Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

B-Privacy: Defining and Enforcing Privacy in Weighted Voting

Samuel Breckenridge, Dani Vilardell, Andrés Fábrega, Amy Zhao, Patrick McCorry, Rafael Solari, Ari Juels

TL;DR

This work identifies a fundamental privacy risk in token-weighted voting where published tallies can reveal individual choices despite ballot secrecy. It formalizes B-privacy, a bribery-based privacy metric defined as the minimum bribe budget $|oldsymbol{b}|$ needed to reach a target success probability $p$, and develops a noise-based tally mechanism that increases bribery costs while preserving winner correctness. The authors model a bribery game with Bayesian Nash equilibria, derive optimal bribery conditions, and provide computational methods to estimate $B_{ extsf{tally}}(p)$; they also bound privacy loss for corrected noised tallies and relate B-privacy to plausible deniability. Empirically, across 3,582 proposals in 30 DAOs, they find that whale concentration limits privacy gains in most cases, but a corrected noised tally can significantly boost B-privacy, especially when the minimum decisive coalition is larger; these results offer practical guidance for balancing transparency and privacy in DAO governance and weighted voting systems.

Abstract

In traditional, one-vote-per-person voting systems, privacy equates with ballot secrecy: voting tallies are published, but individual voters' choices are concealed. Voting systems that weight votes in proportion to token holdings, though, are now prevalent in cryptocurrency and web3 systems. We show that these weighted-voting systems overturn existing notions of voter privacy. Our experiments demonstrate that even with secret ballots, publishing raw tallies often reveals voters' choices. Weighted voting thus requires a new framework for privacy. We introduce a notion called B-privacy whose basis is bribery, a key problem in voting systems today. B-privacy captures the economic cost to an adversary of bribing voters based on revealed voting tallies. We propose a mechanism to boost B-privacy by noising voting tallies. We prove bounds on its tradeoff between B-privacy and transparency, meaning reported-tally accuracy. Analyzing 3,582 proposals across 30 Decentralized Autonomous Organizations (DAOs), we find that the prevalence of large voters ("whales") limits the effectiveness of any B-Privacy-enhancing technique. However, our mechanism proves to be effective in cases without extreme voting weight concentration: among proposals requiring coalitions of $\geq5$ voters to flip outcomes, our mechanism raises B-privacy by a geometric mean factor of $4.1\times$. Our work offers the first principled guidance on transparency-privacy tradeoffs in weighted-voting systems, complementing existing approaches that focus on ballot secrecy and revealing fundamental constraints that voting weight concentration imposes on privacy mechanisms.

B-Privacy: Defining and Enforcing Privacy in Weighted Voting

TL;DR

This work identifies a fundamental privacy risk in token-weighted voting where published tallies can reveal individual choices despite ballot secrecy. It formalizes B-privacy, a bribery-based privacy metric defined as the minimum bribe budget needed to reach a target success probability , and develops a noise-based tally mechanism that increases bribery costs while preserving winner correctness. The authors model a bribery game with Bayesian Nash equilibria, derive optimal bribery conditions, and provide computational methods to estimate ; they also bound privacy loss for corrected noised tallies and relate B-privacy to plausible deniability. Empirically, across 3,582 proposals in 30 DAOs, they find that whale concentration limits privacy gains in most cases, but a corrected noised tally can significantly boost B-privacy, especially when the minimum decisive coalition is larger; these results offer practical guidance for balancing transparency and privacy in DAO governance and weighted voting systems.

Abstract

In traditional, one-vote-per-person voting systems, privacy equates with ballot secrecy: voting tallies are published, but individual voters' choices are concealed. Voting systems that weight votes in proportion to token holdings, though, are now prevalent in cryptocurrency and web3 systems. We show that these weighted-voting systems overturn existing notions of voter privacy. Our experiments demonstrate that even with secret ballots, publishing raw tallies often reveals voters' choices. Weighted voting thus requires a new framework for privacy. We introduce a notion called B-privacy whose basis is bribery, a key problem in voting systems today. B-privacy captures the economic cost to an adversary of bribing voters based on revealed voting tallies. We propose a mechanism to boost B-privacy by noising voting tallies. We prove bounds on its tradeoff between B-privacy and transparency, meaning reported-tally accuracy. Analyzing 3,582 proposals across 30 Decentralized Autonomous Organizations (DAOs), we find that the prevalence of large voters ("whales") limits the effectiveness of any B-Privacy-enhancing technique. However, our mechanism proves to be effective in cases without extreme voting weight concentration: among proposals requiring coalitions of voters to flip outcomes, our mechanism raises B-privacy by a geometric mean factor of . Our work offers the first principled guidance on transparency-privacy tradeoffs in weighted-voting systems, complementing existing approaches that focus on ballot secrecy and revealing fundamental constraints that voting weight concentration imposes on privacy mechanisms.

Paper Structure

This paper contains 64 sections, 8 theorems, 49 equations, 8 figures, 4 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Addressing weighted-voting privacy.
  3. B-Privacy.
  4. Enforcing B-privacy via noising.
  5. Limitation:
  6. Related Work
  7. Voting privacy fundamentals.
  8. Weighted voting privacy.
  9. Probabilistic tallying methods.
  10. Economic modeling of voting behavior.
  11. Decentralized autonomous organizations.
  12. Voting Framework
  13. Practical Attacks on Raw Tallies
  14. Attack setting and methodology
  15. Whale attack.
  16. ...and 49 more sections

Key Result

Theorem 6

Given bribe vector $\mathbf{b}$ and bribery condition functions $\mathbf{f}$, the adversary's probability of achieving a $\mathsf{yes}$ outcome is where $X_i = \mathbb{I}[U_i^{\sf no} \leq \frac{\bm_i b_i}{\Delta_i}]$ for $U_i^{\sf no} \stackrel{\$}{\leftarrow} \mathbf{U}_i^{\sf no}$ is an indicator random variable and voting behavior follows the Bayesian Nash equilibrium induced by $(\mathbf{b},

Figures (8)

  • Figure 1: Unified attack algorithm results across all DAOs. Each point represents one DAO and shows mean percentage of ballots leaked (x-axis) vs. mean percentage of voting weight leaked (y-axis) across that DAO's proposals. Point size indicates average voters per proposal. The attacks succeed across diverse DAOs, demonstrating that the raw tally algorithm fails to provide adequate ballot secrecy in weighted voting systems. The attack success for DAOs highlighted in red is presented in more detail in Figure \ref{['fig:attack-specific']}.
  • Figure 2: Variations in attack effectiveness across four DAOs with different scales. Each point represents one proposal, colored by winning margin. The view across proposals demonstrates that Attack success is driven by the interaction of electorate size, whale concentration and winning margins—large whales become easier to identify when one choice receives disproportionately low support. Balancer shows near-complete compromise due to small size, while Arbitrum's higher vulnerability compared to Aavegotchi (despite 10× more voters) demonstrates that voting weight concentration can be more important than electorate size for determining privacy risk.
  • Figure 3: Bribery game underpinning B-privacy definition.
  • Figure 4: Comparison of raw tally versus adapted noised tally attack effectiveness across all DAOs when 10% tally perturbation is applied. Setup mirrors Figure \ref{['fig:attack-aggregate']}, but shows how each DAO's position shifts when attacks are adapted for noised tallies. The leftward and downward shift demonstrates greatly reduced attack effectiveness under noise.
  • Figure 5: Relative B-Privacy by DAO under different Tally algorithms specified in Table \ref{['tab:result-functions']}. Results are averaged across proposals using geometric mean. Each row is a DAO, and rows are sorted using by the mean MDC across that DAOs proposals; red dots denote relative B-privacy in winner-only setting, green dots a lower bound on relative B-privacy in the corrected noised setting with tally perturbation $d\xspace=10\%$. The dashed vertical line marks the full-disclosure baseline. The $x$-axis is logarithmic; right-hand labels give the average MDC per DAO, left hand labels give the amount of proposals per DAO ($n$). In most DAOs using the corrected noised tally or winner-only algorithm improves B-Privacy, although the magnitude of this improvement is very dependent on MDC.
  • ...and 3 more figures

Theorems & Definitions (25)

  • Example 1: Tally leakage
  • Definition 1: Voting transcript
  • Definition 2: Tally algorithm
  • Example 2: Raw tally
  • Definition 3: B-Privacy
  • Definition 4: Pivotality
  • Definition 5: Bribe margin
  • Theorem 6: Adversary's success probability
  • proof
  • Theorem 7: Optimal bribery condition functions
  • ...and 15 more