A preprint posted to arXiv on 9 July 2026 describes an electronic voting system that tallies 50,000 ballots in under one second — and does it without ever handing one party the keys to decrypt individual votes [S1]. The paper, titled NARAD, comes from researchers at the Indian Institute of Technology Madras [P2]. It is a preprint and has not been peer-reviewed [S1]. What makes it worth reading before that review happens is the architecture: a way to count votes publicly while keeping each ballot private, with no central authority holding a master key. If the cryptography holds up under scrutiny, it could change what small organisations — a union local, a student body, a professional association — can do with self-run, verifiable elections. If it doesn't, the paper still frames a problem worth solving.

How the ballot stays secret

Most online voting systems have a trust problem. Either a central authority holds a decryption key that could expose every ballot, or the system sacrifices verifiability — the ability for anyone to check that the tally is correct. NARAD tries to split the difference with a technique called homomorphic encryption [S1].

Here is the plain-English version. Homomorphic encryption lets you add up encrypted numbers without decrypting them first. Imagine sealed envelopes where you can somehow count the votes inside without opening any of them. The Paillier cryptosystem — the specific flavour NARAD uses — supports exactly this kind of encrypted addition [S1].

Each voter encrypts their ballot in their browser using a secret key they generate themselves [S1]. No election official ever sees that key. The encrypted ballot goes to the Solana blockchain, which records it immutably — meaning it cannot be altered after the fact — and enforces the election timeline [S1].

Two servers, neither all-powerful

The tallying is split between two server roles: a collector and an aggregator [S1]. The collector combines per-ballot auxiliary values into a single group element. The aggregator takes that element, cancels out the random masks voters applied, and recovers the exact vote sum [S1]. The aggregator learns the final count but cannot see any individual ballot [S1].

No single party ever holds every encryption key [S1]. That is the core design choice. Running both server roles inside attested secure enclaves — hardware-protected execution environments that verify their own integrity — makes the tally tamper-resistant and is designed to stop the two roles from colluding to deanonymise voters [S1].

The authors prove three properties: product homomorphism (the encrypted values combine correctly), mask cancellation (the random noise voters add cancels out during tallying), and sum recovery (the final count is exact) [S1]. Privacy rests on two cryptographic assumptions: the Decisional Composite Residuosity assumption for the encryption layer, and a Diffie-Hellman-style assumption for the masking base [S1]. These are standard assumptions in the cryptography literature, but they remain assumptions — mathematical bets that certain problems are hard enough that no one can solve them in practice.

The trick that makes it scale

A multi-candidate election might have ten people on the ballot. Naively, you would need one encrypted message per candidate per voter. NARAD uses a bit-packing scheme that places an entire multi-candidate ballot into a single ciphertext [S1].

This matters because every ciphertext costs something: client computation, blockchain transaction fees, storage, and tallying work. Bit-packing cuts all four by a factor of k, where k is the number of candidates [S1]. In a ten-candidate race, that is a tenfold reduction across the board.

The numbers are striking. With a 25-bit slot width and a 255-bit modulus, the scheme supports ten candidates and up to 33,554,431 votes per candidate — about 335 million ballots total [S1]. That is a mathematical capacity limit, not a demonstrated throughput figure. But the performance claim — 50,000 ballots tallied in under one second — comes from the authors' open-source proof-of-concept implementation, which uses a native C library called libtommath for the heavy arithmetic [S1].

What it means

Online voting has a well-earned trust deficit. Every system that has been seriously examined by security researchers has shown flaws — from coercion risks to server-side tampering to the simple fact that malware on a voter's computer can change a vote before it is encrypted. NARAD does not solve all of these problems. What it does is remove one specific trust requirement: the need for a central key dealer who could, in principle, decrypt every ballot.

By splitting the tally between two non-colluding roles and using homomorphic encryption to keep ballots opaque until the final sum is recovered, the protocol makes a meaningful design trade-off. Voters keep their own keys. The blockchain provides a public audit trail. The aggregator sees the result but not the inputs. For anyone who has followed the slow-motion debate over electronic voting — decades of proposals, few deployments, fewer that survived scrutiny — this is a serious attempt at a hard problem.

The use of Solana as the recording layer is worth noting carefully. The paper proposes Solana as an immutable ledger, not as an endorsement from Solana itself [S1]. The blockchain records ciphertexts and enforces the election lifecycle. It does not tally votes or decrypt anything.

What it means for business

For a small organisation running internal elections — a trade union with 5,000 members, a professional society electing a board, a university student council — the practical appeal is a system that does not require trusting a vendor with a master key. Today, most online election services are black boxes: you submit votes, they give you a result, and you trust them that the count is right and that individual choices stayed private.

If NARAD's approach survives peer review and independent security audits, a two-person firm or a suburban community group could run a verifiable election where every member can check that their encrypted ballot is on-chain and that the final tally matches. The bit-packing scheme means blockchain costs scale with candidate count, not with voter count times candidate count — a real difference for a budget-conscious organisation.

The open-source proof-of-concept means a developer can inspect the code today [S1]. But no one should run a binding election on an unreviewed preprint. The secure enclave claims, in particular, rest on hardware security assumptions that are themselves subject to academic debate and known side-channel attacks — vulnerabilities that leak information through timing or power consumption rather than breaking the cryptography directly.

What we don't know yet

The paper is a preprint. None of its security proofs, privacy guarantees, or performance figures have been validated by independent peer review [S1]. The 50,000-ballots-per-second figure comes from the authors' own proof-of-concept and may not hold on Solana's mainnet under real network conditions or adversarial load.

Several questions remain open. Has the protocol been independently audited? No. Has it been deployed in a real election? No. Is it certified for governmental or legally binding use? No. Are the secure enclave assumptions sound against current side-channel attacks? That is an active area of research. Does the scheme hold up against attack vectors the authors did not consider? Unknown — the proofs depend on the six stated assumptions being correct [S1].

The next concrete event to watch for is peer review. If this paper lands at a venue like IEEE S&P, USENIX Security, or CCS, the review process will stress-test the proofs and likely surface weaknesses. Until then, NARAD is a promising design from a serious institution — and a reminder that the hardest part of electronic voting is not the cryptography, but earning enough trust that people will use it.

If you want to follow how cryptography and distributed systems are reshaping governance tech, subscribe for the next dispatch.

Sources

Sources


Generated from an audited evidence pack with primary-source research. Social-media items are discussion signals, not verified facts. Nothing here is financial, legal or medical advice.