A certified vote total carries authority only to the degree that it can be reproduced from the underlying records — ballot images, cast vote records, tabulator paper tapes, chain-of-custody logs, and system event logs. Across five states those records were, by turns, overwritten by design, purged in advance of audit, torn up after the canvass, never captured at all, or replaced with “clean” drives engineered to match certified totals. In Maricopa County, Windows security logs on the Election Management System were capped at 20 megabytes so election-period entries would roll out automatically, and a log-rollover script was then executed 38,478 times in the days after the Arizona Senate’s court-authorized subpoena was issued; the earliest surviving entry is February 5, 2021, and no record of the election itself survives on the machine. In Fulton County, Georgia, the EMS contained 263,139 corrupt and unreadable ballot images, 21,273 missing images, and 17,852 certified presidential votes for which no corresponding image exists at all, alongside master cryptographic keys stored in plain text and a CVR/Master Activation mismatch that leaves the result uncertifiable on its own records. In Floyd County, the election-system event log skips the entire October 20 – November 23 tabulation window. In Delaware County, Pennsylvania, officials replaced the original V-drives with “clean” ones and physically tore up the original paper tapes on the stated ground that the originals “had no audit value” because they would not match the certified result. In Antrim County, editing a single file inside the voting vendor’s central repository simultaneously altered both printed paper tapes and digital EMS results, defeating the assumption that the paper record is independent of the machine. In Milwaukee, a single 3:26 AM upload of roughly 170,000 heavily one-sided votes posted while chain of custody on the absentee flash drive was broken. What cannot be audited was not lost by accident.
The 15 findings consolidate into five structural patterns; the ones below carry most of the national-security weight.
- Records that would prove the count were destroyed after they were subpoenaed. On the Maricopa County Election Management System, Windows security logs — the authoritative record of who accessed the server and what they did — were configured to cap at 20 MB so that election-period entries would roll out automatically, and a purge script was then executed 38,478 times in the days after the Arizona State Senate issued a court-authorized subpoena. The earliest surviving log entry is February 5, 2021; no record of the November 2020 election itself remains. Facility video identified three individuals at the console during the purge, none of whom have been publicly named or charged. Separately, the EMS SQL database was purged of all 2020 General Election results by an administrator account immediately before the forensic audit team gained access.
- The primary evidence of the tally — images, tapes, drives — did not survive the canvass. Fulton County, Georgia, certified 17,852 presidential votes for which no ballot images exist; carried 263,139 corrupt or unreadable images and 21,273 missing images inside the EMS; double-scanned 3,930 ballots; and added approximately 6,691 fictitious absentee ballots to the post-election hand-count audit through falsified batch tally sheets. Floyd County’s election-system event log simply skips October 20 through November 23, 2020, erasing the entire tabulation window. In Delaware County, Pennsylvania, the Director of Elections and the Voting Machine Warehouse Director replaced the original V-drives with “clean” drives so that reported results would match certified totals, while the County Solicitor and warehouse personnel physically tore up the original paper tapes and return sheets, stating that the originals “had no audit value” because they would not match the certified result.
- The tabulation pipeline was structured to be centrally alterable and multi-voiced. Forensic examination of the Dominion election database in Fulton County and additional Georgia counties found master cryptographic encryption keys — the secrets protecting tabulator configurations and cast vote records — stored in plain text, permitting undetectable modification of both configurations and CVRs. In Antrim County, modifying a single file (VIFCHOICEINSTANCE.DVD) inside the ElectionSource central repository simultaneously altered the printed tabulator paper tapes and the digital EMS totals, collapsing the assumed independence of the “paper backup.” A single tabulator in Banks Township produced multiple, materially different vote tallies for the same ballots through different reporting pathways. In Wayne County, ImageCast tabulators jammed four to five times per hour throughout the TCF Center central count on November 3–4 and batches of up to fifty ballots were rescanned repeatedly without zero-reset, creating opportunities for duplicate counts in the official total.
- A large anomalous batch posted while chain of custody was broken. At 3:26 AM on November 4, 2020, official Wisconsin election results recorded a single tabulation update of approximately 170,000 votes in a ratio severely disproportionate to the distribution of vote totals across the rest of the state — a statistical anomaly relative to every other batch observed that night. The upload coincided with the Milwaukee Executive Director of Elections losing physical chain of custody on the absentee flash drive that carried those ballots. Neither the custody gap nor the statistical profile of the batch was addressed in the subsequent certification, and the drive has never been independently examined.
- The result is a count that cannot be reproduced from its own records. Under established election-integrity doctrine, a certified total is authoritative to the extent that it can be reconstructed end-to-end from ballot images, cast vote records, paper tapes, chain-of-custody logs, and system event logs retained in sealed form. In the jurisdictions described above, each of those categories was compromised — security logs overwritten, EMS databases purged, images missing or corrupt, paper tapes destroyed, V-drives replaced, a central file editable to both tape and digital outputs, a large batch posted under broken custody. The certified totals were not reverified against the underlying records; the underlying records were, in large part, no longer available to verify against.
Read as a national-security question, the Vote Tally Integrity record describes the loss of the evidentiary layer on which the authoritative count is supposed to rest. Elections are a federally designated critical-infrastructure component, and the integrity of that component does not rest on the certified number itself — it rests on the sealed, contemporaneous records that would allow an independent auditor, months or years later, to reproduce that number end-to-end. In the cycle described here, those records were, by turns, configured to self-destruct, purged before audit, torn up after canvass, never captured, or swapped for drives engineered to match the reported result; the tabulation pipeline itself was shown in at least two states to be centrally alterable across both digital and paper outputs; and a large anomalous batch posted under broken chain of custody without independent examination. A foreign or domestic actor planning around a close federal contest does not need to defeat a canvass if the records that would expose the manipulation are not preserved, if the machines that would corroborate the paper are driven from the same central file as the paper, and if the chain of custody on the drives that carry the largest batches is allowed to lapse at the moment those batches post.
Supporting Evidence
