Mesa County’s forensic analysis identified unauthorized creation of new adjudication and tabulation databases during ongoing elections, followed by the digital reloading of tens of thousands of ballot records. This process made the original voter intent unrecoverable, and allowed for selective reprocessing and potential injection of new records, invisible to ordinary officials or observers. The whistleblower described the use of Smartmatic’s “SAES data utility” to emulate voting machines, inject votes, and manipulate results by selectively processing or transmitting data without detection in Venezuela. Both described the use of system tools or utilities built for legitimate testing, but repurposed or misused to subvert election integrity, and both noted resulting broken chains of custody for thousands of ballots

Mesa County reports found critical system audit logs were set to small sizes and configured to auto-overwrite as new entries were generated, leading to erasure of election event records during counting and tabulation. The Venezuelan official testified that similar log-overwriting was configured in the Dominion system in the U.S., so that once the log filled, new data would erase previous information, making post-election audits impossible. In Venezuela, they often used a dedicated server to aggregate logs but noted that, in practice, no one would check those logs, negating auditability.

Mesa County’s system was found to have 36 wireless devices enabled and network ports open to the world, allowing remote or even wireless alteration of databases using simple tools such as a cell phone, with minimal authentication and no effective firewalling against outside intrusion. The Venezuelan whistleblower confirmed that Smartmatic and Dominion equipment, manufactured in China or Taiwan, often came with pre-configured firmware and internal modems, which could be covertly enabled—sometimes outside the control of software settings. This presents a supply chain and remote access threat that is undiscoverable by ordinary administrators or officials.

Mesa’s analysis found exposed source code, plain-text passwords, and weak or self-signed encryption that could allow an attacker administrative access to the vote databases and facilitate undetected data manipulation. The Venezuelan testimony highlighted similar problems with Smartmatic—the source code was readable to anyone with access, and passwords were stored in plain text, making breaching the system trivial for insiders or attackers.

The “SAES data utility” described by the Venezuelan official enabled both the emulation of voting machines and direct injection of voting data, with the ability to transmit votes for machines that would not be audited. Mesa forensic teams identified the ability for external scripts or applications to programmatically interact with the Dominion Election Management System through SQL Server and web APIs, providing the same functional attack surface as SAES for database injection and manipulation.

The Mesa County database and infrastructure allowed for the digital ballot images to be relinked or altered without modifying the associated audit data, meaning that manipulated digital images could be substituted into the record, with no reliable method for officials to detect changes. Venezuelan testimony confirmed the potential to change digital ballot representations in the database, making the audit of original votes or images effectively impossible—mirroring the manipulation seen in Mesa.

Both sources note that key Smartmatic engineers who built the system in Venezuela now work for Dominion or have advised on U.S. election systems, facilitating the transfer of techniques, vulnerabilities, and software components between Smartmatic, Sequoia, and Dominion.