Currently, almost anyone in the Fediverse can see Lemmys votes. Lemmy admins can see votes, as well as mods. Only regular Lemmy users can’t. Should the Lemmy devs create a way to make the votes anonymous?
There is a discussion going on right now considering “making the Lemmy votes public” but I think that premisse is just wrong. The votes are public already, they’re just hidden from Lemmy users. Anyone from a kbin/mbin/fedia instance can check out the votes if they are so inclined.
The users right now may fall into a false sense of privacy when voting because the votes are hidden from Lemmy users. If you want to vote something and not show up on the vote list, please create another account to support that type of content and don’t tell anyone.
For anyone interested, there are a few papers on cryptographically secure voting, where both voter anonymity and election integrity are preserved.
Most designs consider three separate entities, where if you accumulate the information between those entities you would be able to identify a voter and his vote, but each entity on itself does not hold enough information.
That’s interesting. I have read multiple comments to the effect that it would not be possible for lemmy to implement anonymous voting because the underlying ActivityPub protocol does not support it. So it sounds like solutions do exist, although I suppose the effort required to modify ActivityPub is too much, more likely the feature will be included in some successor to the fediverse.
The problem isn’t keeping votes anonymous, that’s easy. The problem is bots/spam. You could just create a new instance and then upvote a post from another instance a thousand times. If the votes are anonymous for the other instance it’s tough to say if they are genuine users or just bots.
That’s the main issue here, when votes are anonymous you could easily just spam votes with no way to trace it back. If it’s a rogue instance then fine, you can ban the whole instance. But imagine if lemmy.world starts using fake votes in the background towards other instances.
What keeps from doing that right now? You can just create an instance and bot accounts on that
It would be damn easy to look up the instance and their “users” and see that the users are not genuine. Then ban the whole instance.
If you are worried about duplicates, aka a single bot spamming multiple votes, then that’s feasible to mitigate.
If you are worried about multiple bots spamming one vote each, that’s harder to mitigate and it comes down to how the instances handles bot accounts in general. IMO it’s best to ignore the bot problem and instead focus on designing a vote weighting system that favors similar instances.
Thanks @[email protected],
i believe many users will be interested in these papers about cryptographically secure voting.
Amongst them there would be :
@[email protected]
@[email protected]
@[email protected]
Not sure if you are being sarcastic or not but I found this review.
https://www.mdpi.com/2073-8994/14/5/858
I had done some research about a year ago, but I don’t have the papers saved.
This isn’t going to solve anything. Cryptographically secure voting helps when you can ensure that each person only gets to vote once. But anyone can just sign up for more accounts or make loads of bot accounts and vote multiple times. This solves nothing.
Wow neat!! Eating our cake & having it
Thanks @[email protected]