Token-curated registries (TCRs) are a mechanism by which a set of users are able to jointly curate a reputable list about real-world information. Entries in the registry may have any form, so this primitive has been proposed for use—and deployed—in a variety of decentralized applications, ranging from the simple joint creation of lists to helping to prevent the spread of misinformation online. Despite this interest, the security of this primitive is not well understood, and indeed existing constructions do not achieve strong or provable notions of security or privacy. In this paper, we provide a formal cryptographic treatment of TCRs as well as a construction that provably hides the votes cast by individual curators. Along the way, we provide a model and proof of security for an underlying voting scheme, which may be of independent interest. We also demonstrate, via an implementation and evaluation, that our construction is practical enough to be deployed even on a constrained decentralized platform like Ethereum.
If the inline PDF is not rendering correctly, you can download the PDF file here.
 B. Adida. Helios: Web-based open-audit voting. In P. C. van Oorschot, editor, USENIX Security 2008, pages 335–348, San Jose, CA, USA, July 28 – Aug. 1, 2008. USENIX Association.
 F. Bao, R. H. Deng, and H. Zhu. Variations of Diffie-Hellman problem. In S. Qing, D. Gollmann, and J. Zhou, editors, ICICS 03, volume 2836 of LNCS, pages 301–312, Huhehaote, China, Oct. 10–13, 2003. Springer, Heidelberg, Germany.
 M. Bellare and P. Rogaway. The security of triple encryption and a framework for code-based game-playing proofs. In S. Vaudenay, editor, EUROCRYPT 2006, volume 4004 of LNCS, pages 409–426, St. Petersburg, Russia, May 28 – June 1, 2006. Springer, Heidelberg, Germany.
 J. D. C. Benaloh. Verifiable Secret-Ballot Elections. PhD thesis, Yale University, 1987.
 D. Bernhard, V. Cortier, D. Galindo, O. Pereira, and B. Warinschi. SoK: A comprehensive analysis of game-based ballot privacy definitions. In 2015 IEEE Symposium on Security and Privacy, pages 499–516, San Jose, CA, USA, May 17–21, 2015. IEEE Computer Society Press.
 A. Fiat and A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. M. Odlyzko, editor, CRYPTO’86, volume 263 of LNCS, pages 186–194, Santa Barbara, CA, USA, Aug. 1987. Springer, Heidelberg, Germany.
 J. Groth. Efficient maximal privacy in boardroom voting and anonymous broadcast. In A. Juels, editor, FC 2004, volume 3110 of LNCS, pages 90–104, Key West, USA, Feb. 9–12, 2004. Springer, Heidelberg, Germany.
 J. Groth and M. Kohlweiss. One-out-of-many proofs: Or how to leak a secret and spend a coin. In E. Oswald and M. Fischlin, editors, EUROCRYPT 2015, Part II, volume 9057 of LNCS, pages 253–280, Sofia, Bulgaria, Apr. 26–30, 2015. Springer, Heidelberg, Germany.
 F. Hao, P. Y. A. Ryan, and P. Zielinski. Anonymous voting by two-round public discussion. IET Information Security, 4:62–67(5), June 2010.
 B. Hemenway Falk and G. Tsoukalas. Token-weighted crowdsourcing, Dec. 2018. The Wharton School Research Paper.
 A. Kiayias and M. Yung. Self-tallying elections and perfect ballot secrecy. In D. Naccache and P. Paillier, editors, PKC 2002, volume 2274 of LNCS, pages 141–158, Paris, France, Feb. 12–14, 2002. Springer, Heidelberg, Germany.
 P. McCorry, S. F. Shahandashti, and F. Hao. A smart contract for boardroom voting with maximum voter privacy. In A. Kiayias, editor, FC 2017, volume 10322 of LNCS, pages 357–375, Sliema, Malta, Apr. 3–7, 2017. Springer, Heidelberg, Germany.
 H. Ritzdorf, K. Wüst, A. Gervais, G. Felley, and S. Capkun. TLS-N: Non-repudiation over TLS enablign ubiquitous content signing. In NDSS 2018, San Diego, CA, USA, Feb. 18-21, 2018. The Internet Society.
 F. Zhang, E. Cecchetti, K. Croman, A. Juels, and E. Shi. Town crier: An authenticated data feed for smart contracts. In E. R. Weippl, S. Katzenbeisser, C. Kruegel, A. C. Myers, and S. Halevi, editors, ACM CCS 2016, pages 270–282, Vienna, Austria, Oct. 24–28, 2016. ACM Press.