 So hi everyone, welcome to Hyperledge Global Forum. Greetings of the day. My name is Shivendra Yadav, and I've been joined by my colleague Vikram Sharma. And B2 will be taking you through the topic which is re-engineering election process using blockchain and confidential computing. So why re-engineering? Because there has been a lot of improvements and modifications already being done in the engineering process when it comes to the election process, sorry, when it comes to elections. So how we can re-engineer it to make it better. And that is what we are going to discuss in this session. All right, so typically it is bifurcated into three sections. The first three sections are possibly the business related sections. The last three are more technical and plus business session, business related topics, where we'll be talking about how we can re-engineer the complete process using blockchain and confidential computing. What are the key takeaways? But we'll start exactly with a problem statement. What is the problem statement? And what is the solution direction which we see will be a fit seeing the problem statement? All right, so before we jump into any kind of technicality, we have to understand what we are dealing with here. So when it comes to elections, we all know that governments or corporates in different countries try to keep these elections transparent and simple. But still there are certain issues related to elections which have to be countered either using the manual process or using technology. So these issues are typically voter fraud. When it comes to voter fraud, we are talking about voter impersonation or ballot stuffing, which means that a same voter cast his vote multiple times. It happens in various countries. Then ballot stuffing is where you stop the ballot with counterfeit votes or votes which are not legal. So essentially, it is essentially a problem for identity. We are not able to match the identity of the voter with the vote he has casted. So that is the gap. So this is the voter fraud. Second is the counting manipulation. Once the voter has casted his vote, there is manipulation which happens in the background. And there can be a lot of manipulations in terms of counting, in terms of putting votes in the favor of a candidate. So there can be a lot of counting manipulations once the vote has been casted. Then machine rigging. So what happens is when the vote has been counted, sometimes what happens is the votes, generally people make an issue that the votes have been casted for a candidate, but the votes have actually been gone to another candidate for which they have not voted for. So this comes under machine rigging. And these three are the primary issues every country deals with when it comes to election process. And generally, there has been a lot of debates, a lot of arguments as to how we can make these three problem statements go out of the election process. So what should be the solution direction? Before we jump into the actual solution, what should be the direction? So if you see these three problem statements which are related to voter fraud, counting manipulation, and machine rigging, you will see that the common theme is that there is a manual intervention in the process. Even if you talk about voter fraud, there is manual intervention because there is obviously a voter involved. How do we solve that? Can we create a voter identity which is mapped to the votes which he has given so that we know that one voter is only allowed to vote once? Another problem is counting manipulation. So because counting is still being done by humans and there is a possibility of doing fraud at that stage of counting, so can we do automated vote counting using a system, using technology? The third problem is around machine rigging is where can we create a system which will, once the user casts the vote, the votes gets registered somewhere and these remains permanent so nobody can change or manipulate these votes. So can we create such kind of a system? So this is the theme of this session that we want to reduce manual intervention and we want to move towards more technology-centric election process. So keeping this direction in mind, what are the possible technologies? Although there can be multiple technologies which we can look at. But considering this forum, we are talking about two technologies here which we think and we obviously would like to have your comments, reaction, feedbacks on this is, first of all, blockchain. So blockchain is obviously a tremendous fit when we talk about putting immutable records on the ledger because it obviously increases trust of the users when they see immutable records and they know that these records cannot be changed or manipulated. So blockchain becomes a pretty imperative part of the solution which actually tackles the problem of counting, manipulation, or the trust by different users. Data is obviously cryptographically secured on blockchain which means nobody can tamper the data which again proves that the system is trustworthy. And another point is decentralized and distributed. So whenever there is an authority who is controlling election process or there are multiple authorities who are controlling the election process, there is obviously a chance that there might be some sort of manipulation which might happen because wherever there is power, there is manipulation as the statement goes. So can we make the complete election process decentralized and distributed rather than centralized and confined by various authorities? So blockchain can do that. And obviously it becomes a single source of truth because it is the most authenticated database which we have when we implement it in this kind of a process. Now it obviously increases transparency. Blockchain increases transparency and that is a good part. But when it comes to election process, we obviously need to know who has voted for which candidates or probably we want to know that a particular voter has casted his vote or not. But there is an aspect of counting these votes where we do not need that transparency because if in the process of the election, people know in which favor the votes are being going, they might manipulate those votes. That is where confidential computing comes into the play. And we'll be talking about confidential computing in the upcoming slide, what exactly it is and how it complements blockchain. But just to understand it here, confidential computing works in secure enclaves. So there's a concept called secure enclaves in which processing of data happens, but whosoever has shared the data is not allowed to view that processing or he's not authorized to view that processing so that he cannot manipulate that processing of data. They will obviously get the results that who has won, who has not. But the processing, the counting process or the ML algorithm or whatever algorithm has been written inside secure enclave, which is a concept of confidential computing, they will not have access to that algorithm, which means the algorithm become secure. And even if somebody tried to change that algorithm, there is a enclave host program which will attest that particular program before running, whether it is the original program or not or somebody has manipulated that program. So what it does is, so what we are trying to counter here, first of all, counting is being done automatically, using automated ML algorithm and inside confidential computing. So there is a manual intervention which we are trying to reduce here or trying to eliminate completely. Then whenever the data comes, what we are trying to do with blockchain is we are trying to create identity on blockchain and map that identity with the votes which the voter has been, voter has hosted. So using blockchain and confidential computing, we are trying to solve this problem. And in the upcoming slides, we'll be talking about confidential computing, how it helps and what is the solution which HCL has devised. So this is about confidential computing and I will give it to Vikram to talk about confidential computing. But essentially there is a concept of secure enclave and the applications which interact with secure enclave and there is a concept called hardware attestation which will happen here. So I think I'll give it to Vikram. Vikram will probably justify it good here. So Vikram, over to you. Sure, thanks, Shivendra. So just before I start, if you guys have any questions, please feel free to drop them into any sections. We will take those questions towards the end of this session. Okay, so to start with confidential computing. So you guys may already be familiar with blockchain, but for the purpose of this session, I'll give you an introduction about confidential computing. So confidential computing, it is an emerging technology and it is built on the premise that the host of the application or the infrastructure is malicious. What could be is malicious and it still gives you the assurance that your data and your code within that enclave is secure. Now imagine you have patient data or maybe customer data from which you want to derive insights using a proprietary algorithm, third party proprietary algorithm. Now because your data is sensitive, you may not want to hand over your data to that algorithm provider. And that algorithm provider has spent fortunes developing that algorithm. So he's not comfortable sharing that algorithm with you. So now you're in a mix, right? So this is where the confidential computing comes into the picture. That algorithm provider can put that code inside a secure enclave. And that enclave can be deployed on his own infrastructure, on your on-prem infrastructure or any cloud provider using the machines or servers which are compatible with confidential computing. The algorithm provider here is protected because the code inside the enclave is not visible to anyone. It provides you kind of an abstraction where it serves a definite purpose. It accepts a certain type of input and gives you the output. But the code itself is not seen or is visible to anyone. And in terms of you, your data is protected because what you have done is you have encrypted the data using the private key, using the public key of that enclave and you have submitted that request to the application. Now any middle application or middleware application or any application in between will not be able to see your data all they get is encrypted data. That application, what all that application can do is forward that request over to the secured enclave and that enclave, once it reaches within the enclave, will use its private key to decrypt the data. So here your data starting from your organization or wherever your repository till it reached the enclave was protected using asymmetric encryption using the SSL security. And finally, when the data is within that enclave that is where it is decrypted and that is the only place where it is in decrypted form and used for processing. Now that data never leaves the secure enclave. That is the beauty of it. And if for some reason we have to save that data outside that enclave, it again gets encrypted using the public key and gets stored on the database outside the enclave. So during the whole process you have used asymmetric encryption and that asymmetric encryption is not new. And it has been, it is being used for a lot while now. But that new technology or the new aspect that confidential computing brought was till now you were using asymmetric encryption but that private key you have to trust you had to trust someone with that private key to keep your data secure. But with confidential computing that public private key peer is generated within that enclave and that public key is available for anyone but that private key never leaves that enclave. Not even for the owner of that cloud infrastructure or any infrastructure for that matter. And if you wanted, you can also get a remote attestation done on that enclave which will prove to you that this enclave is protected, that this enclave has all the right patches and the latest updates there and will also give you a hash so that you can compare at which you can compare against the hash of the code, that algorithm. So that is how your data, your code will remain secure and it would even allow multiple parties to send the data without sharing the data with each other. That is how what confidential computing can help you with. Until now, yes, your data was secure at rest, your data was secure during the motion, but this ensured that your data is protected during processing as well. It is protected from any hardware base servers as well. So this is all it on confidential computing. Now moving on, yeah, so we at HCL, we looked at this problem statement and we devised this, our electros, which basically talks about what should be the process and the solution hack. So here we will talk about the process. So this solution starts with, has basically four pillars, one voter registration, second, the purpose and candidate registration, the third step would be casting your ballots and fourth would be the tallying the votes. Now we will get deep into each of them. So we start with voter registration. So voters turn up at a booth where their biometrics get registered and those biometrics will be encrypted at source and will be stored on blockchain. So now if the voter record is on blockchain, it is immutable, but that biometrics are not seen by anyone, not even by anyone with access to that blockchain node, right? So that is what the security is at the first step. Now moving on to the second step, that would be purpose and candidate registration. So it is simple, for any voting there has to be a purpose and there would be candidate choices. It could be an annual general election for any state or a country. Or maybe you are voting on some choice for at your annual general meeting for any company, right? So your purpose and candidates, those are registered on blockchain. So they are available in readable format for anyone with access to the blockchain node. They are not encrypted. The third and important step would be, now that D has come and you will cast your ballot, you will let your choice know, right? In this case, this is actually a two step process. First, validation of the voter using the biometrics that we recorded at the first step. So voter will provide its biometrics now and they will be compared against the record on blockchain. If both of them match, that match is actually done within the secure enclave. And if they are a match, a voter is issued a token and that token can be used to cast the ballot. Now, if it is a valid voter, he would get that token. If it's not, then the token will not be issued or maybe the voter has already voted. Then the token will not be issued. The biometrics do not match. The token will not be issued. So there are various things that have been taken care of here. And if that token has been issued, he can cast that word, the voter can cast the ballot and that ballot again gets encrypted and gets stored on blockchain. So it serves multiple purposes. Now that you have voter records on blockchain, so you were secure there. Second, in case of the ballots, they are also there on the blockchain ledger. If there are candidates, if they want, they can create their own ledger. Sorry, they can have to create their own node and get that copy of the ledger. More the merrier, it would be better, the trust. And then finally on the day when you want to tell you the words, anyone with access to a chain code to the blockchain node with that chain code and access to the confidential computing secure Enclave can invoke that chain code, which in turn would start streaming the ballots that were recorded on blockchain over to the Enclave and Enclave will start counting. Now the ballots are in decrypted form within that Enclave only. So that means that is the only place where the counting can happen. And that Enclave has only one purpose, get the stream of records, count the ballots, give the results. So every time anyone invokes that chain code, it would give out the same results and everyone had a blockchain node. So they can't really say that, you know, the votes have been tampered with. They have the secure Enclave. So that means the counting logic is correct. So that is where, you know, this solution will give them a great advantage, right? Now moving on to the next slide. So we actually did a solution hack. So we created the solution as a hack. So there were certain, you know, there were key components that were used. First of all, you know, you would need biometric devices to record the biometrics of the voters. Second, you would need a immutable ledger where we use hyper ledger fabric. You would need a secure Enclave. So that is where, you know, confidential computing came into picture. And obviously, you know, it uses asymmetric encryption. So every ballot was, you know, encrypted using the public key of the Enclave. It was only decrypted within the Enclave with its private key, right? Another component you would need is, you know, Kubernetes, you know, it's port and container management for the hyper ledger fabric blockchain for your business layer that could be, you know, anywhere in between or from the user in the purpose of user interface. User interface, you know, it could be a registration portal where you register the candidates and stuff. And probably from where you are invoking the chain code, right? That is your registration portal in UI. And also, you know, your special purpose EVMs, which would accept, you know, which would request for that token, which would, you know, encode your ballot and, you know, encrypted using the public key. So it would be special purpose EVM, you know, built, right? So that is what, you know, you would need. So these are the basic components. Obviously, you know, you can, there are certain other components which you can have, like, you know, you're testing out for testing out your API, checking the performance, so there are certain other things that you can have, right? So that was a solution hack that we did. So moving on, you know, to the next slide, you know, here, you know, we will talk about the benefits and the limitations of this solution. So in terms of benefits, obviously, you know, we are using blockchain. So your records, you know, voter records are immutable. We are using a symmetric encryption to record them on that ledger. So they are safe as well. And, you know, again, you know, for voter, you know, ballots, they are again encrypted and stored on blockchain. So tamper proofing is covered, your immutability is covered. Next part would be, you know, anyone with a, you know, anyone can set up a note. Obviously, you know, the more the number of notes, the, you know, the better the trust is. So you can have, you know, introduce a number of notes. Anyone, you know, if a candidate wants it, they can get it. If a government agency wants it, they can get it so anyone can get a note. And there is no harm because the data, they can, they have access to the data. They, you know, participate in the consensus, but they do not have that knowledge of, you know, that record that what is that ballot? Who casted this ballot and for whom they don't have that knowledge, right? Next step would be, you know, counting can be invoked using a smart contract. So we all believe in the chain quotes in smart contract and, you know, the block, the power of blockchain. So anyone, any authorized user can invoke that smart contract and do the counting. You can do counting multiple times if you wanted. The result would, you know, be the same. And, you know, obviously confidential computing will ensure that data or the count is only decrepit within the enclave. The counting happens within the enclave and the persistent result is given. So these are the benefits. In terms of limitations, obviously, we are talking about substantial investment that would be needed to build those, you know, special devices, you know, EVM devices, which can encrypt that data, send it, you know, interact with blockchain and confidential computing, right? Next, you know, it would need concentrations and approval from appropriate authorities, you know, because, you know, there would be government authorities and, you know, legalities involved, risk involved. Obviously, it would have a, you know, longer evaluation period and implementation process. And, you know, finally, you know, obviously the technology is new. So people have been using, you know, have started using this, but there are limited, you know, success stories available in public domain. The success stories are there, but in public domain, you know, there are, you know, limited number of success stories available. So I guess those will be, you know, the benefits and limitations. And, you know, in terms of, you know, the takeaways, for that, you know, I will hand it over to, you know, Shivendra, you know, with whom, you know, we will go over the takeaways and understand, you know, the final conclusion. Over to you, Shivendra. Okay, so thank you, Vikram, for enlightening us, you know, on this topic. So guys, the simple, you know, two, three takeaways are that, you know, the complete process, you know, reduces the manual intervention, because even if you look at from a voter's standpoint, matching that entity with the database, putting that entity onto the blockchain system, then, you know, processing the votes, everything is happening using an automated system. And that is the whole intervention. That is the whole intent of doing this. The problem here is that, you know, obviously, as Vikram pointed out, that there are limited success stories. And there is obviously an investment required to change the whole process, because we need probably special types of EVMs, right? Electronic voting machines, which understands this process, or which gels well with this, you know, new solution. So these are some of the investments, obviously, which is, which are required. Then obviously it enhances the trust in the system. So generally, in the process of elections, people do not trust elections because they feel that, you know, sometimes they lack transparency, because they do not know, you know, who they voted for and whether the vote has gone to that particular candidate or not. So it basically will enhance trust in the system, because it is transitioning more towards technology. So there is more transparency it gives to various authorities, to various people, right? So it enhances trust. Then obviously it enhances more, you know, security of data because casting the votes is such a system that you don't want it to be hacked or be tempered with. Also, data as rest is obviously covered using various encryption methods on the storage. Data in transit is also covered using SSL or different methods we do, while we transfer the data from one place to another. But data in processing is something which has not been covered by any technology at this point in time. So whenever data comes into the memory, it is most vulnerable because that is where, you know, data can be tampered with, right? So using confidential computing, obviously we are securing the data in use or data in processing. So with confidential computing along with encryption and along with SSL encryption for data transfers, we are actually creating a 360 degree security for the data. And that is the beauty of the solution that it has immutability, it has a cryptography, it has data at rest, everything. In one place, obviously there is investment required. So this concludes our session. So let us know whether you like it, what are the feedbacks, comments, suggestions. We are happy to take it. Any questions you have? So this actually concludes our session. Thank you. Thank you so much for your time. Thank you. Thank you, everyone. Feel free to ask questions and do feel free to reach out to us. So we are available on this session for another few minutes. And or otherwise you can reach out to us at LinkedIn. So I'm Vikram Sarma, Senior Blockchain Architect at HCL and you can also reach out to Shivendra. He's our product lead at HCL Technologies. All right, so let's wait for a couple of minutes in case anyone has any questions.