Is protocol self-tallying?

[Kevin-Mok]

From this paper, it defines self-tallying as "if the post-ballot-casting (tally) phase can be performed by any interested party". But in this line:

lighthouse/ethcode/scripts/voting_scenario.js

Line 235 in 2894cd0

const sharedKey = genEcdhSharedKey(votingPrivKey, [unstringifyBigInts(key[0]), unstringifyBigInts(key[1])])

It seems that you need a voting authority's private key to do the tallying. So, is this protocol really self-tallying?

[creepteks]

The implementation I provided currently lacks the DKG phase I included in the protocol theoretically. "Initializers", the authorities who start the voting process, would be unable to violate e-voting requirements such as privacy and "fairness" because each one only holds its share of private key. The tallying phase is done when the initializers collaborate to create the secret key and publish it. So, you're correct: the tallying phase is dependent on voting authorities' private key, and in the PoC I provided, a malicious authority could withhold the private key or can violate the fairness and count all the votes before the ballot-casting is finished. However this can be prevented by integrating the protocol with DKG as I mentioned.