I would like to thank everyone who has contributed to the various debates about voting styles. The delegated proof of stake we have been testing has been based upon the idea that each share gets to vote for or against a single delegate. That misbehaving delegates could get voted out quickly.
Thanks to Agent86 and Toast for debating this issue with me until it got through my thick head.
I have drawn the following conclusions:
1) With approval voting there is no need for negative votes. A vote for 101 delegates is just as good as a vote against everyone else.
2) To vote for 101 delegates would require an extra 202 bytes per transaction, which doubles the transaction size assuming there are less than 30K total delegate candidates.
The voting interface is a bit more intuitive as almost all of your delegates get a vote when you make a transaction.
Because everyones delegate slate could be a unique identifier, the wallet should only vote for a random subset of the supported delegates in each transaction.
To save bandwidth, a slate of delegates can be re-used and identified by 8 bytes. Wallets can automatically identify existing slates that are fully supported and randomly select one of those slates.
What this means is that the chain can have a compromise between privacy ( generating a unique slate every time) and efficiency (reusing existing slates).
The changes required to implement this change are minimal.