On the surface, blockchain voting appears to be the optimal solution to voting-system problems because... 

• it can enable convenient casting of electronic ballots from mobile devices 
• to a public, cryptographically secure, transparent, immutable, tamper-evident, decentralized, digital ledger (a blockchain), 
• where the ballots can be automatically counted perfectly and nearly instantly. 

However, MIT and other blockchain experts have justifiably strenuously warned against blockchain voting, explaining...

• although data is highly secure and tamper-evident once on a robust blockchain, 
• blockchain voting has three critical technical vulnerabilities (problems), 
• and paper ballots are vital to a secure voting system. 

For more details, see

• “MIT experts: no, don’t use blockchain to vote” - MIT CSAIL.
• “Would Voting Be Better On A Blockchain?” - Andreas Antonopoulos (YouTube Video).
• "Going from bad to worse: from Internet voting to blockchain voting” - Journal of Cybersecurity. 

Thus, if only we could transfer paper ballot data onto a blockchain securely, then the ballot data could be safely and transparently stored and counted on the blockchain, but how can we do that?    A key problem is that a paper ballot would need to be scanned, and that scanned ballot data would be subject to the same vulnerabilities as the electronic ballot  in its creation and on its path from the scanner to the blockchain. The PaperBallotchain patent solves that problem. 

1.  Jeopardizes ballot integrity (Critical Technical Vulnerability):  “If vote-casting is entirely software-based, a malicious system could fool the voter about how the vote was actually recorded”—and that system would be prone to large-scale error and hacks that could overturn the election results in undetectable ways, or if detected, would require a whole new election.  (Sources: 1)  MIT experts: no, don’t use blockchain to vote | MIT CSAIL.  2) Would Voting Be Better On A Blockchain - YouTube.)

2. Jeopardizes voter anonymity (Critical Technical Vulnerability):  The software required to simultaneously 

1) verify voter identity, 

2) ensure voter anonymity (remove voter identity when casting the ballot), and 

3) remember voter identity to prevent voters from casting multiple ballots

—has not yet been developed/solved, and even if it were developed/solved—it would be prone to large-scale error and hacks that could compromise voter anonymity on a large scale and could enable casting of fraudulent ballots on a large scale that could overturn election results in undetectable ways, or if detected, would require a whole new election.  (Source:  Would Voting Be Better On A Blockchain - YouTube.)

If using coins to vote: “it does not provide a secret ballot: all votes are public, and users can prove to a third party how they voted, enabling coercion and vote-selling.”

If using zero- knowledge proofs: 

• “While this would mean that transaction data would no longer be publicly visible, the resulting scheme would still be far from providing ballot secrecy.”
• If the software were hacked, voter anonymity would be compromised on a large scale.
• They are “designed for a setting where the party with secret information wants to keep it secret…—they generally do not prevent that party from revealing information voluntarily.”

(Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)

3. New Blockchain Database Vulnerability (Critical Technical Vulnerability):   New blockchain databases typically have a small number of computer node participants, which makes them inherently vulnerable to “51% attacks,” in which a bad actor gains control of the majority of the blockchain nodes/computers, enabling them to “create multiple versions of the blockchain to show different people, sowing discord.”  Even though the hack would be detectible, it would require a whole new election. ( Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)

1. Low-tech solution in two steps:  

_

Step 1) Create folded, sealed, tamper-evident paper ballots, each with the following printed and hidden inside them:  

• a Ballot Private Key (unique number) to create a ballot digital signature on a scanned-ballot datafile that will be cast onto multiple independent-stakeholder blockchains and verified using a corresponding Ballot Public Key that is published before the election, 
• a unique Ballot ID# to enable a voter to look up their scanned paper ballot on the independent-stakeholder blockchains, 
• machine readable code that causes a ballot-scanner-set assembly to shred the ballot private key after each independent-stakeholder scanner in the scanner-set assembly transmits its independently scanned-ballot datafile to all the independent-stakeholder blockchains, thereby preventing someone from altering and/or recasting the ballot with a valid ballot digital signature.   

Step 2) Then scan each voter-marked paper ballot using a scanner-set assembly containing multiple independent-stakeholder transmitting scanners (each with a unidirectional data diode) that can each separately create and apply a stakeholder-scanner digital signature to a scanned-ballot datafile that can be verified by the public and a blockchain using a corresponding pre-election-published Stakeholder Scanner Public Key.  

Those two steps are the foundation of a paper-ballot-to-blockchain voting system that:

• Preserves the tamper-evident, auditable paper trail of paper ballots.
• Enables the public and the independent stakeholder blockchains to verify the integrity of each scanned-ballot datafile using the corresponding pre-election-published Ballot Public Key and pre-election-published Stakeholder Scanner Public Keys. 
• Makes it impossible to re-cast an altered or unaltered marked-paper ballot onto the blockchain because the Ballot Private Key is destroyed/shredded when it travels through the scanner set assembly.
• Enables each voter to nearly instantly verify their paper ballot data has been cast onto a blockchain and is currently included in the vote count—using the Ballot ID#.  (Yet, gives a voter plausible deniability about which Ballot ID# they cast because their Ballot ID# could be any Ballot ID# cast onto the blockchain around the same time as theirs from the same polling station, which would obfuscate bad actor efforts to verify which ballots were cast by which voters when seeking to buy or coerce votes.)
• Physically prevents bad actors from sending malware into the transmitting scanners from the internet because each scanner's unidirectional data diode physically guarantees that data can only exit (not enter) the transmitting scanner.
• Makes a large-scale hack of scanner devices nearly impossible because each competing stakeholder maintains hundreds of unconnected unidirectional data diode scanners in hundreds of different locations.

2. Non-tech solution: The voting system software never knows the voter’s identity.  After election officials verify voter identity in whichever manner they choose, they provide a folded, sealed, tamper-evident paper ballot to the voter that 

• 1) is not tied to voter identity, 
• 2) is folded and sealed in a tamper-evident way that conceals the ballot contents until the voter opens it in private, and 
• 3) contains a Ballot ID# and a Ballot Private Key that are not linked to a human identity (thereby preserving voter anonymity) and enable the ballot to function with blockchain technology in a cryptographically secure and anonymous way. 

Optional use of Ballot Vending Machines:  Instead of election officials selecting which folded, sealed, tamper-evident paper ballot to give to each voter, each voter can select a ballot from a Ballot Vending Machine, so election officials won’t know which ballot the voter will get.  

Additionally, the voter has plausible deniability about which Ballot ID# they cast because their Ballot ID# could be any Ballot ID# cast onto the blockchain around the same time as theirs from the same polling station, which would obfuscate bad actor efforts to verify which ballots were cast by which voters when seeking to buy or coerce votes.

3. Low-tech solution: The digitally-signed, scanned-ballot datafile is stored in multiple competing  independent-stakeholder ballot blockchains (each redundantly backed up) that stakeholders centrally build/control (but are duplicated & validated in many places by members of the public to reveal any tampering), so there’s no possibility of a 51% attack.  This system instead uses the competitive nature of the stakeholders; comparison of their blockchains; and public and stakeholder validator computers (running opensource blockchain building software) to duplicate and check the integrity of the information on the blockchains.       

Alternatively, the digitally-signed, scanned-ballot datafile is stored with a third party blockchain database service that saves the scanned-ballot datafile itself or a link to the scanned-ballot datafile as a non-fungible token (NFT)—in either a layer-2 sidechain database of the Bitcoin blockchain database or a different third party Blockchain Database—that is already essentially invulnerable to a 51% attack. The Bitcoin blockchain is widely considered the most secure public blockchain in the world due to 1) its network size—it has the largest number of nodes/participants (tens of thousands) and enormous mining power securing it, which makes a 51% attack extremely difficult; 2) its simplicity—its design is simpler than many newer blockchains, reducing potential attack surfaces; 3) its maturity—it has operated since 2009 without a successful attack on its core protocol, despite over a decade of hacking efforts; and 4) its economic incentives—miners are financially motivated to secure the network honestly, since attacking it would be enormously costly and likely worthless.