The JCJ voting system, proposed in 2005, is widely considered the reference for coercion-resistant protocols. However, a critical weakness has been identified: during the cleansing phase, where invalid ballots are removed, more information is leaked than necessary, potentially enabling coercers to detect when a voter disobeys. This leakage includes the number of ballots sent to the public board and the tallying procedure, as well as the distribution of revotes. This can be exploited by coercers to infer whether a voter has obeyed or not, undermining coercion resistance. To address this, the authors propose CHide, a variant of JCJ that introduces a cleansing-hiding procedure. This procedure uses more complex cryptographic primitives, such as MPC building blocks, to hide which ballots are removed and for what reason. CHide only reveals the minimal information, namely the number of ballots removed (Δ), ensuring that the coercer cannot infer the voter's behavior. The original definition of coercion-resistance was too weak, failing to account for scenarios like revoting and the addition of fake ballots by authorities. The authors propose a stronger definition that properly considers these behaviors. They prove that CHide is coercion-resistant under this definition, while JCJ is not, demonstrating that the leakage during the cleansing phase is indeed a critical vulnerability. In realistic scenarios, such as technical incidents or discredits of candidates, the leakage in JCJ can provide a non-negligible advantage to coercers. For example, if voters revote due to a technical incident, the coercer can detect whether a voter has obeyed or not. Similarly, if a candidate is discredited, voters may change their votes, and the coercer can infer the voter's behavior based on the leaked information. CHide is designed to mitigate these issues by hiding the cleansing process, ensuring that only the minimal information is revealed. This makes it more secure against coercion attacks. The authors also show that CHide ensures vote privacy and universal verifiability under weaker assumptions than those required for coercion-resistance. In terms of efficiency, CHide is less efficient than JCJ due to the use of more complex cryptographic primitives. However, it scales better with the number of submitted ballots, using a quasi-linear tally protocol based on sorting. The computational load for voters is manageable, with realistic parameters leading to around a thousand exponentiations, which should be feasible within a modern browser. The authors conclude that CHide provides full coercion-resistance by addressing the critical weakness in the JCJ protocol, ensuring that the coercer cannot infer the voter's behavior during the cleansing phase. This makes CHide a more secure and robust voting system for high-stakes elections.The JCJ voting system, proposed in 2005, is widely considered the reference for coercion-resistant protocols. However, a critical weakness has been identified: during the cleansing phase, where invalid ballots are removed, more information is leaked than necessary, potentially enabling coercers to detect when a voter disobeys. This leakage includes the number of ballots sent to the public board and the tallying procedure, as well as the distribution of revotes. This can be exploited by coercers to infer whether a voter has obeyed or not, undermining coercion resistance. To address this, the authors propose CHide, a variant of JCJ that introduces a cleansing-hiding procedure. This procedure uses more complex cryptographic primitives, such as MPC building blocks, to hide which ballots are removed and for what reason. CHide only reveals the minimal information, namely the number of ballots removed (Δ), ensuring that the coercer cannot infer the voter's behavior. The original definition of coercion-resistance was too weak, failing to account for scenarios like revoting and the addition of fake ballots by authorities. The authors propose a stronger definition that properly considers these behaviors. They prove that CHide is coercion-resistant under this definition, while JCJ is not, demonstrating that the leakage during the cleansing phase is indeed a critical vulnerability. In realistic scenarios, such as technical incidents or discredits of candidates, the leakage in JCJ can provide a non-negligible advantage to coercers. For example, if voters revote due to a technical incident, the coercer can detect whether a voter has obeyed or not. Similarly, if a candidate is discredited, voters may change their votes, and the coercer can infer the voter's behavior based on the leaked information. CHide is designed to mitigate these issues by hiding the cleansing process, ensuring that only the minimal information is revealed. This makes it more secure against coercion attacks. The authors also show that CHide ensures vote privacy and universal verifiability under weaker assumptions than those required for coercion-resistance. In terms of efficiency, CHide is less efficient than JCJ due to the use of more complex cryptographic primitives. However, it scales better with the number of submitted ballots, using a quasi-linear tally protocol based on sorting. The computational load for voters is manageable, with realistic parameters leading to around a thousand exponentiations, which should be feasible within a modern browser. The authors conclude that CHide provides full coercion-resistance by addressing the critical weakness in the JCJ protocol, ensuring that the coercer cannot infer the voter's behavior during the cleansing phase. This makes CHide a more secure and robust voting system for high-stakes elections.