Wouldn’t it be nice if there were companies that are owned by humanity in the sense that they are managed by democratic decisions where every person in the world has one equally weighted vote?
Here, various aspects of this idea can be discussed in detail.
One day f my favorite stories is Estonia tried this. For "security" they had a video camera looking at the server and posted it live on the web. Now, that shouldn't matter since most attacks would come over the internet, not visible on the camera but that's not the fun part...
If you looked past the computer and onto the whiteboard behind it, the wifi password was written and broadcasted for the world to see.
Hash a key against the person's full name, date of birth, and social security number or equivalent in a public/private pair. This assumes a valid way of issuing a key to the correct person.
It would probably be better to chip IDs like with credit cards and incorporate a trusted protection module where no one has access to the embedded key. I haven't thought this through about the potential implications, but they are likely vast.
The TPM chip is how secure boot on computers works, and how Graphene OS is able to send secure OTA updates to devices.
The chip itself just handles encryption, where a secret hard coded key is set in a register that cannot be read by the accessible communications interfaces. Instead it creates additional keys that are hashed from the secret key. It can then verify if information was hashed by a key that was computed from the secret key. It is intended to resolve the issue of storing keys and the issue of the private key existing in plain text form at some point on a computer that may be compromised.
It would be absolutely essential that the distribution of these chips is randomized and anonymous. In theory, the secret key could be tracked from time of manufacture in the fab through to end user.
The insidious use case of TPM in personal computers is that software could be installed that then uses the TPM to make a new encrypted communication path to an external server. You would still see the DNS record with web 2.0, but with web 3.0 you implicitly trust in a way that means you may only see a connection to somewhere like google or amazon, but they could open up and forward that connection to any third party without you getting a DNS record of the connection. Under this circumstance, the TPM could be used without any record visible on your device. At least that is how I understand ECH and why the primary server connection has always remained visible in DNS records up until now.
At some point someone has to distribute those keys. And of course you have to have an entire organization just for this purpose. How do you stop one branch of the organization that is assigned to a geographical location from just issuing double the keys it should, and keeping them for voting many times in a way that favours them?
ID implies it is tied to birth certificate. There would not be any additional administration. You just log onto a website and use your (likely raw card edge based USB interface) ID to vote. The encrypted keys are then passed between ID card and government server. This encryption is then hashed against all other hashes present to confirm that an existing vote hash does not match the new hash. If it does, you would be flagged immediately and detained for probable voter fraud while the issue is sorted out to be sure there was not a random error. The entire thing is automated no different than existing ID, and voting infrastructure. The only change is to adopt the same type of system credit cards presently use with integrated chips. That is a well proven and automated system. ID cards would cost around $0.50-$1.00 more per person. Digital infrastructure would displace the current voting systems, but that would have a massive reduction in labor, cost, and complexity as a result.
That's just delaying the problem by one step. Now change "key" in my previous comment for "birth certificate"