Table of Contents

• Executive Summary
• The Opportunity in U.S. Election Technology
• The Federal Regulatory and Certification Gauntlet: Navigating VVSG 2.0
• The Governance Triad: Understanding the Roles of HAVA, the EAC, and NIST
• A Deep Dive into VVSG 2.0: Core Principles and Mandates
• Mandate 1: Enhanced Security
• Multi-Factor Authentication (MFA):
• Cryptographic Protection and System Integrity:
• Air-Gapping and Wireless Restrictions:
• Supply Chain Risk Management (SCRM):
• Mandate 2: Robust Auditability
• Support for Risk-Limiting Audits (RLAs):
• Voter-Verifiable Paper Audit Trail (VVPAT):
• Interoperable Data Formats:
• Mandate 3: Comprehensive Accessibility and Usability
• Equivalent and Consistent Voter Access:
• VVSG 2.0 Requirement for a Digital/Blockchain System Authentication Mandatory two-factor authentication for critical operations and administrator accounts.
• The Critical Threat Landscape: Establishing the Need for a Superior Solution.
• Key documented attack vectors
• The Blockchain Paradox: Deconstructing the Hype and Addressing Core Criticisms
• Mapping the Path to Capital
• Funding requires a two-pronged strategy: Secure R&D grants as seed capital, but design for the primary market—state procurement funded by HAVA grants.
• Funding Sources: Scale & Purpose Direct R&D grants like SBIR are for seed funding and de-risking technology. HAVA grants represent the actual procurement market where states purchase certified systems.
• The Strategic Role of SBIR Grants
• Building the Right Team and Partnerships
• A Strategic Blueprint for a Winning Grant Proposal
• Works Cited

This Technical White Paper includes a Strategic Analysis of Digital and Blockchain-Based Election Systems for Market Entry and Funding for your review.

Privileged/Confidential information may be contained in this message and may be subject to legal license. Access to this document by anyone other than the intended is expressly unauthorized. If you are not the intended recipient (or responsible for delivery of the message to such person), you may not use, copy, distribute, or deliver to anyone this message (or any part of its contents ) or take any action in reliance on it. 

Original Documentation and Analysis – Strategic Analysis for Market Entry and Funding: Digital and Blockchain-Based Election Systemswas prepared by Josh Banks, and then Developed into a Technical White paper by Michael Noel and the DeReticular Team.

Named Data Home Repository DeReticular/Confidential

DeReticular @hash56 djYh6JGT5DBHnwbdj9olqj6he534wn99ND57br3uj4;-0O,DDhnsh5gkenecklncnkjnkk 793ml

The United States election technology market is a highly regulated, risk-averse ecosystem governed by a complex framework of federal law, independent commissions, and technical standards bodies. What could possibly go wrong? Michael Noel – Founder DeReticular

Executive Summary

The Opportunity in U.S. Election Technology

A strategic overview for innovators seeking to secure, modernize, and fund the next generation of voting systems.

A Market Primed for Change $1,000,000,000+ in HAVA Election Security Grants appropriated by Congress since 2018, driving state-level procurement of new, secure, and accessible voting systems.

The Regulatory Gauntlet – Success is not just about technology; it’s about compliance. The U.S. election market is governed by a triad of entities whose standards are the barrier and key to entry.

HAVA (2002) the Law: Mandates federal standards and authorizes funding for states to buy compliant technology.

EACH The Commission: Implements HAVA, develops VVSG guidelines, and provides federal certification.

NIST The Technical Expert: Provides the scientific foundation and drafts the technical guidelines for the EAC. Any new system must satisfy the technical requirements developed by NIST, adopted by the EAC, and funded for procurement by HAVA.

The VVSG 2.0 Revolution Adopted in 2021, the Voluntary Voting System Guidelines 2.0 is a monumental update. As of late 2023, it is the only standard for new systems, creating a rare window of opportunity for “VVSG 2.0-native” platforms.

Core Principles of VVSG 2.0 VVSG 2.0 is structured around high-level principles, demanding a holistic design philosophy. This chart illustrates the focus areas of its key mandates.

Non-Negotiable Mandates A system failing any of these core mandates is commercially non-viable. The chart highlights the relative implementation complexity and impact of these foundational requirements.

The Critical Threat Landscape A successful grant proposal must solve real problems. A new system must be a direct response to the documented vulnerabilities that erode public trust in the current election infrastructure.

💻Malicious Software Installation

Vulnerabilities in incumbent systems could allow an attacker with brief physical access or remote access via the EMS to install vote-altering malware.

💾Removable Media Manipulation

Compromised USB drives or memory cards used to configure machines or transport results can propagate malicious code throughout an entire election system.

📄Ballot Layout Compromise

Attackers have demonstrated the ability to alter ballot definition files, swapping vote counts between candidates without triggering system integrity alerts.

█QR/Barcode Vulnerabilities

A voter cannot verify that a machine-readable code accurately reflects their human-readable choices, creating a critical disconnect between voter intent and the tabulated vote.

🔗Supply Chain Risks (SCRM)

Without rigorous SCRM, compromised hardware or software components can be introduced into the system before it is ever deployed, as required by VVSG 2.0.

🧑‍🔧Operational Security Failures

Risks often stem from human error, such as failing to install security patches or improperly connecting machines to the internet. Systems need better guardrails.

The Blockchain Paradox

The “blockchain” label invites intense scrutiny from the election security community. A credible proposal must proactively address expert criticisms with sophisticated, specific mitigations, not hype.

Expert CriticismRequired Mitigation in System Design

Lack of Coercion Resistance: A voter must not be able to prove how they voted to a third party. Incorporate an advanced coercion mitigation strategy, such as a re-voting mechanism or complex cryptography (e.g., MPC) to break the provable link.

Lack of True Anonymity: Public blockchains are transparent, which is incompatible with the secret ballot. Detail how the architecture severs the link between voter identity and ballot, likely using anonymous credentials or zero-knowledge proofs.

Vulnerability to Client-Side Malware: Malware on a voter’s device can alter a vote before it reaches the blockchain. Acknowledge this limitation and make the Voter-Verifiable Paper Audit Trail (VVPAT) the authoritative record for any audit or recount.

Scalability & Performance Issues: Public blockchains are too slow for large-scale elections. Specify the use of a private, permissioned distributed ledger architecture designed for high transaction throughput, not a public chain.

Mapping the Path to Capital

Funding requires a two-pronged strategy: Secure R&D grants as seed capital, but design for the primary market—state procurement funded by HAVA grants.

Funding Sources: Scale & Purpose

Direct R&D grants like SBIR are for seed funding and de-risking technology. HAVA grants represent the actual procurement market where states purchase certified systems.

The Strategic Role of SBIR Grants

An SBIR grant is not the end goal. It is a bridge.

• ✔
• De-Risk Technology: Use funds to build a prototype and achieve key VVSG 2.0 milestones.
• ✔
• Build Credibility: A federal grant award provides validation for investors and election officials.
• ✔
• Attract Follow-on Funding: A successful Phase I/II positions the company to attract larger venture capital for the expensive certification and commercialization process.

Frame SBIR proposals around broad agency needs (e.g., DHS “Critical Infrastructure Security”) using a voting system as the high-stakes test case.

————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————————

The Federal Regulatory and Certification Gauntlet: Navigating VVSG 2.0

For any new entrant, particularly one developing a novel digital or blockchain-based voting system, a deep and functional understanding of

this regulatory gauntlet is the absolute prerequisite for both securing funding and achieving commercial viability.

The central challenge is not merely to build a technologically superior product, but to build a product that is demonstrably compliant with the stringent, non-negotiable standards that define the market.

Failure to align a development roadmap with these standards from day one will render any technology, no matter how innovative, commercially DOA in the public election industry.

The Governance Triad:

Understanding the Roles of HAVA, the EAC, and NIST

The modern regulatory framework for U.S. voting systems is built upon the interplay of three key entities, each with a distinct and critical role.

First, the Help America Vote Act of 2002 (HAVA) serves as the foundational legislation. Enacted in response to the challenges of the 2000 presidential election, HAVA established the U.S. Election Assistance Commission (EAC) and mandated the creation of federal guidelines to govern voting systems.

Critically for technology developers, HAVA also authorized federal funding to help states meet the law’s requirements, creating the primary financial mechanism through which states procure new election technology. This establishes a direct link between federal standards and state purchasing power.

Second, the U.S. Election Assistance Commission (EAC) is the independent, bipartisan federal agency charged with implementing HAVA mandates. Its most significant function in this context is the development, maintenance, and formal adoption of the Voluntary Voting System Guidelines (VVSG).

The EAC also accredits the independent Voting System Test Laboratories (VSTLs) that test systems against the VVSG and, upon successful testing, grants federal certification.

While adherence to the VVSG is technically voluntary at the federal level, the EAC certification program is designed as a crucial service to states, and many states have adopted EAC certification as a mandatory requirement in their laws, making it a de facto national standard.

Third, the National Institute of Standards and Technology (NIST) provides the deep technical and scientific expertise that underpins the VVSG. The NIST Director chairs the Technical Guidelines Development Committee (TGDC), the body that develops the draft versions of the VVSG for the EAC’s consideration.

NIST’s role ensures that the guidelines are grounded in state-of-the-art principles of cybersecurity, human factors engineering, accessibility, and interoperability. The close collaboration between the EAC and NIST signals to the market that the VVSG are not arbitrary bureaucratic rules but rigorous technical standards reflecting the latest understanding of election security and technology best practices.

For a company seeking to enter this market, it must address what is defined by this triad. The need is for a system that can be proven to meet the technical standards developed by NIST, adopted by the EAC, and funded for procurement by HAVA.

A Deep Dive into VVSG 2.0: Core Principles and Mandates

The most significant development in the election technology landscape is the transition to the Voluntary Voting System Guidelines Version 2.0 (VVSG 2.0). Adopted by the EAC in February 2021, VVSG 2.0 represents a paradigm shift from its predecessors. It is not a minor revision, but rather a complete rewrite, designed to replace decades-old voting machines with systems that reflect modern security and technology expectations.

This means any new system seeking to enter the market must be designed from the ground up to meet the VVSG 2.0 requirements.

While states are not required to immediately replace their existing systems any future procurement cycles will be overwhelmingly driven by the capabilities and security assurances offered by VVSG 2.0-certified systems. This transition creates a rare window of opportunity. The high bar set by VVSG 2.0 requires even incumbent vendors to undertake a comprehensive overhaul of their legacy systems.

A new entrant building a VVSG 2.0-native architecture may possess a significant advantage over established players attempting to retrofit outdated platforms. VVSG 2.0 departs from the structure of previous versions by being organized around 15 high-level principles, forcing developers to adopt a holistic design philosophy that considers the entire election lifecycle, from ballot layout and system configuration to auditing and results management. Within this framework, several mandates are of paramount importance for any digital or blockchain-based system.

Mandate 1: Enhanced Security VVSG 2.0 introduces a raft of modern cybersecurity requirements that are non-negotiable.

Multi-Factor Authentication (MFA): Two-factor authentication is now explicitly mandated for all privileged administrator accounts and for performing critical voting operations. This is a direct response to the threat of compromised credentials. NIST guidance further clarifies that because voting systems must be air-gapped, this MFA must be implemented in an offline capacity, without reliance on networked services like email or SMS for authentication codes.

Cryptographic Protection and System Integrity: The guidelines demand robust, end-to-end cryptographic protection for all sensitive election data, including ballots and audit logs. They also introduce new requirements for system integrity that reflect modern cybersecurity best practices, such as secure system configurations, system hardening to reduce the attack surface, runtime integrity monitoring to detect unauthorized changes, and the use of exploit mitigation techniques. This addresses a key weakness of older systems, where superficial applications of cryptography create a false sense of security.

Air-Gapping and Wireless Restrictions: To severely limit the potential attack surface, VVSG 2.0 mandates that the core voting system must be air-gapped—physically and electronically isolated—from other systems like electronic poll books or election night reporting systems, and especially from the public internet. The use of any wireless communication technology is also heavily restricted and scrutinized.

This poses a fundamental architectural challenge for any system, like some blockchain models, that presumes network connectivity.

Supply Chain Risk Management (SCRM): Reflecting the growing awareness of threats like the SolarWinds breach, the guidelines now formally require vendors to have processes for conducting risk assessments and managing the security of their hardware and software supply chains. This means a vendor must be able to account for the provenance and integrity of all components in their system.

Mandate 2: Robust Auditability The ability to independently verify that votes were recorded and tallied correctly is a cornerstone of public trust and a central theme of VVSG 2.0.

Support for Risk-Limiting Audits (RLAs): The guidelines require that voting systems be designed to support various types of post-election audits, with a particular emphasis on RLAs. An RLA is a statistical method that involves manually checking a sample of paper ballots to provide strong confidence that the reported electronic outcome is correct. This is now widely considered a best practice in election security. A system must be able to facilitate this process, for example, by linking every electronic cast-vote record to a unique physical ballot.

Voter-Verifiable Paper Audit Trail (VVPAT): The expert consensus is

unequivocal: the single most important security feature for any electronic voting system is the creation of a physical, voter-verifiable paper record of the vote. This paper record serves as the authoritative basis for any manual recount or audit, providing a defense against undetectable electronic tampering. The VVSG framework has long included requirements for VVPATs on direct-recording electronic (DRE) machines.

Any new digital system, blockchain-based or otherwise, that does not produce a physical, voter-verifiable paper record is fundamentally non-compliant with this core security principle and will be considered

non-viable by election officials and security experts.

Interoperable Data Formats: To enhance transparency and simplify the auditing process, VVSG 2.0 requires systems to be capable of exporting election data using standardized, non-proprietary common data formats developed with NIST. This allows election officials and independent auditors to work with the data without being locked into a single vendor’s proprietary software.

Mandate 3: Comprehensive Accessibility and Usability HAVA mandates that voting systems be accessible to all voters, and VVSG 2.0 significantly expands and modernizes these requirements.

Equivalent and Consistent Voter Access:

A core principle of the new guidelines is that all voters, regardless of their physical or cognitive abilities, must be able to access and use the voting system with the same level of privacy and independence as any other voter. This includes specific considerations for voters with vision, hearing, dexterity, and mobility impairments. Formal Usability Testing: VVSG 2.0 moves beyond mere technical compliance and requires formal usability testing with representative groups of both voters and election workers.

The system must be proven to be intuitive and efficient to set up,

operate in a polling place, and shut down. This testing must also cover the usability of security features; for example, an MFA implementation that is too confusing for temporary poll workers to use correctly would fail certification.

The following table summarizes these key mandates and their direct implications for a digital or blockchain-based system design, serving as a foundational checklist for development and proposal writing.

VVSG 2.0 Mandate Area Specific Requirement Implication for a

Digital/Blockchain System Authentication Mandatory two-factor

authentication for critical operations and administrator

accounts. The MFA solution must be designed for an offline, air-gapped environment. It cannot rely on networked communication like email, SMS, or push notifications. Authentication factors must be self-contained within the local election system.

System Integrity The core voting system must be air-gapped from external networks, including the Internet. A blockchain or distributed ledger component cannot communicate with any external node or the internet during the voting and tabulation process. Any distributed architecture must operate on a closed, physically secured local network.

Auditability The system must produce a voter-verifiable paper audit trail.

The system must include a printer component (VVPAT) that serves as the authoritative record for audits and generates a human-readable paper ballot. The voter must be able to review this paper record and confirm it is correct before the vote is officially cast. The digital record is secondary to this physical artifact. Auditability The system must be designed to support Risk-Limiting Audits (RLAs). The system must be able to generate a unique identifier for each ballot that links the electronic cast-vote record to its corresponding physical paper ballot, allowing for the manual retrieval and examination required by an RLA.

Accessibility The system must provide equivalent access for voters with disabilities, allowing them to vote privately and independently. The user interface must support multiple modes of interaction (e.g., audio, and tactile controls) and be compatible with common assistive technologies. The design must undergo formal testing with users with a range of disabilities.

Data Interoperability The system must be able to import and export election data using non-proprietary common data formats. The systems database or ledger must be able to output all necessary data (ballot definitions, cast-vote records, results) in the specified

common formats, in addition to any native formats used internally.

The Path to Market: The VSTL Certification Process

Achieving EAC certification is the formal gateway to the U.S. election technology market. This process is not a simple check-the-box exercise; it is a rigorous, lengthy, and expensive undertaking performed by an EAC-accredited Voting System Test Laboratory (VSTL).

The process begins with the vendor submitting a comprehensive Technical Data Package (TDP). This package contains exhaustive documentation on every aspect of the system, including source code, hardware schematics, security protocols, and quality assurance practices.

The VSTL then subjects the system to a battery of tests designed

to verify conformance with every applicable requirement in the VVSG 2.0 and its associated test assertions. This includes functional testing, hardware environmental testing, software code review, and extensive security penetration testing, as well as the newly enhanced usability and accessibility tests.

The difficulty of this process cannot be overstated.

As of late 2022, VSTLs were fully accredited and ready to begin testing systems against the VVSG 2.0 standard. However, as of April 2025, reports indicated that not a single voting system from any vendor, incumbent or new, had yet to achieve full certification to VVSG 2.0. This

highlights the profound technical challenge involved and underscores the market opportunity for the first company that can successfully navigate this process.

A grant proposal that demonstrates a clear understanding of the VSTL process and presents a credible roadmap and budget for achieving certification will be viewed as far more serious and commercially aware than one that focuses only on technology development.

The Critical Threat Landscape: Establishing the Need for a Superior Solution.

A successful grant proposal must do more than promise compliance with standards; it must articulate a compelling need for a new solution by demonstrating a deep understanding of the problems it intends to solve. In the election technology space, this means confronting the well-documented security vulnerabilities of both current and proposed systems. A proposal that can frame its technology as a direct, credible, and targeted mitigation for these known threats will establish a powerful justification for funding.

Anatomy of Failure: Documented Vulnerabilities in Incumbent Electronic Voting Systems – Despite the use of cryptographic checks and other security measures, independent security researchers and court-ordered expert analyses have repeatedly identified serious vulnerabilities in the electronic voting systems currently in use across the United States.

While there is no widespread public evidence that these flaws have been exploited to change an election outcome that we can legally point to, their existence represents a significant risk and erodes the public trust that is essential for a functioning democracy. Any new system must be designed to specifically prevent these and similar classes of attacks.

Key documented attack vectors include:

Malicious Software Installation: Experts have demonstrated that vulnerabilities in widely used systems, such as those from Dominion Voting Systems, could allow an attacker to install malicious software.

This software could be designed to alter vote totals, miss-record voter selections, or shut down machines. Such an attack could be carried out with brief physical access to a machine in a polling place or, more

alarmingly, remotely through the centralized Election Management System (EMS) that communicates with all machines in a jurisdiction.

Manipulation of Removable Media: Voting machines are typically configured for each election using removable memory devices like USB drives or proprietary cards. These devices are also used to transport vote totals from the polling place back to a central tabulation center. This process has been identified as a major source of vulnerability. A compromised memory card could be used to introduce malicious code or erroneous configuration files to a voting machine, and a compromised machine could in turn write corrupted results back to the card,

allowing a vulnerability to propagate throughout an entire election system.

Compromising the Ballot Layout (Slate): Researchers have demonstrated sophisticated attacks that do not require modifying the core operating system of a voting machine. By exploiting flaws in how the system checks the integrity of files that define the ballot’s visual layout, attackers were able to swap the vote counts between two candidates or completely erase one candidate’s name from the ballot, all without triggering the system’s cryptographic integrity alerts.

QR Code and Barcode Vulnerabilities: Some modern systems that produce a paper record use a QR code or barcode to store the voter’s selections for machine tabulation. While the paper also includes human-readable text of the choices, the the voter has no way to verify that the machine-readable code accurately reflects their intent. A vulnerability discovered by Professor J. Alex Halderman in Georgias Dominion machines showed it was possible for a hacker to change the votes

encoded in the barcode, meaning the vote counted by the scanner could differ from the vote the voter saw on the paper. This fundamental disconnect between what the voter verifies and what the machine counts is a critical security flaw.

Failures in Basic Cybersecurity Hygiene: Beyond specific software flaws, many Risks stem from operational failures, such as election officials failing to install critical security patches provided by the vendor, improperly connecting machines to the internet, or failing to maintain a secure chain of custody for equipment.

Georgia officials, for example, declined to implement a patch for the vulnerabilities Halderman discovered before the 2024 election. A new system should be designed with guardrails that make such human errors less likely or their impact less severe. A grant proposal should not be abstract about security. It should be structured as a direct response to this catalog of documented failures. The narrative must shift from a technology-first pitch ( We are building a blockchain voting system) to a problem-first justification. Current systems are vulnerable to vote-altering malware via the EMS and unpatched software. Our proposed system mitigates this with a cryptographically signed, read-only operating system and a secure boot process that prevents unauthorized modifications, directly addressing the flaws identified in the Halderman report. This approach demonstrates market awareness and a focus on solving real, high-stakes problems.

The Blockchain Paradox: Deconstructing the Hype and Addressing Core Criticisms –

For a team developing a blockchain-based system, it is imperative to proactively and honestly confront the deep skepticism and well-documented criticisms of this technology within the election security community. A naive proposal that promotes blockchain as a security panacea will be immediately dismissed by informed reviewers at agencies like NIST, DHS, or the EAC. The blockchain label is a double-edged sword; it can attract attention but also invites intense scrutiny. A near-universal consensus among computer security experts, including the National Academy of Sciences, researchers at MIT, and prominent figures in the blockchain space like Vitalik Buterin, concludes that applying blockchain technology to public elections is fraught with peril and does not solve the most difficult security challenges. A credible proposal must acknowledge these criticisms and present specific, sophisticated mitigations.

The primary criticisms fall into several categories:

Fundamental Mismatches with Election Requirements:

Privacy vs. Transparency: The hallmark of most blockchains is Transparency—an immutable public ledger that anyone can inspect. This is the antithesis of the secret ballot. While votes can be encrypted before being placed on a chain, this introduces significant complexity and new potential points of failure. The core requirement is not just to encrypt the vote, but to permanently break the link between a voter’s identity and their specific ballot.

Coercion Resistance: This is a subtle but critical requirement that many naive blockchain voting designs violate. A voting system must ensure that a voter cannot prove how they voted to a third party. This is essential to prevent vote-buying (where a buyer demands proof of a vote) and coercion (where a coercer demands proof of compliance). A simple blockchain system that gives a voter a cryptographic receipt for their specific vote directly enables coercion. Advanced cryptographic techniques like multi-party computation (MPC) for tallying or protocols that allow a voter to cast a new ballot that overrides their previous one can be used to address this, but they are highly complex and not

inherent features of blockchain technology.

The Unsolved Client-Side Threat: The most significant vulnerability of any internet-based voting scheme, blockchain or otherwise, exists on the voter’s own device. Malware on a voter’s personal computer or smartphone, potentially distributed by a nation-state adversary, can intercept and alter their vote before it is ever transmitted to the election server or blockchain. The blockchain would then immutably record the fraudulent vote, providing a false sense of integrity. As the National Academy of Sciences concluded blockchains do not redress the fundamental security issues associated with internet voting.

Technical and Practical Barriers: Public blockchains are known to have

significant scalability limitations, with consensus mechanisms that are too slow and computationally expensive to handle the transaction volume of a national election. Furthermore, integrating a novel blockchain-based system into the complex existing infrastructure of state and local election administration presents enormous technical and logistical challenges.

The Cautionary Tale of Voatz:

The mobile voting application Voatz, which used a blockchain backend, was deployed for a limited number of voters in West Virginia and other jurisdictions. It was heavily promoted as a secure, modern solution. However, a 2020 analysis by MIT researchers uncovered a string of critical security vulnerabilities. These flaws could allow a passive network attacker to determine how a user voted and raise serious privacy concerns about the use of third-party vendors for identity verification that failed under scrutiny.

A strategic proposal will not hide from these criticisms. It will de-emphasize the buzzword blockchain and instead, focus on the specific capabilities of the underlying technology provided, framed in the language of VVSG 2.0. For example, instead of saying votes are stored on the blockchain, the proposal should state, that a cryptographically secured, distributed, and tamper-evident ledger provides a complete and auditable record of all system operations, ensuring the integrity of the vote tally as required by VVSG 2.0.

The proposal must also include a dedicated section that directly addresses the major criticisms, as outlined in the table below. This demonstrates a level of sophistication and honesty that builds credibility with reviewers.

Blockchain Voting Systems – Expert Criticisms and Required Mitigations

Expert Criticism:

Lack of Coercion Resistance. A voter must not be able to prove how they voted to a third party to prevent vote-buying and coercion. Simple blockchain receipts violate this principle. Sources: 23 )

Required Mitigation in System Design Proposal: The protocol must incorporate an advanced coercion mitigation strategy. This could be a re-voting mechanism where a voter can cast a new ballot at a secure location (e.g., a polling place) that invalidates any previously cast remote ballot. Alternatively, it could involve complex cryptographic schemes like those using multi-party computation (MPC) for tallying, which is designed to break the provable link between a voter and their vote. The proposal must detail this specific mechanism.

Expert Criticism: Lack of True Privacy/Anonymity. Public blockchains are transparent, which is incompatible with the secret ballot. Encrypting votes is not enough; the link between the voter’s identity and their ballot must be permanently broken. (Sources: 23 ) The system architecture must explicitly detail how it severs the link between voter authentication and ballot casting. This typically involves the use of anonymous credentials or tokens and advanced cryptography like zero-knowledge proofs, which can prove a ballot is valid without revealing any information about the voter who cast it. The proposal must explain this cryptographic process in detail.

Expert Criticism: Vulnerability to Client-Side Malware. The system is insecure if the voter’s own device (PC, phone) is compromised. Malware can change the vote before it ever reaches the secure backend, rendering the blockchain’s integrity moot. (Sources: 21 )

Required Mitigation in System Design

Proposal: The proposal must acknowledge that no remote voting system can fully solve the client-side malware problem. Therefore, the system’s

ultimate claim to integrity must rest on a voter-verifiable paper audit trail (VVPAT). The digital ledger should be framed as a powerful tool for real-time integrity checks and transparency, but the proposal must state unequivocally that the paper record, verified by the voter, is the authoritative ballot of record for any audit or recount.

Expert Criticism: Scalability and Performance Issues. Public blockchain consensus mechanisms are often too slow and expensive to handle the volume of a large-scale election. (Sources: 21 )

Required Mitigation in System Design Proposal: The proposal should specify the use of a Private, permissioned distributed ledger architecture rather than a public one like Bitcoin or Ethereum. This allows for a much higher transaction throughput and control over the consensus mechanism, avoiding the bottlenecks of public chains. The proposal should provide performance projections and a clear architectural design.

Expert Criticism: General Immaturity and Hype. The technology is viewed with extreme skepticism by the election security establishment, as exemplified by the National Academy of Sciences report and the critiques of the Voatz app. (Sources: 22 )

Required Mitigation in System Design Proposal: The proposal must adopt a tone of humility and realism. It should cite the expert criticisms and demonstrate how the proposed system has been designed specifically to overcome them. Avoid hype and revolutionary claims. Frame the project as a sober engineering effort to apply specific distributed ledger concepts to solve discrete problems (like auditability) within the strict confines of the VVSG 2.0 framework, rather than an attempt to reinvent voting.

The Funding Ecosystem: Mapping Pathways to Capital

Securing funding for a new voting system requires a nuanced understanding of how public money flows into the election administration sector. The user's query about SBIR

grants points to a common assumption that direct federal R&D funding is the primary path. However, the reality is more complex. The largest source of funding is indirect, flowing from Congress to the states, which then act as the primary customers for election technology.

A successful funding strategy must therefore be two-pronged:

Seeking seed capital through targeted R&D grants while simultaneously developing a product that meets the needs of the ultimate state-level purchasers.

The Primary Market: HAVA Election Security Grants

The most significant pool of capital for election technology procurement is the HAVA Election Security Grant program, administered by the EAC. Since 2018, Congress has appropriated over $1 billion through this Program, constituting a major portion of all federal spending on election administration.

These funds are disbursed by the EAC as formula grants directly to states and territories. State and local election officials then use these HAVA funds to make a wide range of Improvements, including enhancing cybersecurity, protecting IT systems, improving voter roll accuracy, and, most importantly, purchasing new and up-to-date voting systems.

Of the funds spent as of August 2024, states had dedicated approximately $343 million specifically for voting equipment and cybersecurity upgrades. This funding structure has a profound implication for any new technology vendor: your primary customer is not the federal government, but the election officials in the 50 states and various territories.

The HAVA grants represent the budget these officials have to purchase new products. Therefore, the entire development and commercialization

strategy must be oriented toward building a system that a state Secretary of State or a county election director would be willing and able to procure with their HAVA funds. This means the system must, above all, be VVSG 2.0 certifiable, secure, auditable, and accessible, as these are the criteria that will govern state procurement decisions.

Direct Federal Funding: An Assessment of SBIR and Other Grant Solicitations

While the HAVA-funded procurement market is the ultimate prize, direct federal R&D grants, such as those from the Small Business Innovation Research (SBIR) program, can provide critical seed capital to develop and de-risk the technology. However, a search for SBIR solicitations or other federal grants specifically for voting system development will yield few, if any, results. This is not a standing, high-priority R&D topic for most federal agencies in the way that defense, energy, or health technologies are. The most viable strategy is to identify tangential, well-funded R&D topics and frame the proposed technology as a solution within that broader context.

A voting system can serve as a compelling, high-stakes use case for more general cybersecurity or technology development.

Potential avenues include:

Department of Homeland Security (DHS) / CISA: The Cybersecurity and

Infrastructure Security Agency (CISA) is a key federal partner in securing the nation’s election infrastructure. CISAs mission extends to all forms of critical infrastructure. Therefore, SBIR topics from DHS related to critical infrastructure security, secure data exchange, resilient systems, or identity and access management could provide an opening.

A proposal could be framed as developing a novel, provably secure platform for critical infrastructure operations, using the demanding requirements of an election system as the validating test case.

Department of Defense (DOD): The DOD is responsible for facilitating voting for military and overseas citizens through its Federal Voting Assistance Program (FVAP). While they have historically been cautious about internet voting, they have an interest in technologies that can improve the security and reliability of remote processes. More broadly, the DOD is a major funder of cybersecurity research. An SBIR award was made by the Air Force to a company called Manifest Cyber, in

partnership with Tufts University, for Next Generation Software Supply Chain Cybersecurity. This topic aligns perfectly with the new SCRM requirements in VVSG 2.0. A proposal could focus on developing advanced techniques for software supply chain verification and attestation, using a voting system as the exemplar for a system that requires the highest level of assurance.

National Institute of Standards and Technology (NIST): While NIST does not typically offer large development grants, it does fund research in areas relevant to its mission. Opportunities could arise related to specific, unsolved challenges within the VVSG 2.0 framework. For example, a proposal could focus on developing novel testing methodologies for voting system usability, creating a more robust cryptographic protocol for coercion resistance, or designing next-generation common data formats for enhanced auditability.

Other Grant Opportunities (Grants.gov): Broader searches on Grants.gov may uncover opportunities from other agencies or foundations under categories like civic technology. These grants may be targeted at non-profits, research institutions, or university partnerships and might focus more on foundational research than commercial product development, but they can still be a valuable source of initial funding and credibility.

The critical insight here is that an SBIR grant should not be seen as the end goal.

A Phase I SBIR award is typically less than $200,000, and a Phase II award is around $1 million. These sums are insufficient to fully develop, certify, and market a complex voting system. The VSTL certification process alone can be prohibitively expensive.

Therefore, the SBIR grant must be positioned as a crucial seed investment. The Commercialization Plan section of the SBIR proposal becomes paramount. It must articulate a clear strategy where the grant funding is used to achieve specific R&D milestones—such as building a prototype that solves the coercion-resistance problem or passing a pre-certification security assessment—that de-risk the product and position

the company to attract larger-scale venture capital or to engage directly with state election officials for pilot programs. The grant is the bridge to the real, multi-hundred-million-dollar procurement market.

Political and Policy Headwinds

The election administration landscape is not immune to the political climate. Applicants for funding must be aware of potential headwinds that can introduce uncertainty and risk. The EAC, despite being designed as an independent, bipartisan commission, can be subject to political pressure from the executive branch. For example, in 2025, the EAC

was directed to add new conditions to its HAVA election security grant packages, requiring states to affirm they do not operate Diversity, Equity, and Inclusion (DEI) programs that violate federal law. This move, stemming from a presidential executive order, caused concern and pushback from state election officials who viewed it as an

unprecedented politicization of grant terms.

Similarly, presidential executive orders can attempt to direct the EAC’s technical focus, for example, by issuing guidance against the use of QR codes in the vote-counting process or pushing for the accelerated adoption of certain security standards. This creates a shifting landscape where grant requirements and policy priorities can change with a new administration.

For a grant applicant, this means it is essential to build a proposal on a stable, non-partisan foundation of election administration: security, accuracy, accessibility, and auditability. The core value proposition should align with the long-standing, congressionally mandated goals of HAVA and the technical principles of the VVSG.

Being aware of current political directives is necessary to avoid running afoul of new grant conditions, tying the project’s fundamental justification to transient political agendas is a high-risk strategy. Furthermore, this environment underscores the importance of partnerships. A small,

unknown technology company is a risky bet for a risk-averse election official or a federal grant reviewer. Credibility must be built through association. Before submitting a proposal, a company should actively seek to build a coalition. This could involve a formal research partnership with a university cybersecurity lab, as seen in the Manifest Cyber/Tufts University SBIR award.

It should include obtaining letters of support from state or local election officials who can attest to the need for a solution to a problem the

proposal addresses. It could also mean assembling a board of advisors composed of respected experts in election law, administration, and security. A proposal backed by this kind of coalition is dramatically more compelling because it demonstrates market awareness, customer discovery, and a credible path to real-world implementation.

A Strategic Blueprint for a Winning Grant Proposal

Crafting a grant proposal that can succeed in this complex environment requires a strategic approach that synthesizes an understanding of the regulatory framework, the threat landscape, and the funding ecosystem. The goal is to transform a technology-centric idea into a market-focused, problem-solving narrative that inspires confidence in reviewers and stakeholders.

Framing the Solution:

From Blockchain to End-to-End Verifiable Election System;

The language and framing of the proposal are of paramount importance. The proposal must not lead with the technology; it must lead with the problem and the established regulatory framework.

The core narrative should be built around compliance and security, using the official lexicon of the election administration community. The project title, abstract, and introduction should focus on concepts that resonate with the mission of agencies like the EAC, NIST, and CISA. A title like A VVSG 2.0-Compliant System to Enhance Security and Auditability in U.S. Elections is far stronger than A Blockchain-Based Mobile Voting Platform.

Throughout the proposal, technology buzzwords should be replaced with functional, VVSG-aligned descriptions. Instead of blockchain, use distributed, cryptographically-secured, tamper-evident ledger. Instead of a smart contract, use an automated, verifiable, and software-independent vote tallying protocol. Instead of an App, use a secure voter interface module.

This strategic use of language demonstrates that the applicant understands the official standards and is building a solution to meet those standards, not simply promoting a favored technology.

Articulating the Value Proposition: A Checklist for Addressing Key Risks

The proposal must systematically and proactively address every major vulnerability and criticism identified in the threat landscape analysis. It should not wait for reviewers to raise these issues.

A dedicated Risk and Mitigation Strategies section is essential. This section should explicitly list the most potent expert criticisms of digital and blockchain-based voting—such as the lack of coercion resistance, privacy concerns, and the client-side malware threat—and provide a detailed description of the specific technical or procedural solution the proposed system employs for each one. This approach turns a

potential liability into a demonstration of expertise, thoroughness, and confidence.

Central to this section is the VVPAT linchpin. The proposal must state, explicitly and repeatedly, that the system generates a voter-verifiable paper audit trail and that this physical paper record is the authoritative record for any recount or RLA.

This single point neutralizes the most powerful and universal objection to purely electronic voting systems.

The digital ledger should be framed as a powerful complement to the paper trail—one that allows for unprecedented real-time integrity

checks enhances transparency, and simplifies audits—but never as a replacement for it. This demonstrates a mature understanding of the layered defenses required for election security.

Essential Components of a Credible Proposal

Beyond strategic framing, a winning proposal must contain several substantive

components that provide concrete evidence of competence and a viable path to

success.

● VVSG 2.0 Compliance Roadmap: This is the heart of the technical proposal. This

section must go into exhaustive detail, mapping the system's architecture and

features directly to the specific principles and requirements of the official VVSG 2.0

documents. 5 It should be structured to show, principle by principle, how the design

meets or exceeds the federal standard. This serves as the primary evidence that

the team has done its homework and is building a commercially viable product.

Detailed Threat Model: The proposal must move beyond generic claims of being secure. It should include a formal threat model that identifies potential adversaries (e.g., nation-state intelligence services, partisan insider threats, cybercriminals), their motivations, and their likely attack vectors (e.g., supply chain compromise, malware injection via removable media, denial-of-service attacks). For each identified threat, the proposal must describe the specific technical, operational, or

procedural mitigation strategy built into the system. This demonstrates a

professional, systematic approach to security engineering.

Phased Plan for Pilot Programs: A credible proposal shows a realistic path from the laboratory to the real world. It should outline a phased implementation plan, starting with internal testing and a partnership with a university or non-profit for a public mock election.

The next phase could involve seeking a partnership with a forward-leaning local election office to use the system in a limited, low-stakes pilot election (e.g., for a local school board). This practical, incremental approach demonstrates an understanding of the risk-averse nature of election officials and provides a clear pathway for gathering real-world data and user feedback.

Robust Commercialization Plan: As noted previously, for an SBIR proposal, this section is critical. It must clearly articulate the seed funding strategy. It should detail the total addressable market (e.g., the number of U.S. jurisdictions with aging voting equipment that will need to procure VVSG 2.0-compliant systems in the next decade), the go-to-market strategy (e.g., targeting states with legislatively mandated procurement cycles), and a clear breakdown of how the SBIR funds will be used to achieve the specific technical and business milestones necessary to

attract follow-on venture capital and successfully compete for large-scale state procurement contracts.

Building the Right Team and Partnerships

Finally, a proposal is only as credible as the people and organizations behind it. The Key Personnel section must inspire confidence. If the core technical team lacks direct experience in election administration or high-assurance systems security, this gap must be filled by a strong, well-credentialed Board of Advisors. An advisory board that includes a former state election director, a recognized academic in cryptography or

cybersecurity and an expert in election law provides immense credibility.

Letters of support are not a formality; they are essential third-party validation. A letter from a state or county election director stating, The security vulnerabilities described in this proposal are a significant concern for us, and we would be very interested in seeing a demonstration of the proposed solution upon completion of its Phase I objectives is more persuasive than pages of technical jargon. A letter from a respected cybersecurity professor at a major university validating the novelty and soundness of the proposed technical approach is equally valuable. These documents demonstrate to the grant reviewers that the project is not just a theoretical exercise but a solution to a real-world need, recognized by the very people who would ultimately use and benefit from it. They show that the team has already begun the crucial work of building the coalition necessary to bring new technology to the sensitive and vital market of American elections.

Works Cited

1. Federal Standards and Guidelines for Voting Systems: Overview and Potential Considerations for Congress – EveryCRSReport.com, accessed June 14, 2025, https://www.everycrsreport.com/reports/R47592.html

2. VOLUNTARY VOTING SYSTEM GUIDELINES – National Institute of Standards and Technology, accessed June 14, 2025, https://www.nist.gov/document/vvsg2005vol2pdf

3. Election Security Grant | U.S. Election Assistance Commission, accessed June j14, 2025, https://www.eac.gov/grants/election-security-funds

4. Measuring the Impact of Recent Grants to Election Administrators Under the Help America Vote Act | Bipartisan Policy Center, accessed June 14, 2025, https://bipartisanpolicy.org/report/impact-recent-grants-help-america-vote-act/

5. Voluntary Voting System Guidelines | U.S. Election Assistance Commission, accessed June 14, 2025, https://www.eac.gov/voting-equipment/voluntary-voting-system-guidelines

6. EAC Faces Key Deadlines for Election Security – Electoral Process Education Corporation, accessed June 14, 2025, https://epec.info/eac-faces-key-deadlines-for-election-security/

7. Voluntary Voting System Guidelines (VVSG) | NIST, accessed June 14, 2025, https://www.nist.gov/itl/voting/research-and-projects/vvsg

8. Election Security is a Partnership – CISA, accessed June 14, 2025,

https://www.cisa.gov/election-security-partnership 9. Voluntary Voting System Guidelines (VVSG) 2.0 to – U.S. Election Assistance Commission, accessed June 14, 2025, https://www.eac.gov/sites/default/files/TestingCertification/Voluntary_Voting_System_Guidelines_Version_2_0.pdf

10. Understanding The Advancements in VVSG 2.0, accessed June 14, 2025, https://www.nass.org/sites/default/files/2024-02/Smartmatic-Issue-Paper-NASS- Winter24.pdf

11. Handbook for VVSG 2.0 Usability and Accessibility Test Strategies – NIST Technical Series Publications, accessed June 14, 2025,

https://nvlpubs.nist.gov/nistpubs/vts/NIST.VTS.400-5.pdf

12. NIST VTS 200-2 initial public draft, Implementation Guidance for the VVSG 2.0: Multi-Factor Authentication, accessed June 14, 2025,

https://nvlpubs.nist.gov/nistpubs/vts/NIST.VTS.200-2.ipd.pdf

13. Integrity of Electronic Voting Systems: Fallacious use of Cryptography, accessed June 14, 2025, https://voter.engr.uconn.edu/wp-

content/uploads/sites/3651/2023/02/sac2012.pdf

14. Cybersecurity | Econofact, accessed June 14, 2025, https://econofact.org/tag/cybersecurity

15. How Secure Are U.S. Electronic Voting Systems? | Econofact, accessed June 14, 2025, https://econofact.org/how-secure-are-u-s-electronic-voting-systems

16. Can Electronic Voting Systems Be Made More Secure? – Tufts Now, accessed June 14, 2025, https://now.tufts.edu/2022/11/04/can-electronic-voting-systems-be-made-more-secure

17. Handbook for VVSG 2.0 Usability and Accessibility Test Strategies | NIST, accessed June 14, 2025, https://www.nist.gov/publications/handbook-vvsg-20-usability-and-accessibility-test-strategies

18. Enhancing Vulnerability Assessments for Electronic Voting Systems through an Augmented CVSS 3.1 Model, accessed June 14, 2025,

https://ejece.org/index.php/ejece/article/download/683/641

19. Voting Software Vulnerabilities: Concerns and Risks – Aristotle, accessed June 14, 2025, https://www.aristotle.com/blog/2023/10/voting-software-vulnerabilities-concerns-and-risks/

20. Four election vulnerabilities uncovered by a Michigan Engineer, accessed June 14, 2025, https://news.engin.umich.edu/2024/10/four-election-vulnerabilities-uncovered-by-a-Michigan-engineer/

21. International Journal of Research Publication and Reviews Challenges and Opportunities of Blockchain for E-Voting – accessed June 14, 2025, https://ijrpr.com/uploads/V5ISSUE10/IJRPR34436.pdf

22. The Myth of “Secure” Blockchain Voting | U.S. Vote Foundation, accessed June 14, 2025, https://www.usvotefoundation.org/blockchain-voting-is-not-a-security-strategy

23. Blockchain voting is overrated among uninformed people but underrated among informed people, accessed June 14, 2025,

https://vitalik.eth.limo/general/2021/05/25/voting2.html

24. Blockchain for Electronic Voting System—Review and Open Research Challenges – PMC, accessed June 14, 2025, https://pmc.ncbi.nlm.nih.gov/articles/PMC8434614/

25. The Application and Shortcomings of Blockchain Voting System – GoodFirms, accessed June 14, 2025, https://www.goodfirms.co/blog/the-applications-and-shortcomings-of-blockchain-voting-system

26. A Systematic Literature Review and Meta-Analysis on Scalable Blockchain-Based Electronic Voting Systems – PMC – PubMed Central, accessed June 14, 2025, https://pmc.ncbi.nlm.nih.gov/articles/PMC9572428/

27. Award | SBIR, accessed June 14, 2025, https://www.sbir.gov/awards/141871

28. Award | SBIR, accessed June 14, 2025, https://www.sbir.gov/awards/207383

29. Search Results Detail | Grants.gov, accessed June 14, 2025,

https://www.grants.gov/search-results-detail/354853

30. EAC Tells States: Drop DEI Policies if You Want Election Security Funds, accessed June 14, 2025, https://www.democracydocket.com/news-alerts/eac-tells-states-drop-dei-policies-election-security-funds/