Merge branch 'master' of git+ssh://git.taler.net/exchange

2023-01-10 13:36:02 +01:00 · 2023-01-10 13:36:02 +01:00 · 1df72de087
commit 1df72de087
parent b41ffd1a1a 0cf46d8e59
18 changed files with 668 additions and 33 deletions
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@ -26,6 +26,7 @@ rdatadir=$(datadir)/taler/exchange

 tosen_DATA = \
  tos/en/*.txt \
+  tos/en/*.md \
  tos/en/*.pdf \
  tos/en/*.epub \
  tos/en/*.xml \
@ -33,6 +34,7 @@ tosen_DATA = \

 ppen_DATA = \
  pp/en/*.txt \
+  pp/en/*.md \
  pp/en/*.pdf \
  pp/en/*.epub \
  pp/en/*.xml \
--- a/contrib/pp/en/pp-v0.epub
+++ b/contrib/pp/en/pp-v0.epub
--- a/contrib/pp/en/pp-v0.html
+++ b/contrib/pp/en/pp-v0.html
@ -202,4 +202,4 @@ privacy practices that are not addressed in this Privacy Statement.</p>
 <div class="clearer"></div>
 </div>
 </body>
-</html><!--Generated by HTMLArk 2022-11-13 11:12:02.559742. Original URL _build/html/pp-v0.html-->
+</html><!--Generated by HTMLArk 2023-01-06 22:23:08.788175. Original URL _build/html/pp-v0.html-->
--- a/contrib/pp/en/pp-v0.md
+++ b/contrib/pp/en/pp-v0.md
@ -0,0 +1,237 @@
+Privacy Policy
+**************
+
+Last Updated: 11.12.2019
+
+This Privacy Policy describes the policies and procedures of Taler
+Systems SA (“we,” “our,” or “us”) pertaining to the collection, use,
+and disclosure of your information on our sites and related mobile
+applications and products we offer (the “Services” or “Taler Wallet”).
+This Privacy Statement applies to your personal data when you use our
+Services, and does not apply to online websites or services that we do
+not own or control.
+
+
+Overview
+========
+
+Your privacy is important to us. We follow a few fundamental
+principles: We don’t ask you for personally identifiable information
+(defined below). That being said, your contact information, such as
+your phone number, social media handle, or email address (depending on
+how you contact us), may be collected when you communicate with us,
+for example to report a bug or other error related to the Taler
+Wallet. We don’t share your information with third parties except when
+strictly required to deliver you our Services and products, or to
+comply with the law. If you have any questions or concerns about this
+policy, please reach out to us at privacy@taler-systems.net.
+
+
+How you accept this policy
+==========================
+
+By using our Services or visiting our sites, you agree to the use,
+disclosure, and procedures outlined in this Privacy Policy.
+
+
+What personal information do we collect from our users?
+=======================================================
+
+The information we collect from you falls into two categories: (i)
+personally identifiable information (i.e., data that could potentially
+identify you as an individual) (“Personal Information”), and (ii) non-
+personally identifiable information (i.e., information that cannot be
+used to identify who you are) (“Non-Personal Information”). This
+Privacy Policy covers both categories and will tell you how we might
+collect and use each type.
+
+We do our best to not collect any Personal Information from Taler
+Wallet users. We believe that the Taler Wallet never transmits
+personal information to our services without at least clear implied
+consent, and we only process and retain information with a strict
+business need. That being said, when using our Services, we inherently
+have to collect the following information:
+
+   * Bank account details necessary when receiving funds from you to
+     top-up your wallet or to transfer funds to you when you are being
+     paid via Taler. At the current experimental stage, only the
+     pseudonym and password you entered in the bank demonstrator is
+     stored.
+
+   * The amounts being withdrawn or deposited, with associated unique
+     transaction identifiers and cryptographic signatures authorizing
+     the transaction. Note that for purchases, we cannot identify the
+     buyer from the collected data, so when you spend money, we only
+     receive non-personal information.
+
+   * When you contact us. We may collect certain information if you
+     choose to contact us, for example to report a bug or other error
+     with the Taler Wallet. This may include contact information such
+     as your name, email address or phone number depending on the
+     method you choose to contact us.
+
+
+How we collect and process information
+======================================
+
+We may process your information for the following reasons:
+
+   * to transfer money as specified by our users (Taler transactions);
+
+   * to assist government entities in linking income to the underlying
+     contract as required by law and local regulations
+
+   * to support you using the Taler Wallet or to improve our Services
+
+
+How we share and use the information we gather
+==============================================
+
+We may share your Personal Data or other information about you only if
+you are a merchant receiving income, with your bank, to the degree
+necessary to execute the payment.
+
+We retain Personal Data to transfer funds to the accounts designated
+by our users. We may retain Personal Data only for as long as mandated
+by law and required for the wire transfers.
+
+We primarily use the limited information we receive directly from you
+to enhance the Taler Wallet. Some ways we may use your Personal
+Information are to: Contact you when necessary to respond to your
+comments, answer your questions, or obtain additional information on
+issues related to bugs or errors with the Taler Wallet that you
+reported.
+
+
+Agents or third party partners
+==============================
+
+We may provide your Personal Information to our employees,
+contractors, agents, service providers, and designees (“Agents”) to
+enable them to perform certain services for us exclusively, including:
+improvement and maintenance of our software and Services.
+
+
+Protection of us and others
+===========================
+
+We reserve the right to access, read, preserve, and disclose any
+information that we reasonably believe is necessary to comply with the
+law or a court order.
+
+
+What personal information can I access or change?
+=================================================
+
+You can request access to the information we have collected from you.
+You can do this by contacting us at privacy@taler-systems.net. We will
+make sure to provide you with a copy of the data we process about you.
+To comply with your request, we may ask you to verify your identity.
+We will fulfill your request by sending your copy electronically. For
+any subsequent access request, we may charge you with an
+administrative fee. If you believe that the information we have
+collected is incorrect, you are welcome to contact us so we can update
+it and keep your data accurate. Any data that is no longer needed for
+purposes specified in the “How We Use the Information We Gather”
+section will be deleted after ninety (90) days.
+
+
+What are your data protection rights?
+=====================================
+
+Anastasis would like to make sure you are fully aware of all of your
+data protection rights. Every user is entitled to the following:
+
+**The right to access**: You have the right to request Anastasis for
+   copies of your personal data. We may charge you a small fee for
+   this service.
+
+**The right to rectification**: You have the right to request that
+Anastasis correct any information you believe is inaccurate. You also
+have the right to request Anastasis to complete information you
+believe is incomplete.  The right to erasure - You have the right to
+request that Anastasis erase your personal data, under certain
+conditions.
+
+**The right to restrict processing**: You have the right to request
+   that Anastasis restrict the processing of your personal data, under
+   certain conditions.
+
+**The right to object to processing**: You have the right to object to
+   Anastasis's processing of your personal data, under certain
+   conditions.
+
+**The right to data portability**: You have the right to request that
+   Anastasis transfer the data that we have collected to another
+   organization, or directly to you, under certain conditions.
+
+If you make a request, we have one month to respond to you. If you
+would like to exercise any of these rights, please contact us at our
+email: privacy@taler-systems.com
+
+You can always contact your local data protection authority to enforce
+your rights.
+
+
+Data retention
+==============
+
+If you uninstall the Taler Wallet mobile applications from your
+device, or request that your information be deleted, we still may
+retain some information that you have provided to us to maintain the
+Taler Wallet or to comply with relevant laws.
+
+
+Data security
+=============
+
+We are committed to making sure your information is protected. We
+employ several physical and electronic safeguards to keep your
+information safe, including encrypted user passwords, two factor
+verification and authentication on passwords where possible, and
+securing connections with industry standard transport layer security.
+You are also welcome to contact us using GnuPG encrypted e-mail. Even
+with all these precautions, we cannot fully guarantee against the
+access, disclosure, alteration, or deletion of data through events,
+including but not limited to hardware or software failure or
+unauthorized use. Any information that you provide to us is done so
+entirely at your own risk.
+
+
+Changes and updates to privacy policy
+=====================================
+
+We reserve the right to update and revise this privacy policy at any
+time. We occasionally review this Privacy Policy to make sure it
+complies with applicable laws and conforms to changes in our business.
+We may need to update this Privacy Policy, and we reserve the right to
+do so at any time. If we do revise this Privacy Policy, we will update
+the “Effective Date” at the bottom of this page so that you can tell
+if it has changed since your last visit. As we generally do not
+collect contact information and also do not track your visits, we will
+not be able to notify you directly. However, the Taler Wallet may
+inform you about a change in the privacy policy once it detects that
+the policy has changed. Please review this Privacy Policy regularly to
+ensure that you are aware of its terms. Any use of our Services after
+an amendment to our Privacy Policy constitutes your acceptance to the
+revised or amended agreement.
+
+
+International users and visitors
+================================
+
+Our Services are hosted in Switzerland. If you are a user accessing
+the Services from the European Union, Asia, US, or any other region
+with laws or regulations governing personal data collection, use, and
+disclosure that differ from Swiss laws, please be advised that through
+your continued use of the Services, which is governed by Swiss law,
+you are transferring your Personal Information to Switzerland and you
+consent to that transfer.
+
+
+Questions
+=========
+
+Please contact us at privacy@taler-systems.net if you have questions
+about our privacy practices that are not addressed in this Privacy
+Statement.
--- a/contrib/pp/en/pp-v0.pdf
+++ b/contrib/pp/en/pp-v0.pdf
--- a/contrib/tos/en/tos-v0.epub
+++ b/contrib/tos/en/tos-v0.epub
--- a/contrib/tos/en/tos-v0.html
+++ b/contrib/tos/en/tos-v0.html
--- a/contrib/tos/en/tos-v0.md
+++ b/contrib/tos/en/tos-v0.md
@ -0,0 +1,337 @@
+Terms Of Service
+****************
+
+Last Updated: 12.4.2019
+
+Welcome! Taler Systems SA (“we,” “our,” or “us”) provides a payment
+service through our Internet presence (collectively the “Services”).
+Before using our Services, please read the Terms of Service (the
+“Terms” or the “Agreement”) carefully.
+
+
+Overview
+========
+
+This section provides a brief summary of the highlights of this
+Agreement. Please note that when you accept this Agreement, you are
+accepting all of the terms and conditions and not just this section.
+We and possibly other third parties provide Internet services which
+interact with the Taler Wallet’s self-hosted personal payment
+application. When using the Taler Wallet to interact with our
+Services, you are agreeing to our Terms, so please read carefully.
+
+
+Highlights:
+-----------
+
+   * You are responsible for keeping the data in your Taler Wallet at
+     all times under your control. Any losses arising from you not
+     being in control of your private information are your problem.
+
+   * We will try to transfer funds we hold in escrow for our users to
+     any legal recipient to the best of our ability within the
+     limitations of the law and our implementation. However, the
+     Services offered today are highly experimental and the set of
+     recipients of funds is severely restricted.
+
+   * For our Services, we may charge transaction fees. The specific
+     fee structure is provided based on the Taler protocol and should
+     be shown to you when you withdraw electronic coins using a Taler
+     Wallet. You agree and understand that the Taler protocol allows
+     for the fee structure to change.
+
+   * You agree to not intentionally overwhelm our systems with
+     requests and follow responsible disclosure if you find security
+     issues in our services.
+
+   * We cannot be held accountable for our Services not being
+     available due to circumstances beyond our control. If we modify
+     or terminate our services, we will try to give you the
+     opportunity to recover your funds. However, given the
+     experimental state of the Services today, this may not be
+     possible. You are strongly advised to limit your use of the
+     Service to small-scale experiments expecting total loss of all
+     funds.
+
+These terms outline approved uses of our Services. The Services and
+these Terms are still at an experimental stage. If you have any
+questions or comments related to this Agreement, please send us a
+message to legal@taler-systems.com. If you do not agree to this
+Agreement, you must not use our Services.
+
+
+How you accept this policy
+==========================
+
+By sending funds to us (to top-up your Taler Wallet), you acknowledge
+that you have read, understood, and agreed to these Terms. We reserve
+the right to change these Terms at any time. If you disagree with the
+change, we may in the future offer you with an easy option to recover
+your unspent funds. However, in the current experimental period you
+acknowledge that this feature is not yet available, resulting in your
+funds being lost unless you accept the new Terms. If you continue to
+use our Services other than to recover your unspent funds, your
+continued use of our Services following any such change will signify
+your acceptance to be bound by the then current Terms. Please check
+the effective date above to determine if there have been any changes
+since you have last reviewed these Terms.
+
+
+Services
+========
+
+We will try to transfer funds that we hold in escrow for our users to
+any legal recipient to the best of our ability and within the
+limitations of the law and our implementation. However, the Services
+offered today are highly experimental and the set of recipients of
+funds is severely restricted.  The Taler Wallet can be loaded by
+exchanging fiat currencies against electronic coins. We are providing
+this exchange service. Once your Taler Wallet is loaded with
+electronic coins they can be spent for purchases if the seller is
+accepting Taler as a means of payment. We are not guaranteeing that
+any seller is accepting Taler at all or a particular seller.  The
+seller or recipient of deposits of electronic coins must specify the
+target account, as per the design of the Taler protocol. They are
+responsible for following the protocol and specifying the correct bank
+account, and are solely liable for any losses that may arise from
+specifying the wrong account. We will allow the government to link
+wire transfers to the underlying contract hash. It is the
+responsibility of recipients to preserve the full contracts and to pay
+whatever taxes and charges may be applicable. Technical issues may
+lead to situations where we are unable to make transfers at all or
+lead to incorrect transfers that cannot be reversed. We will only
+refuse to execute transfers if the transfers are prohibited by a
+competent legal authority and we are ordered to do so.
+
+When using our Services, you agree to not take any action that
+intentionally imposes an unreasonable load on our infrastructure. If
+you find security problems in our Services, you agree to first report
+them to security@taler-systems.com and grant us the right to publish
+your report. We warrant that we will ourselves publicly disclose any
+issues reported within 3 months, and that we will not prosecute anyone
+reporting security issues if they did not exploit the issue beyond a
+proof-of-concept, and followed the above responsible disclosure
+practice.
+
+
+Fees
+====
+
+You agree to pay the fees for exchanges and withdrawals completed via
+the Taler Wallet ("Fees") as defined by us, which we may change from
+time to time. With the exception of wire transfer fees, Taler
+transaction fees are set for any electronic coin at the time of
+withdrawal and fixed throughout the validity period of the respective
+electronic coin. Your wallet should obtain and display applicable fees
+when withdrawing funds. Fees for coins obtained as change may differ
+from the fees applicable to the original coin. Wire transfer fees that
+are independent from electronic coins may change annually.  You
+authorize us to charge or deduct applicable fees owed in connection
+with deposits, exchanges and withdrawals following the rules of the
+Taler protocol. We reserve the right to provide different types of
+rewards to users either in the form of discount for our Services or in
+any other form at our discretion and without prior notice to you.
+
+
+Eligibility and Financial self-responsibility
+=============================================
+
+To be eligible to use our Services, you must be able to form legally
+binding contracts or have the permission of your legal guardian. By
+using our Services, you represent and warrant that you meet all
+eligibility requirements that we outline in these Terms.
+
+You will be responsible for maintaining the availability, integrity
+and confidentiality of the data stored in your wallet. When you setup
+a Taler Wallet, you are strongly advised to follow the precautionary
+measures offered by the software to minimize the chances to losse
+access to or control over your Wallet data. We will not be liable for
+any loss or damage arising from your failure to comply with this
+paragraph.
+
+
+Copyrights and trademarks
+=========================
+
+The Taler Wallet is released under the terms of the GNU General Public
+License (GNU GPL). You have the right to access, use, and share the
+Taler Wallet, in modified or unmodified form. However, the GPL is a
+strong copyleft license, which means that any derivative works must be
+distributed under the same license terms as the original software. If
+you have any questions, you should review the GNU GPL’s full terms and
+conditions at https://www.gnu.org/licenses/gpl-3.0.en.html.  “Taler”
+itself is a trademark of Taler Systems SA. You are welcome to use the
+name in relation to processing payments using the Taler protocol,
+assuming your use is compatible with an official release from the GNU
+Project that is not older than two years.
+
+
+Limitation of liability & disclaimer of warranties
+==================================================
+
+You understand and agree that we have no control over, and no duty to
+take any action regarding: Failures, disruptions, errors, or delays in
+processing that you may experience while using our Services; The risk
+of failure of hardware, software, and Internet connections; The risk
+of malicious software being introduced or found in the software
+underlying the Taler Wallet; The risk that third parties may obtain
+unauthorized access to information stored within your Taler Wallet,
+including, but not limited to your Taler Wallet coins or backup
+encryption keys.  You release us from all liability related to any
+losses, damages, or claims arising from:
+
+1. user error such as forgotten passwords, incorrectly constructed
+   transactions;
+
+2. server failure or data loss;
+
+3. unauthorized access to the Taler Wallet application;
+
+4. bugs or other errors in the Taler Wallet software; and
+
+5. any unauthorized third party activities, including, but not limited
+   to, the use of viruses, phishing, brute forcing, or other means of
+   attack against the Taler Wallet. We make no representations
+   concerning any Third Party Content contained in or accessed through
+   our Services.
+
+Any other terms, conditions, warranties, or representations associated
+with such content, are solely between you and such organizations
+and/or individuals.
+
+To the fullest extent permitted by applicable law, in no event will we
+or any of our officers, directors, representatives, agents, servants,
+counsel, employees, consultants, lawyers, and other personnel
+authorized to act, acting, or purporting to act on our behalf
+(collectively the “Taler Parties”) be liable to you under contract,
+tort, strict liability, negligence, or any other legal or equitable
+theory, for:
+
+1. any lost profits, data loss, cost of procurement of substitute
+   goods or services, or direct, indirect, incidental, special,
+   punitive, compensatory, or consequential damages of any kind
+   whatsoever resulting from:
+
+   1. your use of, or conduct in connection with, our services;
+
+   2. any unauthorized use of your wallet and/or private key due to
+      your failure to maintain the confidentiality of your wallet;
+
+   3. any interruption or cessation of transmission to or from the
+      services; or
+
+   4. any bugs, viruses, trojan horses, or the like that are found in
+      the Taler Wallet software or that may be transmitted to or
+      through our services by any third party (regardless of the
+      source of origination), or
+
+2. any direct damages.
+
+These limitations apply regardless of legal theory, whether based on
+tort, strict liability, breach of contract, breach of warranty, or any
+other legal theory, and whether or not we were advised of the
+possibility of such damages. Some jurisdictions do not allow the
+exclusion or limitation of liability for consequential or incidental
+damages, so the above limitation may not apply to you.
+
+Our services are provided "as is" and without warranty of any kind. To
+the maximum extent permitted by law, we disclaim all representations
+and warranties, express or implied, relating to the services and
+underlying software or any content on the services, whether provided
+or owned by us or by any third party, including without limitation,
+warranties of merchantability, fitness for a particular purpose,
+title, non-infringement, freedom from computer virus, and any implied
+warranties arising from course of dealing, course of performance, or
+usage in trade, all of which are expressly disclaimed. In addition, we
+do not represent or warrant that the content accessible via the
+services is accurate, complete, available, current, free of viruses or
+other harmful components, or that the results of using the services
+will meet your requirements. Some states do not allow the disclaimer
+of implied warranties, so the foregoing disclaimers may not apply to
+you. This paragraph gives you specific legal rights and you may also
+have other legal rights that vary from state to state.
+
+
+Indemnity and Time limitation on claims and Termination
+=======================================================
+
+To the extent permitted by applicable law, you agree to defend,
+indemnify, and hold harmless the Taler Parties from and against any
+and all claims, damages, obligations, losses, liabilities, costs or
+debt, and expenses (including, but not limited to, attorney’s fees)
+arising from: (a) your use of and access to the Services; (b) any
+feedback or submissions you provide to us concerning the Taler Wallet;
+(c) your violation of any term of this Agreement; or (d) your
+violation of any law, rule, or regulation, or the rights of any third
+party.
+
+You agree that any claim you may have arising out of or related to
+your relationship with us must be filed within one year after such
+claim arises, otherwise, your claim in permanently barred.
+
+In the event of termination concerning your use of our Services, your
+obligations under this Agreement will still continue.
+
+
+Discontinuance of services and Force majeure
+============================================
+
+We may, in our sole discretion and without cost to you, with or
+without prior notice, and at any time, modify or discontinue,
+temporarily or permanently, any portion of our Services. We will use
+the Taler protocol’s provisions to notify Wallets if our Services are
+to be discontinued. It is your responsibility to ensure that the Taler
+Wallet is online at least once every three months to observe these
+notifications. We shall not be held responsible or liable for any loss
+of funds in the event that we discontinue or depreciate the Services
+and your Taler Wallet fails to transfer out the coins within a three
+months notification period.
+
+We shall not be held liable for any delays, failure in performance, or
+interruptions of service which result directly or indirectly from any
+cause or condition beyond our reasonable control, including but not
+limited to: any delay or failure due to any act of God, act of civil
+or military authorities, act of terrorism, civil disturbance, war,
+strike or other labor dispute, fire, interruption in
+telecommunications or Internet services or network provider services,
+failure of equipment and/or software, other catastrophe, or any other
+occurrence which is beyond our reasonable control and shall not affect
+the validity and enforceability of any remaining provisions.
+
+
+Governing law, Waivers, Severability and Assignment
+===================================================
+
+No matter where you’re located, the laws of Switzerland will govern
+these Terms. If any provisions of these Terms are inconsistent with
+any applicable law, those provisions will be superseded or modified
+only to the extent such provisions are inconsistent. The parties agree
+to submit to the ordinary courts in Zurich, Switzerland for exclusive
+jurisdiction of any dispute arising out of or related to your use of
+the Services or your breach of these Terms.
+
+Our failure to exercise or delay in exercising any right, power, or
+privilege under this Agreement shall not operate as a waiver; nor
+shall any single or partial exercise of any right, power, or privilege
+preclude any other or further exercise thereof.
+
+You agree that we may assign any of our rights and/or transfer, sub-
+contract, or delegate any of our obligations under these Terms.
+
+If it turns out that any part of this Agreement is invalid, void, or
+for any reason unenforceable, that term will be deemed severable and
+limited or eliminated to the minimum extent necessary.
+
+This Agreement sets forth the entire understanding and agreement as to
+the subject matter hereof and supersedes any and all prior
+discussions, agreements, and understandings of any kind (including,
+without limitation, any prior versions of this Agreement) and every
+nature between us. Except as provided for above, any modification to
+this Agreement must be in writing and must be signed by both parties.
+
+
+Questions or comments
+=====================
+
+We welcome comments, questions, concerns, or suggestions. Please send
+us a message on our contact page at legal@taler-systems.com.
--- a/contrib/tos/en/tos-v0.pdf
+++ b/contrib/tos/en/tos-v0.pdf
--- a/contrib/update-pp.sh
+++ b/contrib/update-pp.sh
@ -29,6 +29,10 @@ do
        else
            mv _build/$f/${VERSION}.$f $l/${VERSION}.$f
        fi
+        if test $f = "txt"
+        then
+            cp $l/${VERSION}.$f $l/${VERSION}.md
+        fi
    done
 done
 cd ..
--- a/contrib/update-tos.sh
+++ b/contrib/update-tos.sh
@ -29,6 +29,10 @@ do
        else
            mv _build/$f/${VERSION}.$f $l/${VERSION}.$f
        fi
+        if test $f = "txt"
+        then
+            cp $l/${VERSION}.$f $l/${VERSION}.md
+        fi
    done
 done
 cd ..
--- a/src/exchange/taler-exchange-wirewatch.c
+++ b/src/exchange/taler-exchange-wirewatch.c
@ -1,6 +1,6 @@
 /*
  This file is part of TALER
-  Copyright (C) 2016--2022 Taler Systems SA
+  Copyright (C) 2016--2023 Taler Systems SA

  TALER is free software; you can redistribute it and/or modify it under the
  terms of the GNU Affero General Public License as published by the Free Software
@ -51,6 +51,17 @@ static const struct TALER_EXCHANGEDB_AccountInfo *ai;
 */
 static struct TALER_BANK_CreditHistoryHandle *hh;

+/**
+ * Set to true if the request for history did actually
+ * return transaction items.
+ */
+static bool hh_returned_data;
+
+/**
+ * When did we start the last @e hh request?
+ */
+static struct GNUNET_TIME_Absolute hh_start_time;
+
 /**
 * Until when is processing this wire plugin delayed?
 */
@ -455,6 +466,18 @@ transaction_completed (void)
    GNUNET_SCHEDULER_shutdown ();
    return;
  }
+  if (! hh_returned_data)
+  {
+    /* Enforce long polling delay even if the server ignored it
+       and returned earlier */
+    struct GNUNET_TIME_Relative latency;
+    struct GNUNET_TIME_Relative left;
+
+    latency = GNUNET_TIME_absolute_get_duration (hh_start_time);
+    left = GNUNET_TIME_relative_subtract (LONGPOLL_TIMEOUT,
+                                          latency);
+    delayed_until = GNUNET_TIME_relative_to_absolute (left);
+  }
  GNUNET_assert (NULL == task);
  schedule_transfers ();
 }
@ -482,6 +505,7 @@ process_reply (const struct TALER_BANK_CreditDetails *details,
    transaction_completed ();
    return;
  }
+  hh_returned_data = true;
  /* check serial IDs for range constraints */
  for (unsigned int i = 0; i<details_length; i++)
  {
@ -720,6 +744,7 @@ process_reply_batched (const struct TALER_BANK_CreditDetails *details,
    enum GNUNET_DB_QueryStatus qss[details_length];
    struct TALER_EXCHANGEDB_ReserveInInfo reserves[details_length];

+    hh_returned_data = true;
    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
                "Importing %u transactions\n",
                details_length);
@ -865,6 +890,7 @@ process_reply_batched2 (unsigned int batch_size,
    transaction_completed ();
    return;
  }
+  hh_returned_data = true;
  /* check serial IDs for range constraints */
  for (unsigned int i = 0; i<details_length; i++)
  {
@ -1121,6 +1147,8 @@ continue_with_shard (void *cls)
  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
              "Requesting credit history staring from %llu\n",
              (unsigned long long) latest_row_off);
+  hh_start_time = GNUNET_TIME_absolute_get ();
+  hh_returned_data = false;
  hh = TALER_BANK_credit_history (ctx,
                                  ai->auth,
                                  latest_row_off,
--- a/src/exchangedb/0002-work_shards.sql
+++ b/src/exchangedb/0002-work_shards.sql
@ -49,3 +49,8 @@ CREATE INDEX work_shards_by_end_row_index
  ON work_shards
  (end_row DESC);

+CREATE INDEX work_shards_by_rows
+  ON work_shards
+  (job_name
+  ,start_row
+  ,end_row);
--- a/src/exchangedb/exchange_do_batch2_reserves_in_insert.sql
+++ b/src/exchangedb/exchange_do_batch2_reserves_in_insert.sql
@ -55,7 +55,6 @@ DECLARE
 DECLARE
  k INT8;
 BEGIN
-  --SIMPLE INSERT ON CONFLICT DO NOTHING
  transaction_duplicate=TRUE;
  transaction_duplicate2=TRUE;
  out_reserve_found = TRUE;
--- a/src/exchangedb/exchange_do_batch4_reserves_in_insert.sql
+++ b/src/exchangedb/exchange_do_batch4_reserves_in_insert.sql
@ -267,7 +267,7 @@ BEGIN
    END IF;
  k=k+1;
  END LOOP;
-
+ /**ROLLBACK TRANSACTION IN SOTRED PROCEDURE IS IT PROSSIBLE ?**/
  /*IF transaction_duplicate
  OR transaction_duplicate2
  OR transaction_duplicate3
--- a/src/exchangedb/exchange_do_batch_reserves_in_insert.sql
+++ b/src/exchangedb/exchange_do_batch_reserves_in_insert.sql
@ -32,7 +32,12 @@ CREATE OR REPLACE FUNCTION exchange_do_batch_reserves_in_insert(
  OUT ruuid INT8)
 LANGUAGE plpgsql
 AS $$
-
+DECLARE
+  curs refcursor;
+DECLARE
+  i RECORD;
+DECLARE
+  curs_trans refcursor;
 BEGIN
 ruuid= 0;
 out_reserve_found = TRUE;
@ -46,29 +51,38 @@ transaction_duplicate= TRUE;
    ,in_payto_uri)
  ON CONFLICT DO NOTHING;

-  INSERT INTO reserves
-    (reserve_pub
-    ,current_balance_val
-    ,current_balance_frac
-    ,expiration_date
-    ,gc_date)
-    VALUES
-    (in_reserve_pub
-    ,in_credit_val
-    ,in_credit_frac
-    ,in_expiration_date
-    ,in_gc_date)
-   ON CONFLICT DO NOTHING
-   RETURNING reserves.reserve_uuid INTO ruuid;
+  OPEN curs FOR
+  WITH reserve_changes AS (
+    INSERT INTO reserves
+      (reserve_pub
+      ,current_balance_val
+      ,current_balance_frac
+      ,expiration_date
+      ,gc_date)
+      VALUES
+      (in_reserve_pub
+      ,in_credit_val
+      ,in_credit_frac
+      ,in_expiration_date
+      ,in_gc_date)
+     ON CONFLICT DO NOTHING
+     RETURNING reserve_uuid, reserve_pub)
+   SELECT * FROM reserve_changes;
+  FETCH FROM curs INTO i;
  IF FOUND
  THEN
    -- We made a change, so the reserve did not previously exist.
-    out_reserve_found = FALSE;
-  ELSE
-    -- We made no change, which means the reserve existed.
-    out_reserve_found = TRUE;
+    IF in_reserve_pub = i.reserve_pub
+    THEN
+        out_reserve_found = FALSE;
+        ruuid = i.reserve_uuid;
+    END IF;
  END IF;
+  CLOSE curs;
+
  PERFORM pg_notify(in_notify, NULL);
+  OPEN curs_trans FOR
+  WITH reserve_transaction AS(
  INSERT INTO reserves_in
    (reserve_pub
    ,wire_reference
@ -85,16 +99,18 @@ transaction_duplicate= TRUE;
    ,in_exchange_account_name
    ,in_wire_source_h_payto
    ,in_expiration_date)
-    ON CONFLICT DO NOTHING;
+    ON CONFLICT DO NOTHING
+    RETURNING reserve_pub)
+  SELECT * FROM reserve_transaction;
+  FETCH FROM curs_trans INTO i;
  IF FOUND
  THEN
+    IF i.reserve_pub = in_reserve_pub
+    THEN
    -- HAPPY PATH THERE IS NO DUPLICATE TRANS
-    transaction_duplicate = FALSE;
-  ELSE
-    -- Unhappy...
--    RAISE EXCEPTION 'Reserve did not exist, but INSERT into reserves_in gave conflict';
-    transaction_duplicate = TRUE;
--    ROLLBACK;
+       transaction_duplicate = FALSE;
+    END IF;
  END IF;
+  CLOSE curs_trans;
  RETURN;
 END $$;
--- a/src/exchangedb/pg_batch2_reserves_in_insert.c
+++ b/src/exchangedb/pg_batch2_reserves_in_insert.c
@ -763,6 +763,7 @@ TEH_PG_batch2_reserves_in_insert (void *cls,
      t_duplicate |= transaction_duplicate[i+1];
      t_duplicate |= transaction_duplicate[i+2];
      t_duplicate |= transaction_duplicate[i+3];
+      //  fprintf(stdout, "reserve_uuid : %ld %ld %ld %ld\n", reserve_uuid[i], reserve_uuid[i+1], reserve_uuid[i+2], reserve_uuid[i+3]);
      i += 4;
      break;
    case 3:
@ -792,6 +793,7 @@ TEH_PG_batch2_reserves_in_insert (void *cls,
      results[i] = (t_duplicate)
      ? GNUNET_DB_STATUS_SUCCESS_NO_RESULTS
      : GNUNET_DB_STATUS_SUCCESS_ONE_RESULT;
+      //   fprintf(stdout, "reserve_uuid : %ld %ld\n", reserve_uuid[i], reserve_uuid[i+1]);
      i += 2;
      break;
    case 1:
@ -815,7 +817,7 @@ TEH_PG_batch2_reserves_in_insert (void *cls,
      }
      need_update |= conflicts[i];
      t_duplicate |= transaction_duplicate[i];
-      //    fprintf(stdout, "reserve uuid : %ld c :%d t:%d\n", reserve_uuid[i], conflicts[i], transaction_duplicate[i]);
+      //  fprintf(stdout, "reserve uuid : %ld c :%d t:%d\n", reserve_uuid[i], conflicts[i], transaction_duplicate[i]);
      i += 1;
      break;
    case 0:
--- a/src/mhd/mhd_legal.c
+++ b/src/mhd/mhd_legal.c
@ -388,6 +388,7 @@ load_terms (struct TALER_MHD_Legal *legal,
    { .ext = ".html", .mime = "text/html", .priority = 100 },
    { .ext = ".htm", .mime = "text/html", .priority = 99 },
    { .ext = ".txt", .mime = "text/plain", .priority = 50 },
+    { .ext = ".md", .mime = "text/markdown", .priority = 50 },
    { .ext = ".pdf", .mime = "application/pdf", .priority = 25 },
    { .ext = ".jpg", .mime = "image/jpeg" },
    { .ext = ".jpeg", .mime = "image/jpeg" },