Commit Graph

29 Commits

Author SHA1 Message Date
Christian Grothoff
345c141bad
-work on p2p payments 2022-04-23 20:50:27 +02:00
Christian Grothoff
c8c1005297
-add draft handler for purse merge client request 2022-04-11 15:34:45 +02:00
Christian Grothoff
6f027fc130
add additinal signature 2022-04-02 17:25:18 +02:00
Christian Grothoff
c782dfe2aa
first draft of service API for p2p payments 2022-03-24 13:06:04 +01:00
Christian Grothoff
41399bc224
revise P2P signatures and signing schema to address recently discovered design concern resulting in the split of the purse key into purse-contract and purse-merge keys 2022-03-23 06:54:43 +01:00
Christian Grothoff
6868b78692
fix typo 2022-03-22 12:06:12 +01:00
Christian Grothoff
e200e86032
implement helper functions for p2p signatures, clean up existing signature logic 2022-03-22 02:33:51 +01:00
Christian Grothoff
1bb5a77c8d
add new reserve status/history signatures 2022-03-20 02:39:28 +01:00
Christian Grothoff
eac8b8c0da
-re-enable test-revocation.sh, works again 2022-03-17 15:06:58 +01:00
e9eb00e285
Refactoring TALER_AgeCommitment
Instead of a single struct TALER_AgeCommitment, we now use
 1. TALER_AgeCommitment for the age mask and list public keys for age
    restriciton.
 2. TALER_AgeProof for list of private keys for age restriction
 3. TALER_AgeCommitmentProof for the aggregation of the former two.

Also, we introduce TALER_AgeAttestation as the EDDSA signature to attest
a particular age group, along with the function prototypes
TALER_age_commitment_attest and TALER_age_commitment_verify.
2022-03-01 17:02:37 +01:00
26158fc725
[age restriction] progress 16/n - refresh/reveal/link tests
Age restriction works now with withdraw, melt/refresh/reveal and link,
including tests.

However, there is still a problem with the tests:  The melting operation
"refresh-melt-failing-age" that should fail (because of conflict), but
currently fails for other reasons.  I decided to disable that particular
test (and the next) and submit the patch I have so far.
2022-02-22 14:34:47 +01:00
Christian Grothoff
544ba42f44
-big renaming of structs for consistent naming with P suffix 2022-02-21 00:23:23 +01:00
a78b3345fb
[age restriction] progress 15/n - melt/refresh/reveal and recoup
Added age restriction support for
  - melt/refresh/reveal
  - recoup

However, tests are not yet implemented for those flows.

Also: minor fixes and refactoring.
2022-02-18 00:30:19 +01:00
8bdf6ab19d
[age restriction] progress 14/n - withdraw and deposit
Age restriction support for
  - withdraw is done and tested
  - deposit is done and tested

TODOs:
  - melt/refresh/reveal
  - link

------

Added functions
 - TALER_age_restriction_commit
 - TALER_age_commitment_derive
 - TALER_age_commitment_hash
 - TALER_age_restriction_commitment_free_inside
 - Hash of age commitment passed around API boundaries

Exchangedb adjustments for denominations
 - all prepared statements re: denominations now handle age_mask
 - signature parameters adjusted

Hash and signature verification of /keys adjusted
 - Hashes of (normal) denominations and age-restricted denominations are
   calculated seperately
 - The hash of the age-restricted ones will then be added to the other
   hash
 - The total hash is signed/verified

Tests for withdraw with age restriction added
 - TALER_EXCHANGE_DenomPublickey now carries age_mask
 - TALER_TESTING_cmd_withdraw_amount* takes age parameter
 - TALER_TESTING_find_pk takes boolean age_restricted
 - WithdrawState carries age_commitment and its hash
 - withdraw_run derives new age commitment, if applicable
 - Added age parameter to testing (13 as example)

Various Fixes and changes
 - Fixes of post handler for /management/extensions
 - Fixes for offline tool extensions signing
 - Slight refactoring of extensions
 - Age restriction extension simplified
   - config is now global to extension
   - added global TEH_age_restriction_enabled and TEH_age_mask in
     taler-exchange-httpd
   - helper functions and macros introduced
2022-02-16 22:01:05 +01:00
Christian Grothoff
a0d9d59b73
-refactor to address FIXME 2022-02-12 12:20:12 +01:00
Christian Grothoff
94a5359494
-address misc. fixmes 2022-02-12 00:52:19 +01:00
Christian Grothoff
8cbe16a220
fix refresh/link tests 2022-02-08 09:58:22 +01:00
Christian Grothoff
e7aeec04f4
The current recoup API is broken. I guess this is another example where "trivial" API changes turn out to have (multiple!) unexpected consequences.
The current "/recoup" API does not have clear idempotency semantics, as we've discussed on the phone.  This is already bad by itself, as it makes it hard to write down what the API does other than "whatever the implementation does".

However, it actually breaks correctness in this (admittedly kinda contrived, but not impossible) case:

Say that we have a coin A obtained via withdrawal and a coin B obtained via refreshing coin A. Now the denominations of A gets revoked..

The wallet does a recoup of A for EUR:1.

Now the denomination of B also gets revoked.  The wallet recoups B (incidentally also for EUR:1) and now A can be recouped again for EUR:1.  But now the exchange is in a state where it will refuse a legitimate recoup request for A because the detection for an idempotent request kicks in.

This is IMHO bad API design, and the exchange should simply always recoup the maximum amount.

Furthermore, we usually follow the principle of "API calls that take up DB space are paid".  With the current recoup API, I can do many tiny recoup requests which the exchange then has to store, right?

I guess it would not be a big change to remove the "amount" value from the recoup/recoup-refresh request bodies, right?

- Florian
2022-01-11 12:47:35 +01:00
Christian Grothoff
f6ecb6c895
-eliminate redundant hash operation on link signatures 2021-12-25 15:39:01 +01:00
Christian Grothoff
87376e02eb
protocol v12 changes (/recoup split, signature changes) plus database sharding plus O(n^2)=>O(n) worst-case complexity reduction on coin balance checks 2021-12-25 13:56:40 +01:00
Christian Grothoff
2c14d33870
deduplicate melt signing logic, remove coin_pub from data being signed over 2021-12-25 13:56:40 +01:00
Christian Grothoff
1acc851deb
-fix recoup ugliness 2021-12-16 20:18:44 +01:00
Christian Grothoff
1a1fafbd43
introducing GNUNET_TIME_Timestamp, recoup now with amounts 2021-12-14 16:04:40 +01:00
Christian Grothoff
9d6e104066
include h_extensions in deposit confirmation 2021-11-06 19:43:47 +01:00
Christian Grothoff
0b370a6814
add extension hashing 2021-11-06 17:26:11 +01:00
Christian Grothoff
8175fdfa0f
introduce TALER_wallet_deposit_verify 2021-11-06 16:52:14 +01:00
Christian Grothoff
17cf64dfb6
fix remaining libtalerutil FTBFS issues 2021-10-27 09:23:12 +02:00
Christian Grothoff
b40afe196c
remove redundant old_coin_pub from link data 2021-01-10 12:15:47 +01:00
Christian Grothoff
ca66a1d1af
fix major bug with SQL statement missing ORDER BY freshcoin_index resulting in possible link failures (but usually lucky with old DB schema) 2021-01-10 00:54:12 +01:00