Introducing CRISP: A Secret Ballot Protocol
CRISP leverages FHE and E3s to create voting systems that are private, tamper-proof, and verifiable.
Trust in democratic systems is steadily eroding. Transparency — often seen as the antidote to corruption — does not guarantee democracy; it only guarantees visibility. In digital voting and decision-making, this visibility can further exacerbate vulnerabilities. Rather than reinforcing trust, the tendency toward open systems paradoxically exposes voting systems to manipulation, coercion, and collusion, leaving them fragile and insecure.
Existing digital voting systems, from blockchain-based to traditional e-voting, fail to resolve these vulnerabilities, relying on untenable trust assumptions for large-scale systems. Pseudonymous voting hides identities but leaves votes public, exposing participants to bribery and coercion. Commit-reveal ballots protect input bias but compromise voter privacy by eventually exposing votes. Meanwhile, systems reliant on trusted operators make privacy entirely dependent on intermediaries, whether human or hardware.
CRISP (Coercion-Resistant Impartial Selection Protocol) offers an alternative: secret ballots built with Enclave’s Encrypted Execution Environments (E3). Combining privacy, tamper resistance, and verifiability, CRISP safeguards voting privacy while limiting transparency only to results, providing organizations, networks, and entities a critical tool for secure, democratic decision-making.
Secret Ballots with CRISP
CRISP secret ballots achieve a practical balance between privacy and transparency, supported by radically different trust properties. Utilizing Encrypted Execution Environments, CRISP provides secure, privacy-preserving computations through Compute Providers (RISC Zero, Jolt, SP1, Nexus, et al.) and decentralized decryption across a massive network of independent, economically incentivized node operators called Ciphernodes.
This crypto-economic foundation ensures votes remain confidential and receipt-free; protects against vulnerabilities such as bribery, coercion, and manipulation; and offers strong privacy and integrity guarantees throughout the voting process. These outcomes are made possible through Enclave’s advanced cryptography:
- Encrypted Votes with FHE: Fully Homomorphic Encryption keeps votes encrypted throughout computation, protecting voter privacy while producing accurate results.
- Decentralized Tallying via DTC: Distributed Threshold Cryptography enables secure key generation and collaborative decryption, achieving tamper-resistant tallying without relying on a single party.
- Verifiable Results with ZKPs: Zero-Knowledge Proofs allow cryptographic audits of the voting process, proving result integrity without compromising voter anonymity.
Together, these components make CRISP an extensible, cryptographically secure foundation for democratic decision-making across a range of applications.
How CRISP Works
CRISP uses Enclave to coordinate secure interactions across every stage of the voting process:
- Starting a Voting Round: Organizations initialize a round by requesting an E3 from Enclave, defining parameters like voting duration, eligibility criteria, and Ciphernodes required for decryption.
- Registering Voters and Managing Keys: Voters register anonymously with unique, round-specific cryptographic keypairs; the Voter Registry verifies eligibility without exposing identities.
- Submitting and Tallying Encrypted Votes: Votes are encrypted and submitted to Enclave, where Compute Providers such as RISC Zero's zkVM handle secure tallying without decrypting individual votes.
- Decrypting and Publishing Results: Ciphernodes jointly decrypt and publish the final tally; only the aggregate tally is revealed, ensuring individual votes remain private.
Built-In Protections
To further secure the voting process, CRISP includes several mechanisms to address vulnerabilities:
- Censorship Resistance: Voters can bypass intermediaries and submit votes directly to the contract to prevent blocking.
- Receipt-Free Voting: Voters are prevented from having to prove their vote choice, mitigating bribery and coercion risks. Optional key-switching invalidates prior votes, if needed.
- Forced Abstention Protection: Supports anonymous participation via fresh addresses or relayers, ensuring voter privacy in adversarial environments.
Start Building with CRISP
CRISP is fully open source and designed to integrate into new and existing governance and voting systems. Its modular architecture and cryptographic guarantees enable developers to build secure decision-making systems across diverse contexts. Couple resources to get started:
- Live Demo: Test CRISP’s Proof-of-Concept demo to experience secret balloting in action — create polls, register voters, and see secure tallying firsthand. crisp.enclave.gg
- Documentation: Follow step-by-step guides to set up CRISP locally, deploy Enclave and RISC Zero contracts, and run voting rounds. docs.enclave.gg
Test, integrate, and experiment with CRISP, and let us know what you come up with!
Enclave is an open-source protocol for Encrypted Execution Environments, with Gnosis Guild as its initial development team. Follow Enclave on social media (X, Farcaster) for updates and subscribe for articles and announcements. For partnership inquires, business opportunities, and more, join the Enclave Telegram group.