Is is possible to use blinding (or other protocols) so that all votes are published, you can check that your vote is in there, and you (or anyone) can run the maths and verify the vote? Without being able to link people to votes without their consent. Currently voting is trusted because political adversaries supervise the process. Previously the mechanics were, well, mechanical, ie, open for inspection. The current genre of voting machines.. well, you know the scam. And still reliant on a few adversarial human monitors. Something like this: The day after elections a list of hex codes -votes- are published. You can find in that list the code that you received (on paper) when you voted, to verify that your vote counted. You can run an algorithm on any subset of codes, including just your own, and learn which candidate that code corresponds to. Everyone can run on the entire dataset, verifying the tally. You don't have to divulge which code is yours if you want it to remain secret. Perhaps the code could contain not only the intended vote, but a unique voter ID so that hexcodes could not be added to the dataset (cf dead people not allowed to vote except in Chicago) without setting off alarms. Perhaps anyone could verify that someone voted, or not, but could not figure who they voted for without their cooperation. Apologies if I should know this, I haven't gotten my head around all the M of N, blinding, database translucency, etc protocols.