Hybrid-Blockchain-Based Electronic Voting Machine System Embedded with Deepface, Sharding, and Post-Quantum Techniques

Abstract

The integrity of democratic processes relies on secure and reliable election systems, yet achieving this reliability is challenging. This paper introduces the Post-Quantum Secured Multiparty Computed Hierarchical Authoritative Consensus Blockchain (PQMPCHAC-Bchain), a novel e-voting system designed to overcome the limitations of current Biometric Electronic Voting Machine (EVM) systems, which suffer from trust issues due to closed-source designs, cyber vulnerabilities, and regulatory concerns. Our primary objective is to develop a robust, scalable, and secure e-voting framework that enhances transparency and trust in electoral outcomes. Key contributions include integrating hierarchical authorization and access control with a novel consensus mechanism for proper electoral governance. We implement blockchain sharding techniques to improve scalability and propose a multiparty computed token generation system to prevent fraudulent voting and secure voter privacy. Post-quantum cryptography is incorporated to safeguard against potential quantum computing threats, future-proofing the system. Additionally, we enhance authentication through a deep learning-based face verification model for biometric validation. Our performance analysis indicates that the PQMPCHAC-Bchain e-voting system offers a promising solution for secure elections. By addressing critical aspects of security, scalability, and trust, our proposed system aims to advance the field of electronic voting. This research contributes to ongoing efforts to strengthen the integrity of democratic processes through technological innovation.

1. Introduction

An election system is a crucial part of democracy and a catalyst for the progression of a country. Conducting a fair and equitable election in a country in which democracy has not yet been firmly established poses significant challenges, particularly in the absence of a reliable voting system [1]. The vulnerability of paper-based voting systems to tampering and fraud by influential groups or individuals poses a significant threat. Newer Electronic Voting Machines (EVMs) that use biometrics have addressed some of these concerns. However, they often operate as “black boxes”, meaning that voters cannot accurately verify their votes. This lack of transparency undermines trust in the voting process. Furthermore, current EVM voting systems are prone to manipulation by a single authority [1].

In response to this issue, researchers have turned their attention to emerging technologies, such as blockchain, as a potential way to enhance transparency and security in voting systems. Blockchain [2] is a distributed, immutable, and tamper-resistant public ledger that offers several important characteristics. Notably, one of its key features is immutability, which ensures that once data are recorded on the blockchain, they cannot be altered or deleted. This is achieved by requiring each generated block to include the digest of the previous block, forming an unbreakable chain that guarantees the integrity and permanence of the blockchain. Any attempt to tamper with existing blocks disrupts the integrity of the chain, rendering the blockchain obsolete and unreliable [3].

To operate a blockchain, an authoritative consensus is essential, and it is one of the most critical features of this technology. In many countries, electoral systems are legally required to enforce specific regulations to prevent unauthorized activities and misconduct during elections. But consensus mechanisms that are specially designed to manage cryptocurrency operation or general-purpose blockchain are just too unsophisticated to handle the complex permission and access systems required for electoral processes [4].

Therefore, this paper proposes a consensus mechanism that employs a controlled level of authority, akin to an authorized block, to include or exclude specific entities based on their authorized permissions within the electoral system. This approach ensures transparency, ballot integrity, and immutability while maintaining necessary regulation without granting any entity excessive or unconventional permissions.

Blockchain technology, due to its transparency, is considered a promising tool for implementing modern and innovative voting processes [5,6]. However, scalability and performance are significant concerns in existing proposed blockchain-based e-voting systems. To address this issue, researchers have explored sharding techniques, such as  [7,8], which involve partitioning the blockchain into smaller shards. Nevertheless, most of their proposed methods uses shuffle sharding that involves selecting shards and nodes randomly, failing to create data-contracted shards and introducing new latency-related issues discussed in Section 2.3. In our study, we adopt a category-based sharding approach, in which the blockchain is divided into shards based on the category or type of data stored.

Moreover, preserving the confidentiality of voter privacy while maintaining transparency in a blockchain is crucial. Several studies have employed various encryption techniques to ensure user privacy. Some proposals involve using a third-party server for verification, while others suggest storing voter information directly on the blockchain to validate voter identity. However, using a third-party server does not provide adequate security and immutability, and storing voter information on the blockchain can potentially breach voter privacy and anonymity [9,10,11,12].

As a solution, we propose a novel multiparty computed [13] token generation system that enables secure voter verification, checks for fraudulent and double votes, and keeps voter identities anonymous. For verification, it uses zero-knowledge proofs, where the system validates against the securely generated token instead of directly validating the voter. In our work, we adopt post-quantum secured asymmetric cryptography. This encryption algorithm can provide security from attacks not only by general computers but also by quantum computers [14].

Furthermore, tackling fraudulent voting is another challenge in electronic voting systems. As an extra layer of security, we have adopted biometric AI face verification, also known as DeepFace, which is a deep learning facial recognition system. This method employs a convolutional neural network architecture to identify faces in digital images with high accuracy [15,16]. By implementing these features, our proposed system aims to provide a secure, transparent, and efficient electronic voting process.

The contributions of this study are summarized as follows.

• To address the limitations of existing consensus mechanisms, this research proposes a novel hybrid consensus model (HAC) that provides the controlled level of permission and access required for the electoral process.
• The proposed category-based novel sharding mechanism leverages the inherent discrete nature of election data, such as divisions by polling station and election area. This significantly enhances the e-voting system’s scalability and data concentration compared to existing sharding mechanisms for e-voting.
• We incorporate post-quantum cryptography and perform a comprehensive analysis of Dilithium 2- and Dilithium 3-based implementations compared to Ed25519-based blockchains. This analysis aims to determine whether post-quantum asymmetric cryptography can be a viable alternative to traditional cryptography.
• As an extra layer of security to prevent fraudulent voting, we incorporated DeepFace to enhance the scalability, security, and performance of the system.
• We propose a novel multiparty computation (MPC) protocol to generate a secure and verifiable token for each voter. For verification, it uses zero-knowledge proofs, where the system validates against the securely generated token instead of directly validating the voter. This solves coerced and double voting while protecting their identity.
• Finally, we conduct a performance analysis using synthetic election data similar to real-world data, and the results are promising. Our findings demonstrate that the proposed system can potentially handle large-scale elections without sacrificing security or performance.

Our research makes several contributions to the domains of e-voting and blockchains. We propose a novel hybrid consensus model called Hierarchical Authoritative Consensus (HAC) along with the integration of sharding, post-quantum cryptography, and deep learning facial recognition models. This study aims to enhance the security, scalability, and efficiency of e-voting systems based on blockchain technology.

The remainder of this paper is organized as follows. In Section 2, we review past research on blockchain-based e-voting systems and highlight major deployment challenges. Section 3 introduces our e-voting system and its objectives. Section 4 details our hybrid consensus model and its design. Section 5 describes the implementation of the blockchain system, including the block structure and pseudocode. Section 6 evaluates the system performance and compares it with other technologies. Section 7 analyzes the system security and potential vulnerabilities. Finally, Section 8 concludes the paper.

2. Related Work

In this section, we introduce previous work related to this research in the context of blockchain-based e-voting systems and consider three significant issues associated with this research: security, consensus and verification, and sharding.

2.1. Previous Work

Many previous studies have attempted to develop protocols for blockchain-based e-voting systems and create incentive schemes for cryptocurrencies. Our work is motivated by recent advances [12,17,18,19].

Kevin et al. [12] discussed blockchain voting, highlighting its elimination of central authority and enabling of vote verification by anyone. They suggested Hyperledger Fabric as a viable blockchain solution. Das et al. [17] proposed a blockchain-based voting system integrated with face recognition. However, their method and others have limitations, including scalability and extensive computational requirements. Additionally, their use of an msp system to validate voters undermines privacy, and the Raft consensus mechanism used by their system is not feasible for electoral system permissions and access. Khoury et al. [18] proposed a decentralized trustless voting platform using Ethereum and mobile numbers to register each voter in the system. Hasan et al. [20] also proposed an Ethereum-based voting system using smart contracts. Neloy et al. [10] suggested an Ethereum network-based system with user verification via Metamask wallet, face recognition, and deepface analysis. Singh et al. [21] proposed a system using unique identification like Aadhar Card numbers or OTPs for authentication and Ethereum blockchain, integrating with traditional Electronic Voting Machines. Although researchers from [10,17,18,20,21] proposed Ethereum-blockchain-based e-voting systems aiming for secure voting, performance and scalability issues were not adequately addressed. Many of these proposals use OTPs or third-party servers, which do not provide adequate security and immutability. Additionally, storing voters’ unique identifiers on solidity smart contracts can potentially breach voter privacy and anonymity. Neloy et al. [10] efficiently utilized solidity smart contracts to reduce transaction costs, but relying on an Ethereum-based network could lead to centralization and high gas costs for large-scale elections. Yousif et al. [9] proposed a hybrid blockchain (PSC-Bchain) combining Proof of Credibility and Proof of Stake to address energy consumption and scalability issues in blockchain-based e-voting systems. They employed Ethereum smart contracts and a sharding mechanism to enhance security and performance. However, this approach introduces additional computational complexity and increased gas fees. Moreover, their approach does not fully address voter privacy, as it uses a third-party server called a managed server to store node and voter information. This poses a severe risk to system integrity and voter privacy, as the data stored on the managed server are not part of an immutable ledger. Additionally, their proposal does not adequately address the potential risk of single points of failure that could occur from this server.

2.2. Consensus and Verification

Li et al. [22] proposed a consensus algorithm, POV, for decentralized arbitration through voting. POV theoretically achieves transaction finality with one confirmation. However, the study lacks experimental evaluation, and multilevel access control is unclear. Wang et al. [19] introduced CW-DPoS, a strategy to improve node activity and fairness in the DPoS consensus algorithm, resulting in performance enhancements. However, security risks and real-world election complexities are not addressed. Yuanyuan et al. [23] proposed DT-DPoS, enhancing the DPoS consensus algorithm’s security and scalability with an Eigen Trust model and ring signatures against DoS and collusion attacks. A theoretical analysis supported its effectiveness.

2.3. Sharding

Sharding enhances blockchain scalability by dividing it into smaller, independent pieces called shards. These shards process transactions simultaneously, enabling parallel processing and boosting throughput  [24]. Tao et al. [25] proposed a new distributed and dynamic sharding system to significantly increase the throughput of smart-contract-based blockchain systems while minimizing cross-shard communication. The proposed algorithms were analyzed using a game-theoretic approach. Ren et al. [26] analyzed the high cost of cross-shard transactions and found that most Bitcoin transactions have simple dependencies and can become single shards with a dependency-aware placement algorithm.

Sharding methods such as those proposed by Tao et al.  [25] and Ren et al. [26] focus on minimizing cross-shard communication and managing transaction dependencies, which are effective for general transactions but fall short in handling the complex permissions and strict regulatory requirements of e-voting. The lack of data concentration in these methods can lead to latency issues and inefficiencies in processing election data, which are often divided by polling station, area, and election category.

Li et al.  [27] A sharding-based blockchain breaks shard isolation by managing state and logic storage and smart contract execution. Nodes share contract logic, while shards store distinct states. A cross-shard consensus algorithm ensures transaction security and efficiency. Wang et al.  [28] proposed a distributed blockchain storage scheme using sharding and secret-sharing without a trusted third party. It reduces storage and communication costs with polynomial commitment and homomorphic properties. Yousif et al. [9] proposed sharding in an e-voting system, demonstrating improvements over non-sharding techniques. However, their model assigns nodes randomly to shards using a Verifiable Random Function (VRF) and Verifiable Delay Function (VDF), failing to leverage the inherent discrete categorical nature of election data. Such data can be divided by polling station, area, and election category.

2.4. Post-Quantum Cryptography

Li and his companions [29] proposed a new lattice-based signature scheme based on the Short Integer Solution (SIS) problem. In addition, its efficacy against the Shor and Grover algorithms was analyzed. Y. Gao et al. [30] proposed a secure cryptocurrency scheme based on PQB to resist quantum computing attacks. In addition, the improved correctness and unforgeability of the signature under the lattice SIS assumption were analyzed. Li et al. [31], as mentioned in this paper, proposed a post-quantum blockchain with a segregation witness, increasing signature proportions in block size based on SIS hardness. They also studied post-quantum crypto-systems and their challenges for blockchain and DLT application. Ref. [32] proposed a layer-two solution for secure blockchain node communication and introduced post-quantum key transactions. Sun et al. [33] proposed a quantum-blockchain-based voting protocol using cryptographic primitives and a quantum Byzantine agreement for consensus.

The existing proposed systems, while advancing post-quantum security, tend to prioritize cryptographic hardness and resistance to quantum attacks. However, they may fall short in addressing the unique and critical needs of e-voting systems, such as efficiency, scalability, data management, voter privacy, and the ability to handle complex, real-time election data securely and transparently.

2.5. Deepface

Deepface [34] is a deep learning system used for face recognition and authentication. Blockchain enhances security and tamper-proof nature by storing face images, providing secure and accessible large-scale face data storage  [35]. Deep learning parallelization enhances face recognition accuracy and efficiency by converting facial features into binary hash codes for faster recognition [36].

2.6. Problem Formulation

After analyzing the related work on blockchain-based e-voting, consensus, post-quantum cryptography, and DeepFace in blockchain-based e-voting systems, here are the formulated problems and challenges we need to address in the proposed system:

• Many e-voting systems rely on third-party blockchain systems like Bitcoin and Ethereum. However, the gas fees or transaction costs may become infeasible for hosting large-scale, nationwide elections.
• Consensus mechanisms are one of the most critical features of blockchain and decentralized networks. Most existing blockchain EVM systems use consensus mechanisms designed for managing cryptocurrency operations. These general-purpose blockchains do not provide the required various levels of access and control for different entities, and they fail to meet legally required regulations to prevent unauthorized activities.
• Existing systems rely on third-party wallets and managed servers for voter validation, potentially compromising system integrity and voter privacy, as data stored on these servers are not part of an immutable ledger. Moreover, single-entity management introduces single points of failure. To address these issues, a secure voter validation system is required, one that references the distributed ledger, protects voter privacy, and employs a multiparty security model.
• In the age of quantum computing, traditional asymmetric encryption can be broken via quantum computers using algorithms like Shor’s and Grover’s. We need our system to be a deterrent against such attacks.
• Existing blockchain sharding approaches like VRF and VRD have failed to utilize the discrete categorical nature of election data and failed to create data-concentrated shards. E-voting systems require a high level of data concentration and integrity, which is often not achievable by the random sharding approach.
• We need a way to prevent identity theft, impersonation, or other fraudulent activities. Biometric facial recognition adds an extra layer of security by ensuring that the person casting the vote matches the registered voter’s identity.

To address the challenges in election systems, this study proposes a Post-quantum Secured Multiparty Computed Hierarchical Authoritative Consensus Blockchain (PQMPCHAC-Bchain) to make a secure, transparent, and scalable e-voting system, eliminating doubts about election outcomes and ensuring a fair and accurate voting process.

2.7. Comparative Analysis of Existing Methods and Proposed Approach

In this section, we present a comparative analysis with existing e-voting systems to highlight the novelty and advantages of our proposed approach. This analysis focuses on key features such as consensus mechanisms, performance, sharding, MPC token generation systems, post-quantum cryptography, immutable zk-voter verification, block modularity, access and control, single points of failure, and limitations, as shown in

Table 1. Comparative analysis of existing methods and our proposed approach.

Features	Previous Study [10]	Previous Study [9]	Previous Study [20]	Previous Study [37]	Our Proposed
Consensus Mechanism	PoS	PoS & PoC	PoS	PBFT	HAC Hybrid Consensus
Performance	25 TPS	25 TPS	25 TPS	–	181 TPS
Sharding	VRD (Random)	No	No	No	Category-based Sharding
Shard Data Concentration	Low	N/A	N/A	N/A	High
MPC Token Generation System	No	No	No	No	Yes
Post Quantum Cryptography	No	No	No	No	Dilithium
Immutable zk-voter Verification	No	No	No	No	Yes
Block Modularity	No	No	No	No	Yes
Single Point of Failure	Potentially	Potentially	Yes	Yes	No
Access & Control	Hybrid	Public	Public	Public	Hierarchical Layer-Based Access & Control
Limitations	Sharding, Compatibility	VRD Sharding & Complexity	Privacy, Managed Server	Latency	None

.

The comparison demonstrates how our proposed method addresses the shortcomings of previous studies and offers significant improvements in various aspects. More comparisons on various requirements can be found in Section 7.3.

3. Hybrid Consensus Model

This paper presents a novel approach to consensus called the Hierarchical Authoritative Consensus (HAC) model. In this section, we discuss the details of the proposed hybrid consensus model and provide a clear perspective of its design. The consensus model integrates a dependable signing mechanism that ensures the authenticity of each participant involved in voting. This feature is crucial for maintaining the system’s integrity. Furthermore, our hybrid consensus model employs a hierarchical authorization and access-control system. This innovative approach allows us to capitalize on the beneficial features of both public and private blockchains while simultaneously mitigating their drawbacks. This balance contributes significantly to the efficiency and security of the consensus model.

3.1. Structure of the Blockchain Network in the Framework

The current structure of e-voting systems presents numerous challenges related to credibility and verification, and this study aims to identify and address these by proposing the PQMPCHAC-Bchain model, designed to be compatible with the existing electoral system while enhancing its security, transparency, reliability, and integrity.

To achieve this, the architecture of a blockchain network for voting applications must be defined. In our proposed model, each entity involved in the voting process is authorized by a higher authority. This hierarchical authorization and predefined access control ensure that each entity has the necessary permissions to facilitate hybrid consensus and e-voting functionality. By implementing the PQMPCHAC-Bchain model, we can address the challenges presented by the existing e-voting system structure and improve the overall electoral process.

The proposed model in Figure 1 features multilevel access and authorization in its consensus mechanism, with each voting process entity having predefined access and a specific role within the blockchain. The hybrid blockchain system proposed differs from combining two separate blockchains, using a single blockchain with hierarchical and separate layers for permission and access based on the user within the consensus mechanism. This approach offers the benefits of public and private chains without compromising security. By maintaining sensitive election authoritative access and control of the public network, the model ensures secure, fair voting as per law regulations while preserving the transparency and accountability of a public blockchain by sharing all ledgers publicly. Operating on a public network also ensures greater immutability.

• Public Layer: Open to everyone, allowing data transfer and value observation. Anyone can join, read, and monitor transactions, but adding new or appended data is restricted.
• Private Layer: Accessible only to authorized entities like polling officers, enabling them to validate new blocks using encryption and access controls.
• Administration Layer: Manages blockchain validators, allowing administrators to assign/remove validators, publish results, and halt elections in emergencies, ensuring integrity and security.
• Election Management Layer: Oversees the election process, enabling election creation, administrator assignment/removal, and emergency actions like halting or reorganizing elections to safeguard integrity and security.

Overall, this approach enhances the security and reliability of e-voting systems by combining the advantages of public and private blockchains while addressing their respective limitations. By implementing hierarchical and separate layers for permission and access, we can ensure that sensitive information remains confidential while maintaining the transparency and accountability of the voting process.

3.2. Comparison with Other Consensus Mechanisms

To better understand the advantages of our proposed HAC model, we compare it with other popular consensus mechanisms:

• Proof of Work (PoW): Used by Bitcoin, PoW requires miners to solve complex mathematical puzzles to validate transactions. While it is secure, it is energy-intensive and slow.
• Proof of Stake (PoS): Used by Ethereum 2.0, PoS selects validators based on their staked cryptocurrency. It is more energy-efficient than PoW but can lead to centralization if large stakeholders control the network.
• Practical Byzantine Fault Tolerance (PBFT): Used by Hyperledger Fabric, PBFT ensures consensus through a voting process among nodes. It is efficient but can be slow with a large number of nodes.
• Delegated Proof of Stake (DPoS): Used by EOS, DPoS allows token holders to elect delegates who validate transactions. It is fast and scalable but can lead to centralization if a small number of delegates control the network.

Table 2. Comparison of consensus mechanisms.

Consensus Mechanism	Energy Efficiency	Scalability	Security	Decentralization
PoW	Low	Low	High	High
PoS	High	Medium	High	Medium
PBFT	Medium	Low	High	Medium
DPoS	High	High	Medium	Low
PQMPCHAC	High	High	High	High

summarizes the comparison of these consensus mechanisms.

The HAC model combines the best features of these consensus mechanisms while addressing their limitations. It is energy-efficient, scalable, secure, and decentralized, making it suitable for e-voting systems.

3.3. Real-Life Hybrid Consensus Model

Figure 1 illustrates our multi-layer hybrid consensus mechanism, which utilizes multiple layers of nodes to ensure fair and accurate voting. Our system features threshold cryptography and distributed authorization power, mitigating the risks of single-point failures and enhancing security over the network, thereby improving voters’ trust and confidence in the election process.

An ideal example of how the HAC mechanism can be utilized in an e-voting scenario is as follows:

• Layer 1: Holds significant power, managing election administrators/returning officers in layer 2, and can suspend, halt, or reorganize elections in emergencies.
• Layer 2: Multiple returning officers/election administrators assign/remove block validators in layer 3 and participate in token generation.
• Layer 3: Multiple polling officer nodes ensure proper voter identification, accurate vote recording, block generation, validation, and propagation and contribute to token generation.
• Layer 4: Public layer with open access for block verification, promoting transparency and accountability. Public nodes cannot validate blocks but can access all network blocks.

In the HAC model, votes are recorded in blocks and authorized by trusted validators from the third layer, ensuring that only valid votes are counted. To enhance transparency and accountability, a trusted signing mechanism traces each vote to its validator, allowing every public node to confirm the authenticity and accuracy of each vote. This ensures a fair and transparent election process, with the mechanism adaptable to various election requirements through additional layers and permission/access variations.

3.4. Method for Verifying the Credibility of a Block

Maintaining block credibility is vital in decentralized and secure blockchain networks. In our proposed HAC mechanism, blocks require multiple authorization levels due to its layered permission and access structure. All nodes have secret public–private key sets, while authorized nodes from layers 1, 2, and 3 share their public keys with public nodes for block verification. Public nodes obtain these keys from trusted sources like the decentralized KMS server, Election Commission server, or other trusted network nodes.

Before accepting blocks, each node verifies every section, including the corresponding public key. Malicious nodes attempting to tamper with blockchain data are detected and isolated, ensuring network integrity and security. The HAC hybrid consensus model validates each block per layer and ensures public verifiability of each block section, fostering multiparty confidence and enabling voter verification from the public layer.

4. The Proposed Blockchain-Based E-Voting System

Our proposed voting system is designed to ensure a secure and fair election process. It encompasses several key features such as decentralization, security, cost-effectiveness, voter verifiability, auditability, anonymity, fairness, and ease of use. These features guarantee that all voters have an equal opportunity to cast their ballots, which are then accurately and securely counted. To verify each voter’s information, we use biometric and facial recognition systems. These systems authenticate user information retrieved from the National Identification Database (NID) through a secure cryptographic signature mechanism. To prevent fraud and double voting, we’ve developed a multiparty cryptographically secure token verification system. This system ensures the protection of the voter’s identity and privacy while checking whether a valid voter has already cast their vote.

The system architecture (Figure 2) consists of three main layers:

• Application Layer: Includes components like the EVM unit, Ballot unit, and Script panel.
• Network Layer: Consists of elements such as the P2P network, IoT devices, lightweight devices, and database.
• Consensus Layer: Incorporates components like the lookup table, shard management system, blockchain, Script execution, and proof of Hierarchical Access and Control (HAC) for each block.

The system is designed to accommodate real-world electoral systems, incorporating roles such as returning officers (election administrators) who oversee polling stations in specific areas. Polling officers, acting as block validators or miners, are authorized by returning officers, creating a multi-layer system of permission and access. This structure ensures the integrity and security of the voting process, establish voter trust and confidence. The following section discusses various users and their roles in the electronic voting system.

4.1. Roles of Participants

To organize a national-level presidential election, certain rules and regulations must be enforced. Here is a basic roadmap outlining how various entities can interact, participate, and fulfill their roles and duties in a blockchain-based e-voting system to ensure compliance with electoral regulations.

• Election Commission (EC): The EC is a powerful entity that oversees the election process. They can assign or remove election administrators, suspend or halt elections, and reorganize elections in the case of emergencies or corruption. The EC can be composed of multiple entities to reduce the risk of a single point of failure, and we have used threshold cryptography to provide more robust security over the system.
• Returning Officer (RO): The RO assigns or removes block validators (e.g., polling officers), participates in token generation, and oversees elections in their authorized areas, ensuring compliance with rules and regulations.
• Polling Officer (PO): The PO is responsible for accurate voter identification, recording votes, and maintaining ballot records, effectively making them block validators or miners in the system.
• Candidate: A candidate is a person seeking election to a position of authority.
• Voter: A voter is a registered individual who can cast a vote for their chosen candidate. Upon successfully casting their vote, they receive a secret token to verify if their vote has been accurately stored in the system.

4.2. Entities

In a real-world scenario, an election needs to be supported by multiple external entities such as the National Identity card system (NID), NID server, blockchain network, scripting mechanism, key management server, and token verification. Some of these entities are briefly described below.

• NID system: A unique government-issued ID for each voter is essential to perform election tasks accurately and prevent fraudulent or double voting. The NID server securely manages voter information, participates in token generation, and uses cryptographic signatures to prevent data tampering, ensuring accurate voting.
• Blockchain Scripting: A transparent and efficient scripting mechanism enables predefined operations for authorized personnel, ensuring fair elections and surpassing smart contracts in speed and security.
• Multiparty Token Generation System: A secure multiparty computation system generates unique tokens for voters to cast, preventing double voting and protecting voter identity.

4.3. System Design

To ensure the smooth functioning of the main voting system, a backend server acts as the primary controller for most functions. Specifically, a local copy of the blockchain or its shards is stored in a key-value pair database, called LevelDB, on the backend server. This server, built on Gin, a web framework written in Go, manages the local database, communicates with the blockchain network, and connects with a decentralized key management server (KMS). Moreover, the server handles communication with the NID server, block generation, token generation, and script execution mechanisms. To provide a clearer understanding of the system, a detailed overview is presented in Figure 3.

4.3.1. Initialization Phase

Before being deployed for an election, our system must undergo several preprocessing steps. These steps include retrieving various public keys from the KMS server, initiating a connection between the NID server and relevant nodes, and retrieving the election configuration, voter list, candidate list, and all required commands with proof. After retrieving and validating all the required data and scripts, the EVM system executes all scripts and updates the system accordingly.

4.3.2. Registration Phase

Before being deployed for an election, our system must undergo several preprocessing steps. These steps include retrieving various public keys from the KMS server, initiating a connection between the NID server and relevant nodes, and retrieving the election configuration, voter list, candidate list, and all required commands with proof. After retrieving and validating all the required data and scripts, the EVM system executes all scripts and updates the system accordingly. Users must register with their NID, institutional ID, public key, and unique Digital ID for the hierarchical-layer-based consensus mechanism. Registration includes real-time deep learning face recognition and verification for participant identification in blockchain scripting commands.

• Returning Officer (RO): An administrator overseeing a specific area and its polling stations, assigned by the Election Commission (EC). ROs register with credentials and can access their panels to create and publish commands in the script stack to manage the election process.
• Polling Officer (PO): A person appointed by the RO to oversee the voting process at a polling station. A PO registers with their credentials and can access their panel to activate the voting machine and ensure a secure and orderly voting process for all eligible voters.
• Voter: An individual eligible to vote in an election. Voters register their information, pictures, and biometrics, which are stored in the NID server. They have a smart NID card containing their NID number, photos, and biometrics to verify their identity at the polling station.

DeepFace Algorithm: The face recognition feature is an additional layer of authentication in the system, and it is used to verify users before they can access their respective systems as shown in Figure 4 with an algorithm. The system is built using DeepFace, a face recognition and facial attribute analysis library for Python, OpenCV, and TensorFlow.

After conducting rigorous tests, we determined the threshold to be approximately 0.10, as it showed optimal performance in face recognition and facial attribute analysis. Algorithm 1 shows the use of face recognition using the DeepFace package. KnownIMG is the known image obtained from the system database, and UnknownIMG is the image clicked through the system. “R” is the details of the face match records between two different images, and “d” is the distance of difference.

Algorithm 1 Proposed face recognition algorithm using DeepFace package

1: function VerifyFace($VoterNid,BiometricData$) 2:     $KnownIMG\leftarrow \mathrm{import}\mathrm{image}\mathrm{from}\mathrm{database}\mathrm{using}VoterNid$ 3:     $UnknownIMG\leftarrow \mathrm{import}\mathrm{recently}\mathrm{clicked}\mathrm{image}\mathrm{from}BiometricData$ 4:     $R\leftarrow \mathrm{DeepFace}.\mathrm{verify}(\mathrm{KnownIMG},\mathrm{UnknownIMG})$ 5:     return $R.dist\le 0.10$ 6: end function

4.3.3. Blockchain Command (Scripting System)

Smart contracts are self-executing digital agreements that utilize computer codes to enforce the terms of an agreement without intermediaries. However, smart contracts face issues such as coding vulnerabilities, complex designs, high power consumption, high transaction costs, reliance on external data, and excessive user authority. Regulatory uncertainty and a lack of confidential execution make them incompatible with electoral rules in many countries [38]. This study proposes a stack-based scripting mechanism that is compatible with the existing regulatory system, is simpler, and provides users with a controlled level of access and permission with less computational overhead. As shown in Figure 5, this scripting command allows the Election Commission and Returning Officer to have appropriate control over the blockchain and the panel to perform their duties.

4.3.4. Authorization and Verification Process

In order to maintain the security and authenticity of each record in the blockchain, such as a “polling officer” record, certain fields like name, ID, designation, assigned polling station, and Digital ID are hashed to create a unique digest of the record. This digest is then signed by an authorized entity, such as a returning officer, using its private key to generate a verifiable certificate as proof of authenticity. This digest can also be used by the returning officer to create a command on the blockchain, authorizing the individual as a polling officer. Moreover, the record verification process involves the use of an authorized entity’s public key to decrypt the signature. Successful decryption confirms the authenticity and integrity of the record, as shown in Figure 6. This verification process is essential for ensuring transparent verification and preventing fraud in blockchain systems.

Authorization algorithm: In our layer-based hierarchical consensus system, we often need to obtain authorization from a higher level before authorizing a lower-level entity. To support this bureaucratic system, we have implemented an authorization algorithm.

A detailed algorithmic representation of the peer-routing algorithm is provided in Appendix C.4 of Appendix C.

4.3.5. Peer Routing Algorithm

Peer routing is a key process for discovering nodes within a network and building a decentralized structure. A detailed algorithmic representation of the peer-routing algorithm shown in Algorithm 2.

Algorithm 2 Peer Routing Algorithm

1: $bit\leftarrow \mathrm{getLatestBlock}\left(\right)$  2: $cfg\leftarrow \mathrm{getConfig}\left(\right)$  3: $host\leftarrow \mathrm{makeNodeHost}\left(\mathrm{cfg}\right)$  4: $kademliaDHT\leftarrow \mathrm{dht}.\mathrm{New}(\mathrm{ctx},\mathrm{host})$  5: $kademliaDHT.\mathrm{Bootstrap}\left(\mathrm{ctx}\right)$  6: for $peerAddr$ in $cfg.\mathrm{BootstrapPeers}$ do  7:     $peer\leftarrow \mathrm{peerChan}\left(\right)$  8:     if error in $host.\mathrm{Connect}(\mathrm{ctx},\mathrm{peer})\mathbf{then}$  9:          print “Connection failed: <error message>” 10:        continue 11:     end if 12:     if $host.\mathrm{SendBlockData}(\mathrm{bit},\mathrm{peer})\mathrm{is}\mathrm{successful}$ then 13:         print “Connected to: <peer>” 14:         $host.\mathrm{Peerstore}\left(\right).\mathrm{AddAddrs}(\mathrm{peer}.\mathrm{ID},\mathrm{peer}.\mathrm{Addrs},\mathrm{peerstore}.\mathrm{PermanentAddrTTL})$ 15:     else 16:         print “Connection failed” 17:     end if 18: end for

4.3.6. Election Process

To ensure the integrity of the election, only authorized individuals such as election administrators or returning officers can create polls. They use their private keys to sign the poll data, which is then added to the poll script published on the blockchain network. This script contains all the necessary information to verify the authenticity of the poll, including the returning officer’s identity, polling station details, candidate details, and election time. Any computer in the network can verify the signature and script to ensure that the poll is valid. Once a poll is created, it can start, and polling officers can begin their work. The poll data are stored on the blockchain in a way that cannot be altered, giving voters confidence that their votes are being counted correctly and that the election results are accurate.

Voters present their smart NID cards to the polling officer, who scans them and verifies voter information, shown in Figure 7. Biometric facial recognition further authenticates voters against the NID database before proceeding with the blockchain-based election.

A unique token is generated for each voter to ensure one-time participation. The system verifies whether the tokens have been used previously. Otherwise, the ballot is activated, allowing the voter to vote. After the voter casts a vote, it is encrypted and stored in a block on the blockchain network. A receipt is provided to the voter. This ensures that votes are secure and that election results are accurate. As shown in Figure 8, the voting process is automated and transparent. Voters can verify that their votes have been cast and counted accurately by checking the blockchain. This process enhances the security and transparency of the election, thereby increasing public trust in the electoral system.

Proposed Vote Casting Algorithm: The algorithm for casting votes is illustrated in Algorithm 3. To cast a vote, a voter is required to provide his or her NID number and biometric information. Next, this information is sent to the NID server, which can verify the voter’s identity. If the verification is successful, the server provides the voter with a unique token that they can use to cast their vote.

Algorithm 3 Proposed Vote Casting Algorithm

1: Declare a block  2: $Block\leftarrow \mathrm{new}\mathrm{BlockStruct}$  3: Get voter information  4: function GetVoter($VoterNid,BiometricData$)  5:     $VoterStruct\leftarrow NID,Name,PSCODE,Address,AvatarDigest,Signature$  6:     return $VoterStruct$  7: end function  8: CheckVoter  9: function CheckVoter($NID,Name,PSCODE,Address,AvatarDigest,Signature$) 10:     $digest\leftarrow Hash(NID,Name,PSCODE,Address,AvatarDigest)$ 11:     if Check(Signature, publicKey, digest) ≠ true then 12:         return Invalid 13:     end if 14:     if $digest\notin ApprovedVoterList$ then 15:         return Invalid 16:     end if 17:     $token\leftarrow Hash(Rsig\_seed+Psig\_seed+EID+VoterStruct.digest+Rnd(\left)\right)$ 18:     if $token$ exists in $spendedVoters$ then 19:         return DoubleVote 20:     end if 21:     return ValidVoter 22: end function 23: Getting Vote from Ballot unit 24: $Block.vote\leftarrow \mathrm{GetVote}(seed,keyp,Randp)$ 25: Sign the block 26: $BlockDigest\leftarrow \mathrm{generateBlockSignature}\left(Block\right)$ 27: $Block.Signature\leftarrow \mathrm{generateBlockSignature}(BlockDigest,Privatekey)$ 28: Append Block to The chain 29: $Nextblock\leftarrow \dots$                                                   ▹ Next block in the chain

Ballot Tallying: After the election, votes are tallied using cryptographic proofs, ensuring only valid votes are counted. All the pertinent election data, including cryptographic proof, random functions, and encryption keys, are made public for everyone to check their results themselves. This open and verifiable process ensures that everyone can trust the election results. The detailed algorithmic representation of the ballot tallying is available in Algorithm 4.

Algorithm 4 Tallying Votes

1: function TallyingVotes($blockchain,CanidatelistVotes$)  2:     $votes\leftarrow \mathrm{empty}\mathrm{map}$  3:     for each $block$ in $blockchain$ do  4:         $votes\leftarrow \mathrm{getVotesFromBlock}\left(block\right)$  5:         for each $vote$ in $votes$ do  6:             $decryptedVote\leftarrow \mathrm{decrypt}(vote,Ballotkey)$  7:             if $decryptedVote$ is in $CanidatelistVotes$ then  8:               $votes\left[decryptedVote\right]\leftarrow votes\left[decryptedVote\right]+1$  9:             end if 10:         end for 11:     end for 12:     return $votes$ 13: end function 14: function getVotesFromBlock($block$) 15:     return $block.vote$ 16: end function

4.4. Incorporating Category-Based Sharding in Blockchain Network

As blockchain networks grow, nodes struggle with data transmission, reception, management, and storage. Sharding addresses these issues by dividing the blockchain into smaller subnetworks (shards) that handle distinct data subsets. Parallel transaction processing across shards improves scalability and performance. However, sharding can introduce challenges like increased latency and reduced throughput due to cross-shard communication. To tackle these challenges, we propose category-based sharding (Figure 9). This solution groups voting data by election area and polling station, generating shards based on polling stations and categorizing them by election area shown in Figure 10. A distributed lookup table efficiently redirects requests to appropriate nodes, minimizing internode communication and enhancing data accessibility. This improves overall scalability, performance, and availability of blockchain networks, overcoming challenges introduced by traditional sharding techniques.

4.5. Incorporating Post-Quantum Asymmetric Encryption in Blockchain

To ensure transparency and secure authorization, our PQMPCHAC-Bchain model uses public key cryptography, digital certificates, and hash functions for secure authorization and transparency. However, with the advancement of quantum computing, potential attacks based on Grover’s and Shor’s algorithms pose a threat to these cryptographic systems. To address this, we implemented and tested Dilithium, a post-quantum asymmetric encryption algorithm selected by NIST for standardization, on our blockchain. We tested two versions, Dilithium2 and Dilithium3, with the latter offering higher security but slower signing speed and larger keys. Incorporating quantum-resistant cryptography ensures the long-term security and reliability of our blockchain system.

4.6. Token-Based Voter Verification System

Double voting is a serious issue in voting systems, occurring when someone votes twice in the same election, either accidentally or intentionally. To ensure a fair election, it is crucial to prevent double voting. To address this, we introduced a cryptographically secure unique token generation and verification system to defend against fraud and double-voting activities.

As shown in Figure 11, the proposed system generates a unique temporary token for each voter by using MPC. MPC is a cryptographic technique that allows multiple parties to jointly compute a token over their inputs while protecting the voter’s identity. This means that no single party can learn anything about other parties’ inputs, even if they collude. The token can only be generated using the voter’s identity and a secret key during the election, and cannot be regenerated for the same voter once the election is over. Because the token is generated using MPC, core encryption is secure even if some parties are compromised, ensuring that the voter’s privacy remains intact. For a detailed overview of the time inference logic in multi-party computation, please see Figure A25 in Appendix B. Our system provides a secure and reliable solution to prevent double voting in elections.

Figure 11 illustrates the token verification system. This method has several advantages over the traditional voting systems. First, MPC is more secure because it is using MPC to protect voter identities. Second, the process is more transparent. Thus, the uniqueness of the vote can be verified while protecting the voter information. Third, the token system is more convenient because voters can cast their votes anywhere.

Instead of directly storing or checking the voter’s identity, we verified the voter’s identity using a privacy-preserving token. This token is cryptographically linked to the voter’s identity, but cannot be traced back to the voter’s identity. We then checked this token against a list of spent tokens to ensure that the voter had not already voted. This ensures that voter’s privacy is preserved. The working procedure of this system can be found in Appendix C.1 of Appendix C for a detailed overview of the time-inference logic in multi-arty computation.

Token generation: This system enables multiple parties to collaborate in computing a function based on a voter’s unique identifier without disclosing the voter’s identity to any of the parties involved. A detailed algorithmic representation of the token generation system is available in Algorithm 5.

Algorithm 5 Formula of Token Generation

1: function SliceSecret($secret,n$)  2:     $parts\leftarrow \mathrm{empty}\mathrm{list}$  3:     $partSize\leftarrow \mathrm{length}\mathrm{of}\mathrm{secret}/n$  4:     for $i\leftarrow 0$ to n do  5:         $parts\left[i\right]\leftarrow \mathrm{secret}[\mathrm{i}*\mathrm{partSize}:(\mathrm{i}+1)*\mathrm{partSize}]$  6:     end for  7:     return $parts$  8: end function  9: function MultyPartyComputation($secret,n,seed,validTime$) 10:     $parts\leftarrow \mathrm{SliceSecret}(secret,n)$ 11:     $shares\leftarrow \mathrm{empty}\mathrm{list}$ 12:     for $i\leftarrow 0$ to n do 13:         if $validTime.\mathrm{contains}\left(Time\right(\left)\right)$ then 14:            $shares\left[i\right]\leftarrow \mathrm{parts}\left[\mathrm{i}\right]\oplus \mathrm{seed}$ 15:         else 16:            $shares\left[i\right]\leftarrow \mathrm{parts}\left[\mathrm{i}\right]\oplus 0$ 17:         end if 18:         $shares\left[i\right]\leftarrow \mathrm{Hash}\left(shares\right[i\left]\right)$ 19:         $shares\left[i\right]\leftarrow \mathrm{Sign}\left(shares\right[i],parties[i].\mathrm{privatekey})$ 20:     end for 21:     return $shares$ 22: end function 23: function MergeShares($shares,n,parties$) 24:     $token\leftarrow \mathrm{empty}\mathrm{string}$ 25:     for $i\leftarrow 0$ to n do 26:         if $Verify\left(shares\right[i].signature,parties[i].\mathrm{publickey})$ is Valid then 27:            $token\leftarrow \mathrm{token}\oplus \mathrm{shares}\left[\mathrm{i}\right]$ 28:         else 29:            return $invalid$ 30:         end if 31:     end for 32:     return $token$ 33: end function 34: function GenerateToken($secret,n,seed,validTime,privatekey,parties$) 35:     $shares\leftarrow \mathrm{MultyPartyComputation}(secret,n,seed,validTime)$ 36:     $token\leftarrow \mathrm{MergeShares}(shares,n,parties)$ 37:     $token\leftarrow \mathrm{Hash}\left(token\right)$ 38:     $token\leftarrow \mathrm{Sign}(token,privatekey)$ 39:     return $token$ 40: end function

4.7. Block Structure: A Modular Approach toward Efficiency

In the context of election data, the existing ledger structure and management system cannot fully reduce redundant data while accommodating the HAC. To address the storage capacity and layer-based authorization and verification issues in blockchain, we propose a novel modular approach. Block modularity stores data as independently verifiable modules, links them in the blockchain, stores a copy of these modules in a local database, and stores their Merkle hash in a block. We store, hash, and sign one or more fields in each record as separate units, ensuring their modularity and independent verification. An e-voting platform optimizes this modular approach by processing only the updated section and referencing previously validated data, thereby minimizing duplicate processing and reducing unnecessary verification. Figure A25 in Appendix B provides a visual representation of our block and its units. The proposed modular approach not only addresses the storage capacity issue but also enhances the layer-based authorization and verification process in blockchain.

Block Digest Generation: Each field of the block generates a hash code. We combine these hash codes to produce the digest of the entire block. During the propagation of the block, each record possesses a verifiable certificate, providing proof of authenticity. Appendix A Figure A24 provides an additional visual representation.

4.8. Voter Data Generation

To test the scalability of our proposed system, we simulated it with a large number of voters across various regions. Since our proposed system leverages the discrete nature of election data and the hierarchical structure of each electoral region, we required a substantial amount of voter and election data. However, sensitive voter datasets are scarce and often lack the necessary features we were looking for. Therefore, we had to create our own dataset targeted at Bangladesh. Using geolocation data, Bengali name datasets, and the Faker library, we generated 113,500 synthetic voter records through subsampling and combinatorial approaches. This dataset [39] closely resembles real-world voter data and includes a digest field for immutability testing and blockchain applications. The voters are well distributed across the regions, which helps in creating an ideal environment for testing and simulation, as shown in Figure 12.

5. Implementation

We built a custom blockchain-based e-voting system from scratch, without relying on existing libraries or frameworks. This approach allowed us to focus on essential features and security measures. The system comprises three main components: the Network Stack, the Execution Stack, and the Consensus Stack.

• Network Stack: This component is mainly responsible for establishing communication with various internal and external entities, such as the NID server, KMS server, MPC network, and handling peer routing for p2p tasks.
• Execution Stack: The primary role of this stack is to execute various operations, including block generation, e-voting operations, shard management, face verification, token generation, scripting execution, and more.
• Consensus Stack: This component focuses on various authorization and verification processes, including but not limited to new block verification, script verification, HAC tree verification, and malicious node isolation. Only after successful verification can data be appended to the blockchain, ensuring the integrity and security of the system.

To create a platform-neutral and extensible serialized data structure for blocks, we used protocol buffers. We also employed cryptographically secure hash functions (SHA256, Blake2b) and binary encoders (Base58) to generate secure, append-only timestamped blocks, ensuring the blockchain’s security and immutability. For asymmetric cryptography and digital signatures, we integrated Cloudflare’s CIRCL library, including algorithms like Ed25519, Dilithium2, and Dilithium3. This enhances the blockchain’s verifiability and immutability. We used the Kademlia DHT subsystem within libp2p for peer routing, ensuring efficient and secure communication between network nodes. To prevent double-spending, we implemented a secure token-based verification system using Universally Unique Identifiers (UUIDs) and zero-knowledge proofs, prioritizing transparency, privacy, and tamper-resistance. For blockchain data storage, we chose LevelDB, a fast key-value storage solution offering efficient data management. Our secure token generation system verifies whether voters have already cast ballots without revealing their identities, preventing double voting. We optimized the search process within spent tokens using a red-black tree-supported tree-set data structure. For face verification, we employed the Deepface framework, which compares facial images using Euclidean similarity metrics to determine if they belong to the same individual. We developed a backend using the GIN web framework, providing a REST API for managing requests and actions and ensuring smooth communication between system layers. Additionally, we created a user-friendly graphical user interface (GUI) frontend using Flutter, with seamless communication with the backend via REST APIs. To enhance the EVM system, we implemented an NID server using GIN and SQLite 3, providing verifiable and tamper-proof voter data, ensuring voting process integrity. The NID server demonstrates the system’s practicality and effectiveness in real-world contexts. It provides the infrastructure for verifying voter identity and maintaining voting process integrity, offering a secure, transparent, and efficient e-voting solution.

6. Performance Analysis

We conducted blockchain system experiments, focusing on block generation rate, throughput, and memory usage based on sharding, post-quantum cryptography, and block modularity. We integrated advanced post-quantum cryptographic algorithms (Dilithium-2 and Dilithium-3) with general elliptic curve cryptography for robust security. The experiments explored the benefits and challenges of sharding without block modularity, sharding with block modularity, and system performance without sharding. We also investigated the system’s behavior without sharding and block modularity. The aim was to assess the impact of sharding and block modularity on system performance and efficiency.

6.1. Experimental Setup

To evaluate the performance and effectiveness of our proposed system, we conducted a series of experiments. The experimental setup included the following components:

• Hardware: The experiments were conducted on a Desktop with AMD 5600 g processors, 8 GB of RAM, and 1 TB of SSD storage.
• Software: The backend server was built on Gin, a web framework written in Go. The blockchain network was implemented using a custom blockchain framework.
• Datasets: We generated synthetic voter data using geolocation data, Bengali name datasets, and the Faker library. The Bangladesh-Voter-Synthetic-Dataset [39] dataset included 113,500 synthetic voter records, distributed across various regions.

6.2. Experiment without Sharding and Post-Quantum

The block modularity graph (a) shows that the block modularity approach outperforms the non-modular approach in block generation time as the number of voters increases beyond 1000. This is because block modularity segments system data into smaller categories, preventing data duplication and enabling faster processing and validation of new data.

The throughput bar chart (b) illustrates that the block modularity approach surpasses the non-modular approach in network performance over time as the number of voters increases. Initially, the non-modular approach showed higher throughput, but the block modularity approach achieved 2 times of throughput compared to the non-modular approach’s for 3000 nodes.

The line graph in Figure 13a and bar chart (b) depict the block generation rate and throughput of a blockchain network with and without block modularity, respectively.

Table A1. Comparison of with block modularity and without block modularity.

With Block Modularity			Without Block Modularity
Voter	Time (s)	Throughput	Voter	Time (s)	Throughput
1	0.016	62.5	1	0.014	71.42857143
5	0.047	106.3829787	5	0.17	29.41176471
10	0.075	133.3333333	10	0.079	126.5822785
50	0.309	161.8122977	50	0.305	163.9344262
100	0.609	164.2036125	100	0.651	153.609831
500	7.22	69.25207756	500	12.476	40.07694774
1000	56.288	17.76577601	1000	64.455	15.51470018
2000	427.722	4.675934369	2000	573.184	3.489280929
3000	1434.873	2.090777372	3000	2488.459	1.205565372

in the Appendix D provides detailed experiment data.

Block modularity enables each node to process and validate only relevant blocks, while the non-modular approach duplicates all data, leading to increased memory consumption, slower block generation, and lower throughput.

Therefore, block modularity significantly improves block generation rate and throughput as the number of voters increases in a blockchain network.

6.3. Results after Adding Post-Quantum

To provide a comprehensive analysis of post-quantum cryptography, we conducted experiments on four variants of two post-quantum algorithms. Specifically, we evaluated Dilithium-2 with block modularity, Dilithium-2 without block modularity, Dilithium-3 with block modularity, and Dilithium-3 without block modularity. Furthermore, we compared these post-quantum algorithms across various criteria to gain a better understanding of their performance and effectiveness.

• First, we compared Dilithium-2 with block modularity to Dilithium-2 without block modularity. The results are shown in Appendix A.1.
• Second, we compared Dilithium-3 with block modularity to Dilithium-3 without block modularity. The results are shown in Appendix A.2.
• Third, we compared Dilithium-2 with block modularity to block modularity by itself. We also compared Dilithium-2 without block modularity to block modularity by itself. These results are shown in Appendix A.3 and Appendix A.4, respectively.
• Similarly, we compared Dilithium-3 with block modularity to block modularity by itself. We also compared Dilithium-3 without block modularity to block modularity by itself. These results are shown in Appendix A.5 and Appendix A.6, respectively.
• We compared Dilithium-2 vs. Sharding and Dilithium-3 vs Sharding.
  The results are shown in Appendix A.7.

In summary, Figure 14 and Figure 15 show that Dilithium-3 with block modularity outperformed the other algorithms in terms of block generation time and throughput.

6.4. Performance after Incorporating Sharding

Sharding is a technique in distributed systems that divides data into smaller parts for better scalability and performance. The comparison data is shown in

Table A6. Comparison between two, three, and five shards in sharding.

Sharding with Two Shards			Sharding with Three Shards			Sharding with Five Shards
Block	Time (s)	Throughput	Block	Time (s)	Throughput	Block	Time (s)	Throughput
2	0.0185	108.1081081	2	0.011	181.8181818	2	0.015	133.3333333
5	0.347	14.4092219	5	0.0184	271.7391304	5	0.0224	223.2142857
10	0.0695	143.8848921	10	0.0368	271.7391304	10	0.0643	155.5209953
50	0.211	236.9668246	50	0.354	141.2429379	50	0.2166	230.8402585
100	0.474	210.9704641	100	0.522	191.5708812	100	0.3848	259.8752599
400	2.2425	178.3723523	400	1.344	297.6190476	400	1.345	297.3977695
500	3.426	145.9427904	500	2.543	196.6181675	500	1.6264	307.4274471
1000	10.356	96.5623793	1000	7.844	127.4859765	1000	3.437	290.9514111
2000	82.2415	24.31862259	2000	35.897	55.71496225	2000	9.434	211.999152
3000	430.055	6.975851926	3000	152.885	19.62259214	3000	28.323	105.9209829

in the Appendix D.

Sharding is a technique for dividing data into smaller parts to improve scalability and performance in distributed systems. The line graph in Figure 16a compares sharding with two, three, and five shards, showing that sharding with five shards provides the best performance as the number of voters increases. At its peak, the green line takes only 28 s to generate 3000 blocks, while the blue and orange lines take 430 and 153 s, respectively. In terms of throughput, the bar graph in Figure 16b shows that sharding with five shards (light green line) outperforms sharding with two and three shards as the number of voters increases, reaching approximately 106 TPS at 3000 voters. Breaking data into more shards can lead to higher performance and throughput.

6.5. Performance Comparison: Without Sharding vs. with Sharding

In this section, we analyze the performance of our blockchain system with and without sharding, focusing on block generation time and throughput. The results are presented in Figure 17A,B respectively.

Figure 17A illustrates the block generation time. The blue line represents the system’s performance without sharding, while the green line demonstrates the impact of implementing sharding. It is evident that the block generation time without sharding (blue line) is significantly higher than with sharding (green line). This observation underscores the effectiveness of sharding in reducing block generation time.

Figure 17B presents the throughput performance. The dark green line represents the throughput without sharding, and the green line represents the throughput with sharding. The bar graph clearly shows that sharding outperforms the system without sharding. Initially, the throughput with sharding is 181 TPS (Transactions Per Second), whereas without sharding, it is 62 TPS. In comparison, other blockchains like Ethereum and Bitcoin have throughput’s of 25 TPS and 7 TPS. Our system achieves a throughput of 181 TPS, which is higher than both Ethereum and Bitcoin. While there are other blockchains with much higher transaction rates, these are typically multi-transactional blockchains designed for monetary purposes. Our system, however, is developed for a voting system, which does not require multi-transaction capabilities.

In the context of voting, the number of voters is not constant, which can introduce complexity in multi-transactional blockchains. Our system employs a mono-transactional blockchain, meaning a block will immediately process a transaction upon generation. This design choice simplifies the system and aligns well with the requirements of a voting system.

In summary, our system demonstrates superior performance with sharding, achieving higher throughput and faster block generation times compared to systems without sharding. Additionally, our throughput outperforms that of Ethereum and Bitcoin, making it well suited for a voting system.

6.6. Analysis Based on Memory Consumption

The bar graph in Figure 18 shows how block modularity and sharding affect storage consumption in the blockchain network.

Without sharding, each block requires 26 bytes of storage, and as the number of blocks increases to 7500, the total storage consumption significantly rises to 371,072 bytes. However, when sharding is implemented, the storage requirement for each block decreases to 16 bytes, and the overall storage consumption reduces to 146,082.4 bytes even with 7500 blocks. This approach results in reduced data replication, faster and more efficient data processing and validation, and decreased computational requirements. These findings demonstrate the significant storage efficiency achieved through sharding, which has important implications for scalability and resource management in blockchain systems. The insights presented in this analysis are important for researchers and practitioners designing and implementing blockchain architectures. Sharding is a powerful technique that can be used to improve the efficiency and scalability of blockchain networks.

7. Discussion and Analysis

In this section, we discuss the attack analysis and security analysis.

7.1. Attack Analysis

Hybrid blockchains are considered to be more secure than public blockchains, as they are only validated by their respective layers. However, the block is as accessible and transparent as a public blockchain. Even though they are not immune to every attack, some of the most common attack vectors on private blockchains include the following:

• Vote Tampering: One of the most significant concerns in electronic voting systems is vote tampering, where an attacker modifies the votes to favor a particular candidate. Our system uses a blockchain-based secure ledger architecture, in which each vote is stored as a ledger in a block, and once a block is added to the chain, it cannot be modified. This ensures that the votes are immutable and cannot be tampered with.
• Double Voting: Double voting occurs when a voter casts more than one vote in the same election. Our system uses a multiparty computed cryptographically secure token verification system to prevent double voting. Each voter is issued with a unique token that is used to cast their vote, and the system checks whether the token has already been used before allowing the vote to be cast.
• Denial of Service (DoS) Attacks: DoS attacks are designed to make the voting system unavailable to users by overwhelming it with traffic or disrupting its infrastructure. Our system uses sharding to distribute the load across multiple nodes, thereby making it more resilient to DoS attacks. In addition, the system uses a proof of Hierarchical Access and Control (HAC) mechanism, which ensures that only authorized nodes can add blocks to the chain, preventing attackers from flooding the network with invalid blocks.
• Sybil Attacks: Sybil attacks involve creating multiple fake identities to gain an unfair advantage in the voting process. Our system uses biometric and facial recognition to verify the identity of each voter and employs an HAC authorization tree to create valid roles and identities. This makes it difficult for attackers to create fake identities and to ensure the integrity of the voting process.
• Man-in-the-Middle (MitM) Attacks: MitM attacks involve intercepting and modifying communication between two parties. Our system uses secure cryptographic mechanisms such as end-to-end encrypted communication protocols, public-key cryptography, and digital signatures to ensure that all communication between nodes is secure and cannot be intercepted or modified by unauthorized parties. This ensures the confidentiality, integrity, and authenticity of all data transmitted in the system.
• Quantum Computing Attacks: With the advent of quantum computing, there is a risk that traditional cryptographic mechanisms could be broken, making the voting system vulnerable to attacks. Our system uses post-quantum-secured cryptographic algorithms that are designed to be resistant to attacks by quantum computers, ensuring that the system remains secure even in the face of advances in quantum computing.

7.2. Security Analysis

Hybrid blockchains are considered more secure than public blockchains, as only authorized personnel validate them. They offer accessibility and transparency comparable to private blockchains, yet are not entirely immune to attacks. The proposed PQMPCHAC-Bchain model incorporates various security measures to prevent the attacks mentioned in Section 7.1, including the following:

• Confidentiality: Our system utilizes encrypted, authenticated communication channels between peers. Each peer is uniquely identified by a Peer ID derived from a private cryptographic key. Zero-Knowledge Multiparty Computation (zk-MPC) enables computations on encrypted data without revealing individual inputs, ensuring voter information remains confidential.
• Integrity: We guarantee vote integrity and authenticity through an Immutable Distributed Ledger Technology (IDLT) built with post-quantum secure Dilithium-based digital signatures. A multiparty cryptographically secure token verification system prevents double voting while protecting voter identity and privacy.
• Availability: A category-based sharding mechanism distributes workload across multiple nodes, enhancing scalability and resilience against Denial of Service (DoS) attacks, thus ensuring high availability and reliability.
• Authentication: Voter identity is authenticated using MPC token generation and authentication mechanisms, along with biometric and facial recognition technologies. A Hierarchical Access Control (HAC) authorization tree creates valid roles and identities, mitigating Sybil attack risks.
• Non-repudiation: Append-only digital signatures, MPC tokens, and the HAC authorization tree ensure non-repudiation in the voting process, preventing voters from denying or disputing their votes.
• Post-Quantum Security: Post-quantum cryptographic algorithms, such as lattice-based Dilithium, are employed for authentication, MPC operations, and authorization tasks. This approach ensures robust security even in the face of quantum computing advancements.
• Randomness: Cryptographically secure randomness facilitates the generation of zero-knowledge proofs during computation and validation phases, ensuring reliable and verifiable proofs without compromising sensitive information.
• Malicious Node Isolation: The system verifies data sources using the HAC-tree and isolates nodes that fail to comply with HAC or provide incorrect proofs or data. Node actions are shared within the network, and data are replicated across the closest peers, effectively isolating malicious nodes. This approach secures the system against Sybil and eclipse attacks.
• Threshold Cryptography: To mitigate single points of failure, threshold cryptography distributes control over certificate authorization, script creation, and other critical operations among multiple entities.
• Secure Communication Protocol: End-to-end encrypted communication protocols like TLS 1.3 and Noise protect against eavesdropping and Man-in-the-Middle (MitM) attacks, ensuring secure data transmission between nodes.
• Secure KMS Server: A decentralized Key Management Server (KMS) provides relevant public keys and certificates for verifying votes, tokens, and blocks, preventing fraud and ensuring the authenticity of all transactions in the system.

In summary, our proposed system employs a multi-layered security approach that includes blockchain-based immutability, unique voter identification, sharding, proof-of-stake consensus, end-to-end encryption, and post-quantum cryptography to protect against various potential attacks and ensure the integrity and security of the voting process.

7.3. Requirement Analysis

The proposed blockchain-based e-voting system is designed to provide both accuracy and security, meeting the following requirements:

• Voter eligibility: Only verified voters are allowed to cast their votes.
• Verifiability: Voters can verify that their votes have been correctly counted and included in the final tally.
• Robustness: The voting results and associated data are stored on the blockchain, making it highly resistant to tampering.
• Uniqueness: The voting process is verified twice, once on the blockchain and once on the server, to ensure that each vote is unique.
• Ballot receipt: Upon submitting their vote, voters receive a block ID as confirmation that their vote has been successfully recorded on the blockchain.
• Transparency: The blockchain’s transparent nature allows anyone on the network to view all voting procedures, ensuring that the process is fair and open.
• Trustworthiness: The blockchain’s scripting provides various security features to the e-voting system, such as security, autonomy, and transparency, making it resistant to manipulation and errors.
• Scalability: The proposed PQMPCHAC-Bchain, combined with sharding, block modularity, and post-quantum technologies, provides high levels of security and throughput, making the blockchain-based e-voting system scalable.

As we can see in comparison

Table 3. Comparison of the proposed e-voting system based on a blockchain and previous related work.

	Reference
Properties	[9]	[10]	[33]	[18]	[5]	[40]	[41]	[21]	Our Proposed
Security
Robustness
Consensus	PSC	POS	QBA	POS	POS	POS	POS	POW	HAC
Sharding
Eligibility 5
Verifiability
Uniqueness
Ballot receipt
Transparency
Embed Trust
Scalability
Post Quantum
Deepface
Time-based inference
Unlinkability
Confidentiality

, our proposed blockchain-based e-voting system is a secure and scalable solution that can meet the requirements of modern elections.

8. Conclusions

E-voting can address the shortcomings of traditional voting systems, but current solutions, including Biometric EVM, face challenges like reduced voter trust, cyber threats, and scalability issues. To overcome these, we present PQMPCHAC-Bchain, an e-voting system that uses the HAC model and combines public and private blockchains for transparency, immutability, and efficiency. The proposed system represents a groundbreaking hybrid-blockchain-based e-voting solution, prioritizing post-quantum safety and scalability. It offers a robust blockchain programming environment, user-friendly scripting mechanisms, and adherence to relevant regulatory frameworks. To protect voter identities while checking for double voting, we propose a multiparty computed token generation and verification mechanism. Our system employs biometric and facial recognition technologies for voter authentication and a secure cryptographic signature process for validating voter information. To evaluate the system’s efficacy, we conducted tests using high-quality, synthetically generated voter records and election data, demonstrating its scalability, security, and effectiveness. Our system achieved 181 TPS and is compatible with existing electoral laws and regulations, allowing seamless integration into the current e-voting framework. For the test simulation, we set up entities such as the Election Commission, returning officer, and polling officer. However, certain limitations must be addressed in future research. The system’s reliance on a predetermined independent party for token computations introduces a potential centralization of power. To counteract this, we intend to explore decentralized and open MPC participation systems. Additionally, we aim to incorporate secure post-quantum communication protocols and smart adaptive sharding technology to enhance the security, scalability, and overall performance of our system.