"This is not impossible. In fact it is a solved problem."
I don't think so.
I mentioned the perpetual motion device for a reason. This discussion remembered me of an essay from Isaac Asimov about perpetual motion devices. It went into explaining the Second law of thermodynamics, then some examples of faulty devices, and why they were faulty... and ended, more or less, like this: "...and don't waste your time sending to me your 'really working' perpetual motion devices' designs. I am just an 'aficionado' so it very well may happen that I can't see the flaw on your design but, believe me, there *is* a flaw".
This is more or less the same. You *think* you solved the problem. Well, you didn't.
"That system lets everyone vote exactly once, maintains secret ballot, and gives voters the tools to confirm their vote was counted, and if not they can cryptographically prove it to the media or any auditors available."
What you did is decoupling authentication from anonymity and shared the responsibility between to different authorities. Well done sir, but still insufficient. Because, while you did authenticate the *voting effort*, you didn't authenticate *the ballot*. How do you probe that the casted vote was the same one that was counted? With physical ballots you do it by an open-in-sight chain of custody; with electronic zeros and ones, and given that the full channel is under control of a single party (the government), there's exactly one party the voter can be confident of: himself. And that means signing the casted vote by himself, which brings proper authentication but, at the same time, loses anonymity and the vote can be tracked back to himself*1. With physical votes also happens the same, which is why it is the voter himself the one putting the ballot within an envelope for anonimity and then in a box, usually transparent, for authenticity -and the ballot's chain of custody being in the open from then on.
Again, the comparation with a perpetual motion device is spot on: most of the time it will be wrong, even if done by trustable people like you, and there also will be a lot of snake oil sellers / untrustable parties that will try to cheat me for their own advantage. You can play now the "true scotsman" game and even come with a properly functional system by calling "e-vote system" a "two-worlds vote system"*2 (one that mixes and matches physical world and cybernetic) but, in the end, why take the risk? Even me, I'm an 'aficionado' and can be cheated; the standard 'Joe the Voter' much moreso so the only healthy position is Asimov's one: "it very well may happen that I can't see the flaw on your design but, believe me, there *is* a flaw"
*1 You could think the ballot could be cryptographically signed by the counting/auditing party instead of the voter, but you can't as you are still open to MiM attacks, which can't be tracked down *unless* you know what was in fact voted, which only the voter knows.
*2 Not that these kind of mixed systems wouldn't be of any help. A system like the one you talked about *coupled* with a traditional paper-and-box one could mean the results could be published within one minute of closing the casting period with a high degree of confidence.