Should Citizens trust an EMV machine to record their votes truthfully when its source code remains unaudited?

Image Source

India’s main elections are commencing next month with the world’s largest country by population going to cast their votes to cumulatively determine the party that would come to power at the center.

This will also determine the Prime Minister of India who in actuality should be selected by cabinet ministers of the winning party.

However, the main question now is whether the Electronic Voting Machines(EVMs) through which voters will cast their votes can be relied upon to record their votes cast truthfully.

No record of audits done on the Source Code of these EVMs that are utilized for vote-casting


Now, we really don’t know if the source code of EVM machines is audited as the Election Commission of India(ECI) doesn’t consider it necessary that such details be disclosed.

***So, how can we be sure that these EVM machines don’t have pieces of code in them that program them to record votes fraudulently? ***

The World of Web3 encourages extensive testing of dapp source code by the community

Being in the Web3 space, I am used to dapp applications being super transparent, as the source code of these dapps is generally open source and audited with audit reports disclosed on their website or documentation for public perusal.

Moreover, dapp applications host bug bounty events where any programmer or developer can stress test these dapps and examine the smart contract code of these platforms for vulnerabilities.

When vulnerabilities are discovered by someone they are rewarded ambly. This is considered a White Hat activity.

The integrity of the voted data cannot be verified and trusted in unaudited EVMs

It's accepted that voting processes need to be transparent. Generally, paper ballots established transparency, as votes that were cast would remain in the ballot box and then be counted as it is.

These votes are counted transparently by designated officials with CCTV cameras recording the process and one representative of participating political parties being allowed to observe the counting process.

This process is established to ensure that the voting process happens free and fairly with cast votes counted truthfully, leaving no room for manipulation.


As a voter, we all want the party we voted for to be counted correctly with no error with our vote falsified!

Under EVMs with no details of the audit and quality checks done on the source code of the machine, we really can’t be sure that the EVM machine is programmed to record the votes cast correctly as the voters voted. There is no transparency!!

Prime components of the Electoral Voting Machines(EMVs)

Indian EVM machines comprise these main components - a control unit, a ballot unit and vvpat printer.

During polls, the control unit of the EVM is switched on under the supervision of the election officer in charge of the constituency. This EVM component records and stores details of each vote that is cast.

The ballot unit is the instrument through which each vote is cast. It has rows of buttons alongside party symbol logos, party names. A voter casts a vote by pressing the button next to the party symbol, to select the party the voter wants to vote to.

Next a Voter verifiable audit trail (VVPAT) is generated. Here the image of the party symbol that’s voted to is displayed, visible to the voter for 7 seconds. After this, the voter walks away, assuming that the vvpat image that’s printed is cut, and this slip is dropped onto the vvpat ballot box.

Counting of votes cast

Election results are generally arrived at by counting the votes recorded in the Control unit and this is automatic. VVPAT, is voter verifiabe audit trail and EVMs maybe randomly choosen and matched with VVPAT slips to check if EVM vote records tallies with vvpat slips.

However, currently, 30% of EVMs from each assembly constituency are matched with VVPAT slips to verify if the voting data tallies. If the voting data tallies, then it is taken for granted that all EVM machines are functioning satisfactorily.

No guarantee that EVMs are programmed to record cast votes truthfully

However, there is no certainty that the votes recorded in the Control unit are truthful, meaning we cannot verify that the votes recorded in the control unit is the same as cast by the voter. This is because the source code can program the control unit to record votes falsely.

Yes, if a voter votes for Party A, the control unit may have been programmed to record that vote as for Party B or another party.

There is no certainty that the vvpat image of the party symbol the voter has voted for is cut automatically and dropped into the box as well because the voter does not see that.

VVPAT slip generation can be falsified as well if programmed to do so!

The Ballot unit has code loaded into it, embedding functionalities along with loading party logos and names. It may be coded with functionalities where the party logo image that’s displayed to the voter is not cut and dropped into the vvpat box.

For ex, voter votes for Party A and sees vvpat image of Party A and walks off. However, that vvpat slip is not cut and dropped. Another voter, votes for Party A and the same image is shown to the voter. Now, if programmed, two vvpat slips can be cut and dropped into the box, one of Party A and another of Party B even though both votes were for Party A!!

Just expectation of voters to have audit details of the EVM source code!!

So, EVM machines can be programmed with code, to record votes differently and fool voters that the party they voted to is recorded in the machine truthfully.

This is very possible, and EVM machines can indeed be manipulated at the source point with code that instructs the machine to record votes in a certain way favoring one party over the others.

Therefore, it is a valid concern, and a very reasonable expectation by an Indian Citizen to expect that the source code of EVM machines is audited by an independent group of experts with the audit report published in the public domain.

The code has to be tested for errors, honest execution of functionalities and other vulnerabilities. I can understand if the source code of the EVM machine is not in the public domain for it may make the machine vulnerable to getting hacked but at least the source code should be audited by trusted experts, and certified.

Voter should also be provided with proof that the source code of the EVMs are audited as well with the audit report placed on the public domain for them to look into.

Good practice in Web3 for users to trust only dapps that are audited and are open-source

I believe in transperancy, testing and audits of source codes as a Web3 person exploring dapps. I will trust the dapp to be secure only if the dapp's smart contract source code is audited.

Infact, I prefer it to be open source to be tested by the community extensively for vulnerabilities.

Then why should I trust the EVM machine to record the vote that I have cast truthfully?. It beats me and somehow, I feel it very odd.

India's Highest Court Authority does deem it essential that EVM's source code audit details be made public

However, even the Supreme Court of India does not find it necessary to have the source code of the EVM machine audited and I don’t understand how transperancy in voting can take place when the source code of the EVM machine is not audited.

The EVM machine is not certified that it's verified to be cleared of malicious code instructions or other errors and vulnerabilities.

PIL for an independent audit of the EVM's source code dismissed by the Supreme Court

Before the 2019 Lok Sabha elections a petitioner filed a Public Interest Litigation (PIL) for an independent audit of the EVM's source code dismissed by the Supreme Court

Before the 2019 Lok Sabha elections a petitioner filed a Public Interest Litigation (PIL) to have the Election Commission of India (ECI) initiate an independent audit of the source code of the EVM. The case was not taken by the Supreme Court as elections were due soon.

So, in 2020 again the petitioner filed PIL freashly and he was granted permission to make representation to the ECI regarding this. However, they did not respond positively to his concern.

Last year, the Supreme Court on September 2023, heard this PIL but the judges declared that they won’t entertain the petition and asked what was the reason for the petitioner to not trust the source code of EVM. There was no evidence presented by the petitioner that casts doubts on the EVM's source code.

The petitioner through his counsel expressed that the source code is the brain of the EVM and it has to be audited. He expressed that Indian Citizens are voting on the EVM when its source code is not even audited!!

The audit to be credible should be of a recognized standard, IEEE 1028 and ECI have disclosed no details of any audits done, if any of the EVMs.

I think these points do substantiate the petitioner's reason to find it relevant to initiate an independent audit of the EVM source code, which should be placed in the public domain. However, I am no Supreme Court Judge so my opinion would not have helped the petitioner's case here.

Unfortunately, the Supreme Court Judges were not convinced by these points.

They declared that ECI's constitutional duties is to supervise and conduct the process of elections and in that task the petitioner has not placed any evidence proving that ECI is in any way in breach of its duties to have the Election Commission of India(ECI) initiate an independent audit PIL for an independent audit of the EVM's source code dismissed by the Supreme Court

That's not all Folks, more stories on EVM issues coming up!!

In the coming days, I will explore more on this EVM subject. It would be related to issues of EVM inventory, tracking, and storage because there have been reports of lost EVMs, and unaccounted-for EVMs being found on private vehicles and other random places.

All this is strange, because ECI should maintain a foolproof inventory of EVMs, and these EVMs should only be the ones used for voting and brought into strong rooms where they are stored for the votes cast in the machines to be counted.

Yet, unaccounted EVM machines are found in various places. This brings to question, if EVMs on which people voted, were replaced with other EVMs with different and therefore wrong voting data ???

3 columns
2 columns
1 column
Join the conversation now