taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add ownership transfer corollary

Browse Source
This commit is contained in:
Christian Grothoff 2017-05-16 11:24:50 +02:00
parent 82cec70298
commit 5ea3021e82
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/paper/taler.tex
View File

@ -1422,10 +1422,10 @@ exchange.
\begin{theorem} \begin{theorem}
Let $C$ denote a coin controlled by users Alice and Bob. Let $C$ denote a coin controlled by users Alice and Bob.
Suppose Bob creates a coin $C'$ from $C$ using the refresh protocol. Suppose Bob creates a coin $C'$ from $C$ following the refresh protocol.
Assuming the exchange and Bob operated the refresh protocol correctly, Assuming the exchange and Bob operated the refresh protocol correctly,
and that they continue to operate the linking protocol and that the exchange continues to operate the linking protocol
\S\ref{subsec:linking} correctly, (\S\ref{subsec:linking}) correctly,
then Alice can gain control of $C'$ using the linking protocol. then Alice can gain control of $C'$ using the linking protocol.
\end{theorem} \end{theorem}
@ -1442,7 +1442,10 @@ for the residual value on $C'$ and runs the linking protocol to
determine if it was refreshed too. determine if it was refreshed too.
\end{proof} \end{proof}
At a result, there is no way for a user to loose control over a coin, \begin{corollary}
Abusing the refresh protocol to transfer ownership has an
expected loss of $1 - \frac{1}{\kappa}$ of the transaction value.
\end{corollary}
\section{Privacy arguments} \section{Privacy arguments}