The whistleblower described an internal software utility, ostensibly created for system testing, that could emulate voting machines and inject or alter votes in bulk. By using credentials provided by the electoral authority, this tool enabled engineers or officials to transmit fake voting data that would bypass normal machine transmissions and standard detection mechanisms.

In the 2004 Venezuelan recall referendum, one million non-existent voters were allegedly added to the registry, allowing the manipulation of the overall result.

The manipulation was typically kept within a 2–3% margin to avoid obvious statistical outliers. By emulating real transmission behaviors and using knowledge of statistical patterns, the operators could alter enough votes to guarantee favored outcomes without drawing immediate suspicion.

In a specific case in the state of Mérida, election data for the entire state was transmitted using only the SAES tool, bypassing official transmission lines. Telecom audits showed no record of standard transmissions, confirming data was injected directly.

The government prosecuted critics of the voting system, sometimes using evidence provided by Smartmatic itself, while judges lacked the technical ability to independently assess the truthfulness of the evidence.

The witness claimed that Smartmatic software was intentionally designed to make elections easy to rig and audits difficult, with vulnerabilities such as plain-text password storage, accessible source code, and log files configured so that evidence would be overwritten during elections, undermining retrospective audits.

Both Smartmatic and Dominion systems made use of computer components manufactured in China and assembled in Taiwan, with firmware potentially enabling communication modules regardless of software settings. Remote access could be enabled for engineers during live elections, increasing the risk of manipulation.

The Venezuelan whistleblower testified that both Smartmatic and Dominion voting systems relied heavily on a global supply chain involving computer components manufactured in China and assembled in Taiwan, creating inherent firmware and hardware security risks. Remote access capabilities could be enabled regardless of the voting software settings, which potentially allowed engineers—including foreign actors—to access or manipulate election infrastructure during live elections. 

Engineers who developed Smartmatic’s original Venezuelan election software went on to work for Dominion Voting Systems, which later acquired much of Sequoia Voting Systems’ infrastructure and code. The architecture and vulnerabilities from Smartmatic were adapted into Sequoia and Dominion systems, according to the whistleblower.

The whistleblower alleged that Dominion’s US systems shared major architectural features and vulnerabilities with Smartmatic, including the potential for similar manipulation through internal tools and remote access. They directly reviewed forensic images of U.S. voting machines and claimed to find equivalent security bugs.

Cuban government representatives allegedly provided oversight of Venezuela’s elections, while the system’s source code and backups were held under Venezuelan state control with substantial financial investment from the government.

Election audits in Venezuela (and, according to testimony, in similarly designed systems abroad) only reviewed software modules and logs that the system provider or electoral authority chose to reveal; crucial data and tools capable of recording unauthorized manipulations were excluded from external audits.

 Log files were configured too small to hold the full record of activities during a lengthy election, so critical evidence would be automatically deleted and overwritten, frustrating forensic audits after the fact.