Abstract
We introduce a formal, modular framework that captures a large number of different instances of the Single Transferable Vote (STV) counting scheme in a uniform way. The framework requires that each instance defines the precise mechanism of counting and transferring ballots, electing and eliminating candidates. From formal proofs of basic sanity conditions for each mechanism inside the Coq theorem prover, we then synthesise code that implements the given scheme in a provably correct way and produces a universally verifiable certificate of the count. We have applied this to various variations of STV, including several used in Australian parliamentary elections and demonstrated the feasibility of our approach by means of real-world case studies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
ACT Electoral Commission: https://www.elections.act.gov.au/education/act_electoral_commission_fact_sheets/fact_sheets_-_general_html/elections_act_factsheet_hare-clark_electoral_system
Beckert, B., Goré, R., Schürmann, C.: Analysing vote counting algorithms via logic - and its application to the CADE election scheme. In: Bonacina, M.P. (ed.) CADE 2013. LNCS (LNAI), vol. 7898, pp. 135–144. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38574-2_9
Bertot, Y., Castéran, P., Huet, G., Paulin-Mohring, C.: Interactive Theorem Proving and Program Development: Coq’Art: The Calculus of Inductive Constructions. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-662-07964-5
Cortier, V., Galindo, D., Küsters, R., Müller, J., Truderung, T.: Verifiability notions for e-voting protocols. IACR Cryptology ePrint Archive 2016, 287 (2016)
Dawson, J.E., Goré, R., Meumann, T.: Machine-checked reasoning about complex voting schemes using higher-order logic. In: Proceedings of EVote-ID 2015, pp. 142–158 (2015)
DeYoung, H., Schürmann, C.: Linear logical voting protocols. In: Kiayias, A., Lipmaa, H. (eds.) Vote-ID 2011. LNCS, vol. 7187, pp. 53–70. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32747-6_4
Droop, H.R.: On methods of electing representatives. J. Stat. Soc. Lond. 44(2), 141–202 (1881)
Ghale, M.K., Goré, R., Pattinson, D.: A formally verified single transferable voting scheme with fractional values. In: Krimmer, R., Volkamer, M., Braun Binder, N., Kersting, N., Pereira, O., Schürmann, C. (eds.) E-Vote-ID 2017. LNCS, vol. 10615, pp. 163–182. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-68687-5_10
Girard, J.: On the unity of logic. Ann. Pure Appl. Logic 59(3), 201–217 (1993)
Goré, R., Lebedeva, E.: Simulating STV hand-counting by computers considered harmful: A.C.T. In: Krimmer, R., et al. (eds.) E-Vote-ID 2016. LNCS, vol. 10141, pp. 144–163. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52240-1_9
John Muir Trust: Apply to be a trustee. https://www.johnmuirtrust.org/assets/000/002/860/How_to_apply_to_be_a_Trustee_Jan_2018_original.pdf. Accessed 15 May 2018
Kumar, R., Myreen, M.O., Norrish, M., Owens, S.: CakeML: a verified implementation of ML. In: Principles of Programming Languages (POPL). ACM, January 2014
Magnus, M.O., Scott, O.: Proof-producing translation of higher-order logic into pure and stateful ML. J. Funct. Program. 24(2–3), 284–315 (2014)
Letouzey, P.: A new extraction for CoQ. In: Geuvers, H., Wiedijk, F. (eds.) TYPES 2002. LNCS, vol. 2646, pp. 200–219. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-39185-1_12
Pattinson, D., Schürmann, C.: Vote counting as mathematical proof. In: Pfahringer, B., Renz, J. (eds.) AI 2015. LNCS (LNAI), vol. 9457, pp. 464–475. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26350-2_41
Pattinson, D., Tiwari, M.: Schulze voting as evidence carrying computation. In: Ayala-Rincón, M., Muñoz, C.A. (eds.) ITP 2017. LNCS, vol. 10499, pp. 410–426. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66107-0_26
Schack-Nielsen, A., Schürmann, C.: Celf - a logical framework for deductive and concurrent systems (system description). In: Proceedings of IJCAR 2008, pp. 320–326 (2008)
Software Improvements: Electronic and voting and counting sytems. http://www.softimp.com.au/evacs/index.html. Accessed 12 May 2015
StackExchange: Moderator elections (2018). https://math.stackexchange.com/election/6?tab=election. Accessed 15 May 2018
The Parliament of Victoria: Electoral act 2002. http://www.legislation.vic.gov.au/domino/web_notes/ldms/pubstatbook.nsf/f932b66241ecf1b7ca256e92000e23be/3264bf1de203c08aca256e5b00213ffb/%24FILE/02-023a.pdf
Verity, F., Pattinson, D.: Formally verified invariants of vote counting schemes. In: Proceedings of ACSW 2017, pp. 31:1–31:10 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Ghale, M.K., Goré, R., Pattinson, D., Tiwari, M. (2018). Modular Formalisation and Verification of STV Algorithms. In: Krimmer, R., et al. Electronic Voting. E-Vote-ID 2018. Lecture Notes in Computer Science(), vol 11143. Springer, Cham. https://doi.org/10.1007/978-3-030-00419-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-00419-4_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00418-7
Online ISBN: 978-3-030-00419-4
eBook Packages: Computer ScienceComputer Science (R0)