tally,
)
def step_5_publish_and_verify(self) -> None:
"""Publish and verify steps of the election"""
self.publish_results()
self.verify_results()
if self.REMOVE_OUTPUT:
rmtree(RESULTS_DIR)
def publish_results(self) -> None:
"""
Publish results/artifacts of the election
"""
publish(
self.description,
self.context,
self.constants,
[self.device],
self.ballot_store.all(),
self.ciphertext_tally.spoiled_ballots.values(),
publish_ciphertext_tally(self.ciphertext_tally),
self.plaintext_tally,
self.coefficient_validation_sets,
)
self._assert_message(
"Publish",
f"Artifacts published to: {RESULTS_DIR}",
path.exists(RESULTS_DIR),
)
def verify_results(self) -> None:
"""Verify results of election"""
# Deserialize
description_from_file = ElectionDescription.from_json_file(
DESCRIPTION_FILE_NAME, RESULTS_DIR)
self.assertEqual(self.description, description_from_file)
context_from_file = CiphertextElectionContext.from_json_file(
CONTEXT_FILE_NAME, RESULTS_DIR)
self.assertEqual(self.context, context_from_file)
constants_from_file = ElectionConstants.from_json_file(
CONSTANTS_FILE_NAME, RESULTS_DIR)
self.assertEqual(self.constants, constants_from_file)
device_name = DEVICE_PREFIX + str(self.device.uuid)
device_from_file = EncryptionDevice.from_json_file(
device_name, DEVICES_DIR)
self.assertEqual(self.device, device_from_file)
ciphertext_ballots: List[CiphertextAcceptedBallot] = []
for ballot in self.ballot_store.all():
ballot_name = BALLOT_PREFIX + ballot.object_id
ballot_from_file = CiphertextAcceptedBallot.from_json_file(
ballot_name, BALLOTS_DIR)
self.assertEqual(ballot, ballot_from_file)
spoiled_ballots: List[CiphertextAcceptedBallot] = []
for spoiled_ballot in self.ciphertext_tally.spoiled_ballots.values():
ballot_name = BALLOT_PREFIX + spoiled_ballot.object_id
spoiled_ballot_from_file = CiphertextAcceptedBallot.from_json_file(
ballot_name, SPOILED_DIR)
self.assertEqual(spoiled_ballot, spoiled_ballot_from_file)
ciphertext_tally_from_file = PublishedCiphertextTally.from_json_file(
ENCRYPTED_TALLY_FILE_NAME, RESULTS_DIR)
self.assertEqual(publish_ciphertext_tally(self.ciphertext_tally),
ciphertext_tally_from_file)
plainttext_tally_from_file = PlaintextTally.from_json_file(
TALLY_FILE_NAME, RESULTS_DIR)
self.assertEqual(self.plaintext_tally, plainttext_tally_from_file)
coefficient_validation_sets: List[CoefficientValidationSet] = []
for coefficient_validation_set in self.coefficient_validation_sets:
set_name = COEFFICIENT_PREFIX + coefficient_validation_set.owner_id
coefficient_validation_set_from_file = (
CoefficientValidationSet.from_json_file(
set_name, COEFFICIENTS_DIR))
self.assertEqual(coefficient_validation_set,
coefficient_validation_set_from_file)
def _assert_message(self,
name: str,
message: str,
condition: Union[Callable, bool] = True) -> None:
if callable(condition):
result = condition()
else:
result = condition
print(f"{name}: {message}: {result}")
self.assertTrue(result)
def generate(
self,
number_of_ballots: int = DEFAULT_NUMBER_OF_BALLOTS,
cast_spoil_ratio: int = CAST_SPOIL_RATIO,
):
"""
Generate the sample data set
"""
# Clear the results directory
rmtree(RESULTS_DIR, ignore_errors=True)
# Configure the election
(
public_data,
private_data,
) = self.election_factory.get_hamilton_election_with_encryption_context(
)
plaintext_ballots = self.ballot_factory.generate_fake_plaintext_ballots_for_election(
public_data.metadata, number_of_ballots)
self.encrypter = EncryptionMediator(public_data.metadata,
public_data.context,
self.encryption_device)
# Encrypt some ballots
ciphertext_ballots: List[CiphertextBallot] = []
for plaintext_ballot in plaintext_ballots:
ciphertext_ballots.append(
get_optional(self.encrypter.encrypt(plaintext_ballot)))
ballot_store = BallotStore()
ballot_box = BallotBox(public_data.metadata, public_data.context,
ballot_store)
# Randomly cast/spoil the ballots
accepted_ballots: List[CiphertextAcceptedBallot] = []
for ballot in ciphertext_ballots:
if randint(0, 100) % cast_spoil_ratio == 0:
accepted_ballots.append(ballot_box.spoil(ballot))
else:
accepted_ballots.append(ballot_box.cast(ballot))
# Tally
ciphertext_tally = get_optional(
tally_ballots(ballot_store, public_data.metadata,
public_data.context))
# Decrypt
decrypter = DecryptionMediator(public_data.metadata,
public_data.context, ciphertext_tally)
for i, guardian in enumerate(private_data.guardians):
if i < QUORUM or not THRESHOLD_ONLY:
decrypter.announce(guardian)
plaintext_tally = get_optional(decrypter.get_plaintext_tally())
# Publish
publish(
public_data.description,
public_data.context,
public_data.constants,
[self.encryption_device],
accepted_ballots,
ciphertext_tally.spoiled_ballots.values(),
publish_ciphertext_tally(ciphertext_tally),
plaintext_tally,
public_data.guardians,
)
publish_private_data(plaintext_ballots, ciphertext_ballots,
private_data.guardians)
def test_tally_ballot_invalid_input_fails(
self, everything: ELECTIONS_AND_BALLOTS_TUPLE_TYPE):
# Arrange
metadata, ballots, secret_key, context = everything
# encrypt each ballot
store = BallotStore()
seed_hash = EncryptionDevice("Location").get_hash()
for ballot in ballots:
encrypted_ballot = encrypt_ballot(ballot, metadata, context,
seed_hash)
seed_hash = encrypted_ballot.tracking_hash
self.assertIsNotNone(encrypted_ballot)
# add to the ballot store
store.set(
encrypted_ballot.object_id,
from_ciphertext_ballot(encrypted_ballot, BallotBoxState.CAST),
)
subject = CiphertextTally("my-tally", metadata, context)
# act
cached_ballots = store.all()
first_ballot = cached_ballots[0]
first_ballot.state = BallotBoxState.UNKNOWN
# verify an UNKNOWN state ballot fails
self.assertIsNone(tally_ballot(first_ballot, subject))
self.assertFalse(subject.append(first_ballot))
# cast a ballot
first_ballot.state = BallotBoxState.CAST
self.assertTrue(subject.append(first_ballot))
# try to append a spoiled ballot
first_ballot.state = BallotBoxState.SPOILED
self.assertFalse(subject.append(first_ballot))
# Verify accumulation fails if the selection collection is empty
if first_ballot.state == BallotBoxState.CAST:
self.assertFalse(
subject.cast[first_ballot.object_id].elgamal_accumulate([]))
# pop the cast ballot
subject._cast_ballot_ids.pop()
# reset to cast
first_ballot.state = BallotBoxState.CAST
self.assertTrue(
self._cannot_erroneously_mutate_state(subject, first_ballot,
BallotBoxState.CAST))
self.assertTrue(
self._cannot_erroneously_mutate_state(subject, first_ballot,
BallotBoxState.SPOILED))
self.assertTrue(
self._cannot_erroneously_mutate_state(subject, first_ballot,
BallotBoxState.UNKNOWN))
# verify a spoiled ballot cannot be added twice
first_ballot.state = BallotBoxState.SPOILED
self.assertTrue(subject.append(first_ballot))
self.assertFalse(subject.append(first_ballot))
# verify an already spoiled ballot cannot be cast
first_ballot.state = BallotBoxState.CAST
self.assertFalse(subject.append(first_ballot))
# pop the spoiled ballot
subject.spoiled_ballots.pop(first_ballot.object_id)
# verify a cast ballot cannot be added twice
first_ballot.state = BallotBoxState.CAST
self.assertTrue(subject.append(first_ballot))
self.assertFalse(subject.append(first_ballot))
# verify an already cast ballot cannot be spoiled
first_ballot.state = BallotBoxState.SPOILED
self.assertFalse(subject.append(first_ballot))
