Decentralised systems bring many benefits, but they come at a cost. The main disadvantage of decentralisation is that security becomes more of an issue. Because there’s no centralised authority to validate poll results, in theory someone could modify the Forum software on their device, and give themselves 100 times more voting tokens than anyone else. This would give them an unfair advantage in the short term. After this, people would realise what was happening and stop using the app.

Forum maintains information security using a decentralised consensus algorithm. In simple terms, these are mathematical tools that let each user’s device participate in a network, to collectively run elections and polls. Each device contributes to the network, but no one device can influence the result by itself, when the rest are behaving as they should.

The simplest way of achieving consensus is redundancy. This is when the same information is stored and processed in different places, in parallel. While an attacker could produce fake data with their own device, other devices would spot the anomaly and disregard it. An attacker would need to control large numbers of devices all at once, to successfully manipulate polls, which is practically impossible.

The open forum is the most large-scale deployment of decentralised voting that Forum runs, and consequently has the strongest security. Each device keeps track of how “trustworthy” other devices are, based on how consistent they are with the majority judgement. If a device consistently returns incorrect results, other devices will notice and trust it less. Pushed to an extreme, the network would eventually learn to completely ignore unreliable/corrupt devices.

Each device keeps a database of activity on the open forum. No one device has the full record, but each one has quite a lot. Devices are passively sharing information all the time, making it even harder for an attacker to try to convince a majority of devices that something happened, that actually didn’t. This information-sharing protocol means that any piece of information can be accessed quickly, by putting out a request to the network.

Before the network accepts a vote, a random group of devices checks that the person has enough tokens to do so. This is achieved by pulling together recent information about the user, and seeing if they have enough tokens. The information is shared and processed in a way that guarantees a correct answer. Once a vote has been accepted, the nodes in question update the rest of the network, telling them that how many tokens the user spent, and on which poll. Through this mechanism, consistency and consensus are maintained.