Federation requires openness and that goes badly with secrecy. You can argue that one has to trust instance owners anyway, but knowing the users and not just the tallies makes uncovering manipulation easier.
It’s doable with E2E encryption, but lots of social stuff in large groups requires coordination which is incredibly hard to with a server that has no knowledge of what the data is because it can’t index anything, etc.
They’re implementing E2E encrypted social stuff. Voting privacy and encryption is linked.
Especially when you have users across multiple servers and both want voting privacy AND being able to deal with vote manipulation. You need stuff like pseudonymous commitments per account attested to by the hosting instance, etc. The only thing that’s simpler but still private is having instances just digitally sign a total vote tally, which also means you can’t detect vote manipulation on other servers at all.
I can check if my votes are federated correctly by checking if any of my votes are suppressed or votes in my name are made up. If my instance sends a different random token with each vote, I can still do that, as long as I know which tokens are assigned to my votes.
But vote tallies can also be manipulated by making up new votes through fake/bot accounts. If a vote can be connected to posts, this can be checked to some degree. Say, if an instance has a lot of voters that never post, that indicates a problem.
Currently Lemmy is leaking likes via the API even if they only should be available to the user’s host and community host server
Federation requires openness and that goes badly with secrecy. You can argue that one has to trust instance owners anyway, but knowing the users and not just the tallies makes uncovering manipulation easier.
It’s doable with E2E encryption, but lots of social stuff in large groups requires coordination which is incredibly hard to with a server that has no knowledge of what the data is because it can’t index anything, etc.
How?
https://peergos.org/
Wait. What is the relation to vote federation?
They’re implementing E2E encrypted social stuff. Voting privacy and encryption is linked.
Especially when you have users across multiple servers and both want voting privacy AND being able to deal with vote manipulation. You need stuff like pseudonymous commitments per account attested to by the hosting instance, etc. The only thing that’s simpler but still private is having instances just digitally sign a total vote tally, which also means you can’t detect vote manipulation on other servers at all.
But accounts are already pseudonymous?
Here’s where I am at:
I can check if my votes are federated correctly by checking if any of my votes are suppressed or votes in my name are made up. If my instance sends a different random token with each vote, I can still do that, as long as I know which tokens are assigned to my votes.
But vote tallies can also be manipulated by making up new votes through fake/bot accounts. If a vote can be connected to posts, this can be checked to some degree. Say, if an instance has a lot of voters that never post, that indicates a problem.
I don’t see how the second thing with E2EE.