threshold-elgamal

What this library does

It gives you the cryptographic building blocks for a verifiable vote: encrypted ballots, signed protocol messages, threshold decryption, and a way to audit the published board afterward.

In plain terms

This library helps a group run a vote where ballots stay secret while voting is open, no single person can reveal the result alone, and the final public record can be checked by auditors or the voters themselves.

You can think of it as the cryptographic engine behind a public vote: it creates the locked ballots, the signed messages that move between steps, and the proof material needed to trust the published tally.

Technical details

threshold-elgamal is a browser-native TypeScript library for additive ElGamal over Ristretto255, signed protocol payloads, deterministic serialization, and honest-majority threshold decryption.

The supported workflow covers explicit manifest publication, GJKR DKG with verifiable checkpoints, complete ballots inside one declared score range, ciphertext aggregation, decryption-share publication, and full public-board verification.

Quick start links

Use these entry points to reach the supported setup, publishing, verification, and payload workflows directly.

Get started Use the explicit manifest, the declared score range, the derived majority threshold rule, and the root package.

Browser and worker usage Generate keys, signed payloads, and transport envelopes inside browser code or workers.

Honest-majority voting flow Follow the supported ceremony from manifest publication through tally verification.

Published payload examples See the concrete JSON shapes that move across the public board.

Verify a public board Feed the published ceremony bundle into the verifier and inspect a stable result shape.

API docs Browse the exported contracts, types, and symbols for the supported surface.

Follow the supported ceremony

The library is intentionally opinionated. The supported path is short and explicit from manifest publication to final tally.

1. Publish the manifest and accepted roster. The public manifest surface is intentionally compact: rosterHash, optionList, and one explicit scoreRange.
2. Run honest-majority DKG. The threshold is derived from the accepted roster as ceil(n / 2) and backed by verifiable checkpoints.
3. Accept complete ballots and close the board. Ballots always use complete score assignments inside the manifest scoreRange, and the organizer closes counting with a signed ballot-close.
4. Publish shares, tally, and verify the board. The verifier checks the full ceremony transcript instead of isolated payload fragments.

Keep the security boundary explicit

The library solves a narrow research problem. These boundaries define what the supported workflow covers and what your application still needs to handle outside it.

Built for

• Browser-native TypeScript integrations and worker-based flows.
• Verifiable honest-majority voting research prototypes.
• Publishing and auditing signed public-board payloads.
• Stable ceremony verification over the supported workflow.

Not promised

• Coercion resistance or full production election guarantees.
• Arbitrary ballot formats outside the supported score-voting model.
• A generic threshold cryptography framework with unlimited knobs.
• Constant-time JavaScript bigint arithmetic or audited deployment claims.