1182 changed files with 55252 additions and 167292 deletions
--- a/.gitignore
+++ b/.gitignore
@ -88,7 +88,6 @@ src/wire-plugins/test_wire_plugin
 src/wire-plugins/test_wire_plugin_transactions_taler_bank
 src/pq/test_pq
 src/sq/test_sq
 src/util/test_age_restriction
 src/util/test_amount
 src/util/test_crypto
 src/util/test_json
@ -134,12 +133,6 @@ src/testing/test_auditor_api_rsa
 src/testing/test_exchange_api_overlapping_keys_bug_cs
 src/testing/test_exchange_api_overlapping_keys_bug_rsa
 src/testing/test_exchange_api_home/.local/share/taler/exchange/revocations/
 src/testing/test_auditor_api
 src/testing/test_auditor_api_version
 src/testing/test_exchange_api_keys_cherry_picking
 src/testing/test_exchange_api_overlapping_keys_bug
 src/testing/test_exchange_api_revocation
 src/testing/test_exchange_management_api
 src/wire-plugins/test_wire_plugin_legacy_taler_bank
 uncrustify.cfg
 vgcore.*
@ -162,9 +155,3 @@ po/taler-exchange.pot
 po/remove-potcdate.sed
 src/include/taler_dbevents.h
 src/bank-lib/taler-exchange-wire-gateway-client
 src/exchange/taler-exchange-drain
 src/kyclogic/taler-exchange-kyc-tester
 src/auditor/exchange-httpd-drain.err
 src/templating/libmustach.a
 contrib/tos/conf.py
 contrib/pp/conf.py
--- a/.gitmodules
+++ b/.gitmodules
@ -7,4 +7,4 @@
 	branch = prebuilt
 [submodule "contrib/gana"]
 	path = contrib/gana
-	url = https://git.gnunet.org/gana.git
+	url = https://git.gnunet.org/git/gana.git
--- a/6
+++ b/6
@ -1,9 +1,3 @@
 Sat Nov  5 11:32:45 AM CET 2022
    Added support for P2P payments.
    Added support for explicit reserve lifetime control.
    Added support for age restrictions.
    Releasing GNU Taler Exchange 0.9.0. -CG
 Fri 03 Sep 2021 07:02:05 PM CEST
    Add experimental aggregator sharding logic. -CG
--- a/Makefile.am
+++ b/Makefile.am
@ -15,6 +15,11 @@ else
 endif
 endif
 BUILT_SOURCES = src/include/taler_error_codes.h
 src/include/taler_error_codes.h: contrib/gana/gnu-taler-error-codes/registry.rec
 	contrib/gana-update.sh
@DX_RULES@
 ACLOCAL_AMFLAGS = -I m4
--- a/100
+++ b/100
@ -13,14 +13,15 @@ spend their digital coins.  Naturally, each Merchant is different, but
 Taler includes code examples to help Merchants integrate Taler as a
 payment system.
-Taler is currently developed by a worldwide group of independent free software
+Taler is currently developed by a worldwide group of independent free
-developers and Taler Systems SA.  Taler is free software and an official GNU
+software developers and the DECENTRALISE team at Inria Rennes.  Taler
-package (https://www.gnu.org/).
+is free software and a GNU package (https://www.gnu.org/).
-This is an alpha release with a few known bugs, lacking a few important
+This is an alpha release with a few known bugs, lacking a few
-features, documentation, testing, performance tuning and an external security
+important features, documentation, testing, performance tuning and an
-audit.  However, you can run the code and it largely works fine.  This package
+external security audit.  However, you can run the code and it largely
-also only includes the Taler exchange, not the other components of the system.
+works fine.  that does not work yet.  This package also only includes
 the Taler exchange, not the other components of the system.
 Documentation about Taler can be found at https://taler.net/.
 Our bug tracker is at https://bugs.taler.net/.
@ -62,7 +63,7 @@ src/pq/
  -- Postgres-specific utility functions
 src/exchangedb/
-  -- Exchange database backend (with database-specific plugins)
+  -- Exchange database backend (with DB-specific plugins)
 src/exchange/
  -- taler exchange server
@ -70,50 +71,71 @@ src/exchange/
 src/exchange-tools/
  -- taler exchange helper programs
-src/lib/
+src/exchange-lib/
  -- libtalerexchange: C API to issue HTTP requests to exchange
 src/auditor/
  -- tools to generate reports about financial performance and
     to validate that the exchange has been operating correctly
 src/auditordb/
  -- database logic for the auditor component (with database-specific
     plugins)
 src/benchmark/
  -- tool to run performance measurements
 src/templating/
  -- logic to generate HTML pages from templates at runtime
 src/kyclogic/
  -- core logic and plugins to trigger and manage KYC processes
     as required by banking regulation
 src/bank-lib/
  -- bank REST client logic and implementation of an in-memory
     RTGS emulator ("fakebank") for testing.
 src/extensions/
  -- extensions to the core logic of an exchange
 src/json/
  -- helper functions for generating and parsing JSON
 src/mhd/
  -- helper functions for interacting with GNU libmicrohttpd
 src/curl/
  -- helper functions for interacting with libcurl
 Getting Started
 ===============
-Please follow the exchange manual you can view after
+The following steps illustrate how to set up a exchange HTTP server.
-installing using
+They take as a stub for configuring the exchange the content of 'contrib/exchange-template/config/'.
-$ info taler-exchange
+1) Create a 'test/' directory and copy the stubs in it:
-or by visiting https://docs.taler.net/.
+mkdir -p test/config/
 cp exchange/contrib/exchange-template/config/* test/config/
 cd test/
 2) Create the exchange's master with the tool 'gnunet-ecc':
 gnunet-ecc -g1 master.priv
 3) Edit config/exchange-common.conf by replacing the right value on the line with the
 MASTER_PUBLIC_KEY entry with the fresh generated (ASCII version of) master.priv.
 This ASCII version is obtained by issuing:
 gnunet-ecc -p master.priv
 4) Generate other exchange related keys ('denomination' and 'signing' keys), by issuing:
 taler-exchange-keyup -m master.priv -o auditor.in
 5) A exchange needs a database to operate, so the following instructions relate to
 how to set up PostgreSQL. On debian, the two packages needed are:
 * postgresql
 * postgresql-client
 For other operating systems, please refer to the relevant documentation.
 In this settlement, the exchange will use a database called 'talercheck' and will
 run under the username through which 'taler-exchange-httpd' is launched. Thus assuming
 that this user is 'demo', we need to create a 'demo' role for postgresql and make
 him the owner of 'talercheck' database.
 To perform these administrative tasks we have to impersonate the 'postgres' (by default,
 postgres installation assigns privileges to such a user) user, then connect to the running DBMS.
 Issue the following:
 su # give your root password
 su - postgres
 psql # this is the command-line client to the DMBS
 # the following lines are SQL
 CREATE USER demo;
 CREATE DATABASE talercheck OWNER demo;
 # quit with CTRL-D
 7) If any previous step has been successful, it is now possbile to start up the
 exchange web server (by default it will listen on port 4241); issue:
 taler-exchange-httpd -d `pwd` # assuming we did not move outside of the 'test' directory
--- a/7
+++ b/7
@ -1,5 +1,4 @@
 #!/bin/sh
 # This file is in the public domain.
 set -eu
@ -8,12 +7,6 @@ if ! git --version >/dev/null; then
  exit 1
 fi
 if ! htmlark --version >/dev/null; then
  echo "htmlark not installed"
  echo "Run 'pip install htmlark'"
  exit 1
 fi
 echo "$0: Updating submodules"
 echo | git submodule update --init
--- a/configure.ac
+++ b/configure.ac
@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 #
 #  This file is part of TALER
-#  Copyright (C) 2014-2023 Taler Systems SA
+#  Copyright (C) 2014-2021 Taler Systems SA
 #
 #  TALER is free software; you can redistribute it and/or modify it under the
 #  terms of the GNU General Public License as published by the Free Software
@ -17,7 +17,7 @@
 #
 #
 AC_PREREQ([2.69])
-AC_INIT([taler-exchange],[0.9.2],[taler-bug@gnunet.org])
+AC_INIT([taler-exchange], [0.8.5], [taler-bug@gnunet.org])
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_SRCDIR([src/util/util.c])
 AC_CONFIG_HEADERS([taler_config.h])
@ -33,6 +33,8 @@ AM_SILENT_RULES([yes])
 AC_CONFIG_MACRO_DIR([m4])
 AC_PROG_AWK
 AC_PROG_CC
 # FIXME: AC_PROG_CC_C99 is obsolete, remove for autoconf 2.70
 AC_PROG_CC_C99
 AC_PROG_OBJC
 AC_PROG_INSTALL
 AC_PROG_LN_S
@ -63,13 +65,6 @@ AS_IF([test "x$doc_only" != xyes],[
 # Force some CFLAGS
 CFLAGS="-Wall -Wno-address-of-packed-member $CFLAGS"
 TALER_LIB_LDFLAGS="-export-dynamic -no-undefined"
 TALER_PLUGIN_LDFLAGS="-export-dynamic -avoid-version -module -no-undefined"
 AC_SUBST(TALER_LIB_LDFLAGS)
 AC_SUBST(TALER_PLUGIN_LDFLAGS)
 # Checks for header files.
 AC_CHECK_HEADERS([stdint.h stdlib.h string.h unistd.h sys/socket.h sys/un.h netinet/in.h netinet/ip.h])
@ -83,7 +78,6 @@ AC_DEFINE_UNQUOTED([NEED_LIBGCRYPT_VERSION], ["$need_libgcrypt_version"],
 AM_PATH_LIBGCRYPT([$need_libgcrypt_version])
 # should expensive tests be run?
 AC_MSG_CHECKING(whether to run expensive tests)
 AC_ARG_ENABLE([expensivetests],
@ -141,12 +135,20 @@ AS_CASE([$with_gnunet],
        [no], [AC_MSG_ERROR([--with-gnunet is required])],
        [LDFLAGS="-L$with_gnunet/lib $LDFLAGS"
         CPPFLAGS="-I$with_gnunet/include $CPPFLAGS"])
-AC_CHECK_HEADERS([gnunet/gnunet_util_lib.h],
+AC_CHECK_HEADERS([gnunet/platform.h gnunet/gnunet_util_lib.h],
- [AC_CHECK_LIB([gnunetutil], [GNUNET_SCHEDULER_run], libgnunetutil=1)])
+ [AC_CHECK_LIB([gnunetutil], [GNUNET_SCHEDULER_run], libgnunetutil=1)],
  [], [#ifdef HAVE_GNUNET_PLATFORM_H
        #include <gnunet/platform.h>
       #endif
        #include <gnunet/gnunet_common.h>
       #if GNUNET_UTIL_VERSION < 0x00A0104
        #fail libgnunetutil is too old
       #endif])
 AS_IF([test $libgnunetutil != 1],
  [AC_MSG_ERROR([[
 ***
-*** You need libgnunetutil >= 0.19.0 to build this program.
+*** You need libgnunetutil > 0.14.0 to build this program.
 *** (Yes, ">", libgnunetutil 0.14.0 is NOT enough.)
 *** This library is part of GNUnet, available at
 ***   https://gnunet.org
 *** ]])])
@ -165,8 +167,11 @@ AS_CASE([$with_gnunet],
        [no], [AC_MSG_ERROR([--with-gnunet is required])],
        [LDFLAGS="-L$with_gnunet/lib $LDFLAGS"
         CPPFLAGS="-I$with_gnunet/include $CPPFLAGS"])
-AC_CHECK_HEADERS([gnunet/gnunet_json_lib.h],
+AC_CHECK_HEADERS([gnunet/platform.h gnunet/gnunet_json_lib.h],
- [AC_CHECK_LIB([gnunetjson], [GNUNET_JSON_parse], libgnunetjson=1)])
+ [AC_CHECK_LIB([gnunetjson], [GNUNET_JSON_parse], libgnunetjson=1)],
  [], [#ifdef HAVE_GNUNET_PLATFORM_H
        #include <gnunet/platform.h>
       #endif])
 AS_IF([test $libgnunetjson != 1],
  [AC_MSG_ERROR([[
 ***
@ -228,8 +233,11 @@ AS_CASE([$with_gnunet],
        [no], [AC_MSG_ERROR([--with-gnunet is required])],
        [LDFLAGS="-L$with_gnunet/lib $LDFLAGS"
         CPPFLAGS="-I$with_gnunet/include $CPPFLAGS"])
-AC_CHECK_HEADERS([gnunet/gnunet_curl_lib.h],
+AC_CHECK_HEADERS([gnunet/platform.h gnunet/gnunet_curl_lib.h],
- [AC_CHECK_LIB([gnunetcurl], [GNUNET_CURL_get_select_info], libgnunetcurl=1)])
+ [AC_CHECK_LIB([gnunetcurl], [GNUNET_CURL_get_select_info], libgnunetcurl=1)],
  [], [#ifdef HAVE_GNUNET_PLATFORM_H
        #include <gnunet/platform.h>
       #endif])
 AS_IF([test $libgnunetcurl != 1],
  [AC_MSG_ERROR([[
 ***
@ -244,21 +252,6 @@ CFLAGS=$CFLAGS_SAVE
 LDFLAGS=$LDFLAGS_SAVE
 LIBS=$LIBS_SAVE
 # test for postgres
 AX_LIB_POSTGRESQL([13.0])
 AS_IF([test "x$found_postgresql" = "xyes"],
  [SAVE_CPPFLAGS="$CPPFLAGS"
   CPPFLAGS="$POSTGRES_CPPFLAGS $CPPFLAGS"
   AC_CHECK_HEADERS([libpq-fe.h], [postgres=1], [postgres=0])])
 AS_IF([test "x$postgres" != "x1"],
  [AC_MSG_ERROR([[
 ***
 *** You need libpq(-dev) >= 13.0 to build this program.
 *** ]])])
 AM_CONDITIONAL([HAVE_POSTGRESQL], [test "x$postgres" = "x1"])
 AC_DEFINE_UNQUOTED([HAVE_POSTGRESQL], [$postgres],
                   [Define to 1 if Postgres is available])
 # Check for GNUnet's libgnunetpq.
 libgnunetpq=0
 AC_MSG_CHECKING([for libgnunetpq])
@ -271,10 +264,12 @@ AS_CASE([$with_gnunet],
        [yes], [],
        [no], [AC_MSG_ERROR([--with-gnunet is required])],
        [LDFLAGS="-L$with_gnunet/lib $LDFLAGS"
-         CPPFLAGS="-I$with_gnunet/include ${CPPFLAGS}"])
+         CPPFLAGS="-I$with_gnunet/include $CPPFLAGS"])
-CPPFLAGS="${CPPFLAGS} ${POSTGRESQL_CPPFLAGS}"
+AC_CHECK_HEADERS([gnunet/platform.h gnunet/gnunet_pq_lib.h],
-AC_CHECK_HEADERS([gnunet/gnunet_pq_lib.h],
+ [AC_CHECK_LIB([gnunetpq], [GNUNET_PQ_result_spec_string], libgnunetpq=1)],
- [AC_CHECK_LIB([gnunetpq], [GNUNET_PQ_result_spec_string], libgnunetpq=1)])
+  [], [#ifdef HAVE_GNUNET_PLATFORM_H
        #include <gnunet/platform.h>
       #endif])
 AS_IF([test $libgnunetpq != 1],
  [AC_MSG_ERROR([[
 ***
@ -284,18 +279,19 @@ AS_IF([test $libgnunetpq != 1],
 *** is recent!)
 *** ]])])
 CFLAGS_SAVE=$CFLAGS
 LDFLAGS_SAVE=$LDFLAGS
 LIBS_SAVE="$LIBS"
 # Check for GNUnet's libgnunetsq
 libgnunetsq=0
 AC_MSG_CHECKING([for libgnunetsq])
 AC_CHECK_HEADERS([gnunet/gnunet_sq_lib.h],
- [AC_CHECK_LIB([gnunetsq], [GNUNET_SQ_result_spec_string], libgnunetsq=1)])
+ [AC_CHECK_LIB([gnunetsq], [GNUNET_SQ_result_spec_string], libgnunetsq=1)],
  [], [#ifdef HAVE_GNUNET_PLATFORM_H
        #include <gnunet/platform.h>
       #endif])
 # check for libmicrohttpd
 microhttpd=0
 AC_MSG_CHECKING([for microhttpd])
 AC_ARG_WITH([microhttpd],
            [AS_HELP_STRING([--with-microhttpd=PFX], [base of microhttpd installation])],
@ -307,7 +303,14 @@ AS_CASE([$with_microhttpd],
        [no], [AC_MSG_ERROR([--with-microhttpd is required])],
        [LDFLAGS="-L$with_microhttpd/lib $LDFLAGS"
         CPPFLAGS="-I$with_microhttpd/include $CPPFLAGS"])
-MHD_VERSION_AT_LEAST([0.9.71])
+AC_CHECK_LIB(microhttpd,MHD_start_daemon,
  [AC_CHECK_HEADER([microhttpd.h],[microhttpd=1])])
 AC_CHECK_DECL([MHD_DAEMON_INFO_CURRENT_CONNECTIONS],,[microhttpd=0],[[#include <microhttpd.h>]])
 AS_IF([test $microhttpd = 0],
  [AC_MSG_ERROR([[
 ***
 *** You need libmicrohttpd >= 0.9.39 to build this program.
 *** ]])])
 # check for libjansson (Jansson JSON library)
 jansson=0
@ -331,6 +334,22 @@ AS_IF([test $jansson = 0],
 *** ]])])
 # test for postgres
 AX_LIB_POSTGRESQL([13.0])
 AS_IF([test "x$found_postgresql" = "xyes"],[postgres=true])
 TALER_LIB_LDFLAGS="-export-dynamic -no-undefined"
 TALER_PLUGIN_LDFLAGS="-export-dynamic -avoid-version -module -no-undefined"
 AC_SUBST(TALER_LIB_LDFLAGS)
 AC_SUBST(TALER_PLUGIN_LDFLAGS)
 CFLAGS_SAVE=$CFLAGS
 LDFLAGS_SAVE=$LDFLAGS
 LIBS_SAVE="$LIBS"
 AM_CONDITIONAL(HAVE_POSTGRESQL, test x$postgres = xtrue)
 CFLAGS=$CFLAGS_SAVE
 LDFLAGS=$LDFLAGS_SAVE
@ -380,7 +399,10 @@ AS_CASE([$with_twister],
         CPPFLAGS="-I$with_twister/include $CPPFLAGS"])
 AC_CHECK_HEADERS([taler/taler_twister_service.h],
- [AC_CHECK_LIB([talertwister], [TALER_TWISTER_connect], talertwister=1)])
+ [AC_CHECK_LIB([talertwister], [TALER_TWISTER_connect], talertwister=1)],
   [], [#ifdef HAVE_GNUNET_PLATFORM_H
        #include <gnunet/platform.h>
       #endif])
 AM_CONDITIONAL(HAVE_TWISTER, test x$talertwister = x1)
 # should developer logic be compiled (not-for-production code)?
@ -520,9 +542,7 @@ AC_CONFIG_FILES([Makefile
                 src/exchangedb/Makefile
                 src/exchange-tools/Makefile
                 src/extensions/Makefile
                 src/extensions/age_restriction/Makefile
                 src/lib/Makefile
                 src/kyclogic/Makefile
                 src/testing/Makefile
                 src/benchmark/Makefile
                 src/include/Makefile
@ -530,7 +550,6 @@ AC_CONFIG_FILES([Makefile
                 src/mhd/Makefile
                 src/pq/Makefile
                 src/sq/Makefile
                 src/templating/Makefile
                 src/util/Makefile
                 ])
 AC_OUTPUT
--- a/contrib/Makefile.am
+++ b/contrib/Makefile.am
@ -1,21 +1,5 @@
 SUBDIRS = .
 tmplpkgdatadir = $(prefix)/share/taler/exchange/templates/
 dist_tmplpkgdata_DATA = \
  persona-exchange-unauthorized.en.must \
  persona-load-failure.en.must \
  persona-exchange-unpaid.en.must \
  persona-logic-failure.en.must \
  persona-invalid-response.en.must \
  persona-network-timeout.en.must \
  persona-kyc-failed.en.must \
  persona-provider-failure.en.must
 # %%.must: merchant-backoffice/%.html
 # WTF: cp $< $@
 # English (en)
 tosendir=$(datadir)/taler/exchange/tos/en
@ -25,20 +9,18 @@ ppendir=$(datadir)/taler/exchange/pp/en
 rdatadir=$(datadir)/taler/exchange
 tosen_DATA = \
-  tos/en/*.txt \
+  tos/en/0.txt \
-  tos/en/*.md \
+  tos/en/0.pdf \
-  tos/en/*.pdf \
+  tos/en/0.epub \
-  tos/en/*.epub \
+  tos/en/0.xml \
-  tos/en/*.xml \
+  tos/en/0.html
  tos/en/*.html
 ppen_DATA = \
-  pp/en/*.txt \
+  pp/en/0.txt \
-  pp/en/*.md \
+  pp/en/0.pdf \
-  pp/en/*.pdf \
+  pp/en/0.epub \
-  pp/en/*.epub \
+  pp/en/0.xml \
-  pp/en/*.xml \
+  pp/en/0.html
  pp/en/*.html
 rdata_DATA = \
  auditor-report.tex.j2
@ -58,14 +40,13 @@ EXTRA_DIST = \
  gana/gnu-taler-error-codes/Makefile \
  tos/Makefile \
  tos/README \
-  tos/bfh-v0.rst \
+  tos/tos.rst \
-  tos/tos-v0.rst \
+  tos/conf.py \
  tos/conf.py.in \
  tos/locale/de/LC_MESSAGES/tos.po \
  pp/Makefile \
  pp/README \
-  pp/pp-v0.rst \
+  pp/pp.rst \
-  pp/conf.py.in \
+  pp/conf.py \
  pp/locale/de/LC_MESSAGES/pp.po \
  $(rdata_DATA) \
  coverage.sh \
@ -78,10 +59,10 @@ TOS_LANGUAGES="en de"
 PP_LANGUAGES="en de"
 # Change the terms-of-service version (Etag) to generate here!
-# This value should be modified whenever there is a substantive
+# This value should be incremented whenever there is a substantive
 # change in the original text (but not for the translations).
-TOS_VERSION=tos-v0
+TOS_VERSION=0
-PP_VERSION=pp-v0
+PP_VERSION=0
 update-tos:
 	VERSION=$(TOS_VERSION) ./update-tos.sh $(TOS_LANGUAGES)
--- a/contrib/auditor-report.tex.j2
+++ b/contrib/auditor-report.tex.j2
@ -139,10 +139,6 @@ In that time, the wire auditor processed the following table ranges:
 {% endif %}
 \end{center}
 The total credits to the exchange processed in
 this audit run was {\bf {{ wire.total_wire_in }}}.
 The total debits initiated by the exchange processed in
 this audit run was {\bf {{ wire.total_wire_out }}}.
 \section{Operations}
@ -150,16 +146,6 @@ The balance of the escrow account should
 be {\bf {{ coins.total_escrow_balance }}} (coins)
 plus {\bf {{ reserves.total_escrow_balance }}} (reserves).
 \noindent
 This should match the final balance computed from
 ingoing and outgoing wire transfers, which is
 {\bf {{ wire.final_balance}} }.
 \noindent
 A total of {\bf {{ wire.total_drained}} } in profits
 were transferred (over the lifetime of the exchange)
 to non-escrowed accounts.
 \noindent
 The active operational risk stands at
 {\bf {{ coins.total_active_risk }}}.
@ -169,8 +155,9 @@ Loss (actualized risk from recoups) is
 {\bf {{ coins.total_recoup_loss }}}.
 \noindent
-Losses from irregular reserve operations are at
+Recoups of non-revoked coins are at
-{\bf {{ reserves.total_irregular_loss }}} (reserves).
+{\bf {{ coins.total_irregular_recoups }}} (coins)
 plus {\bf {{ reserves.total_irregular_recoups }}} (reserves).
 \section{Income}
@ -317,8 +304,8 @@ confirmations to the auditor directly, so if the exchange is slow at
 synchronizing its database with the auditor, some deposit
 confirmations may be known at the auditor only directly. However, any
 delta not accounted for by database synchronization delays is an
-indicator of a malicious exchange (or online signing key compromise)
+indicator of a malicious exchange (or online singing key compromise)
-and should be answered by revoking the exchange's online signing keys.
+and should be answered by revoking the exchange's online siging keys.
 % TODO: maybe reference PhD thesis on this?
 The total amount the exchange currently lags behind is
@ -612,7 +599,7 @@ compromise resulting in proportional financial losses to the exchange.
 \endfoot
  \hline
  {\bf Total loss} &
-  {{ reserves.total_irregular_loss }} \\
+  {{ reserves.total_loss_balance_insufficient }} \\
  \caption{Reserves with withdrawals higher than reserve funding.}
  \label{table:reserve:balance_insufficient}
 \endlastfoot
@ -781,7 +768,7 @@ invalid and the amount involved should be considered lost.
 \endfoot
  \hline
  \multicolumn{2}{l}{ {\bf Total losses} } &
-  {\bf {{ coins.irregular_loss}} } \\
+  {\bf {{ coins.total_bad_sig_loss}} } \\
  \caption{Losses from operations performed on coins without proper signatures.}
  \label{table:bad_signature_losses}
 \endlastfoot
@ -900,7 +887,7 @@ actually received in some reserves.
 {% endif %}
-\subsection{Misattributed incoming wire transfers}
+\subsection{Missattributed incoming wire transfers}
 This section lists cases where the sender account record of an
 incoming wire transfer differs between the exchange and the bank.
@ -910,7 +897,7 @@ account.
 % Table generation tested by testcase #9 in test-auditor.sh
-{% if wire.misattribution_in_inconsistencies|length() == 0 %}
+{% if wire.missattribution_in_inconsistencies|length() == 0 %}
  {\bf All incoming wire transfer sender accounts matched up.}
 {% else %}
  \begin{longtable}{p{8.5cm}|r}
@ -925,11 +912,11 @@ account.
 \endfoot
  \hline
  {\bf Total amount}  &
-  {{ wire.total_misattribution_in}} \\
+  {{ wire.total_missattribution_in}} \\
  \caption{Incoming wire transfer sender accounts not matching up.}
  \label{table:wire_in:sender_account_inconsistencies}
 \endlastfoot
-{% for item in wire.misattribution_in_inconsistencies %}
+{% for item in wire.missattribution_in_inconsistencies %}
  {\tt \small \truncate{8.3cm}{ {{ item.reserve_pub }} } } &
  {{ item.amount }} \\ \hline
 {% endfor %}
@ -941,7 +928,7 @@ account.
 \subsection{Actual outgoing wire transfers} \label{sec:wire_check_out}
-This section highlights cases where the exchange misbehaved
+This section highlights cases where the exchange missbehaved
 with respect to outgoing wire transfers.
 % Table generation tested by testcase #11 in test-auditor.sh
@ -987,10 +974,10 @@ with respect to outgoing wire transfers.
 \subsection{Denominations without auditor signature}
 This section highlights denomination keys that lack a proper
-signature from the {\tt taler-auditor-offline} tool. This may be
+signature from the {\t taler-auditor-offline} tool. This may be
 legitimate, say in case where the auditor's involvement in the
 exchange business is ending and a new auditor is responsible for
-future denominations. So this must be read with a keen eye on the
+future denomnations. So this must be read with a keen eye on the
 business situation.
@ -1106,7 +1093,7 @@ have a clear financial impact.
  {{ item.row }} &
  {{ item.diagnostic }} \\
 \nopagebreak
-  \multicolumn{3}{l}{ {\tiny {\tt \truncate{\textwidth}{ {{ item.id }} } } } } \\ \hline
+  \multicolumn{3}{l}{ {\tiny {\tt \truncate{\textwidth}{ {{ item.wire_offset_hash }} } } } } \\ \hline
 {% endfor %}
  \end{longtable}
 {% endif %}
--- a/contrib/gana
+++ b/contrib/gana
@ -1 +1 @@
-Subproject commit bd4e73b2ed06269fdee42eaad21acb5be8be9302
+Subproject commit 24eb905bac48869b4184801571c0728c772b299c
--- a/contrib/gana-update.sh
+++ b/contrib/gana-update.sh
@ -1,41 +1,34 @@
 #!/bin/sh
 # This file is in the public domain.
 #
 # Helper script to recompute error codes based on submodule
 # Run from exchange/ main directory.
 set -eu
-domake ()
+# Generate taler-error-codes.h in gana and copy it to
-{
+# src/include/taler_error_codes.h
-    # $1 -- dir under contrib/
+cd contrib/gana/gnu-taler-error-codes
-    dir="contrib/$1"
+make
-
+cd ../../..
-    make -C $dir
+for n in taler_error_codes.c
-}
+do
-
+    if ! diff contrib/gana/gnu-taler-error-codes/${n} src/util/${n} > /dev/null
 ensure ()
 {
    # $1 -- filename
    # $2 -- src dir under contrib/
    # $3 -- dst dir under ./
    fn="$1"
    src="contrib/$2/$fn"
    dst="./$3/$fn"
    if ! diff $src $dst > /dev/null
    then
-        test ! -f $dst || chmod +w $dst
+        cp contrib/gana/gnu-taler-error-codes/$n src/util/$n
        cp $src $dst
        chmod -w $dst
    fi
-}
+done
-
+for n in taler_error_codes.h
-domake                     gana/gnu-taler-error-codes
+do
-ensure taler_error_codes.c gana/gnu-taler-error-codes src/util
+    if ! diff contrib/gana/gnu-taler-error-codes/${n} src/include/${n} > /dev/null
-ensure taler_error_codes.h gana/gnu-taler-error-codes src/include
+    then
-
+        cp contrib/gana/gnu-taler-error-codes/$n src/include/$n
-domake                  gana/gnu-taler-db-events
+    fi
-ensure taler_dbevents.h gana/gnu-taler-db-events src/include
+done
-
+cd contrib/gana/gnu-taler-db-events
-domake                    sigp
+make
-ensure taler_signatures.h sigp src/include
+cd ../../..
 for n in taler_dbevents.h
 do
    if ! diff contrib/gana/gnu-taler-db-events/${n} src/include/${n} > /dev/null
    then
        cp contrib/gana/gnu-taler-db-events/$n src/include/$n
    fi
 done
--- a/contrib/microhttpd.tag
+++ b/contrib/microhttpd.tag
@ -22,12 +22,6 @@
      <anchorfile>microhttpd.h</anchorfile>
      <arglist></arglist>
    </member>
    <member kind="define">
      <type>#define</type>
      <name>MHD_HTTP_UNAVAILABLE_FOR_LEGAL_REASONS</name>
      <anchorfile>microhttpd.h</anchorfile>
      <arglist></arglist>
    </member>
    <member kind="define">
      <type>#define</type>
      <name>MHD_HTTP_BAD_REQUEST</name>
@ -46,12 +40,6 @@
      <anchorfile>microhttpd.h</anchorfile>
      <arglist></arglist>
    </member>
    <member kind="define">
      <type>#define</type>
      <name>MHD_HTTP_CONTENT_TOO_LARGE</name>
      <anchorfile>microhttpd.h</anchorfile>
      <arglist></arglist>
    </member>
    <member kind="define">
      <type>#define</type>
      <name>MHD_HTTP_REQUEST_TIMEOUT</name>
@ -76,12 +64,6 @@
      <anchorfile>microhttpd.h</anchorfile>
      <arglist></arglist>
    </member>
    <member kind="define">
      <type>#define</type>
      <name>MHD_HTTP_NETWORK_AUTHENTICATION_REQUIRED</name>
      <anchorfile>microhttpd.h</anchorfile>
      <arglist></arglist>
    </member>
    <member kind="define">
      <type>#define</type>
      <name>MHD_HTTP_GONE</name>
--- a/contrib/persona-exchange-unauthorized.en.must
+++ b/contrib/persona-exchange-unauthorized.en.must
@ -1,13 +0,0 @@
 <html>
 <head>
 <title>KYC server refused access</title>
 </head>
 <body>
 The KYC backend refused the authorization code used by the exchange operator. Please inform the exchange operator about this failure.
 <pre>
 {{ kyc_http_status }}
 {{ kyc_logic }}
 {{ kyc_server_reply }}
 </pre>
 </body>
 </html>
--- a/contrib/persona-exchange-unpaid.en.must
+++ b/contrib/persona-exchange-unpaid.en.must
@ -1,13 +0,0 @@
 <html>
 <head>
 <title>KYC credit exhausted</title>
 </head>
 <body>
 The KYC backend refused the process as the exchange operator's credit balance at the KYC provider is insufficient. Please inform the exchange operator about this failure.
 <pre>
 {{ kyc_http_status }}
 {{ kyc_logic }}
 {{ kyc_server_reply }}
 </pre>
 </body>
 </html>
--- a/contrib/persona-invalid-response.en.must
+++ b/contrib/persona-invalid-response.en.must
@ -1,13 +0,0 @@
 <html>
 <head>
 <title>KYC provider returned unexpected response</title>
 </head>
 <body>
 The KYC backend returned an unexpected response.
 <pre>
 {{ kyc_http_status }}
 {{ kyc_logic }}
 {{ kyc_server_reply }}
 </pre>
 </body>
 </html>
--- a/contrib/persona-kyc-failed.en.must
+++ b/contrib/persona-kyc-failed.en.must
@ -1,20 +0,0 @@
 <html>
 <head>
 <title>KYC authentication failed</title>
 </head>
 <body>
 You failed the KYC check. See below for details.
 <!-- {{kyc_logic}} indicates the type of KYC provider
     which generated the reply; for now, only
     "kycaid" is possible. Switch on the
     {{kyc_logic}} to render results in a provider-specific
     way. (or introduce new templates per provider?) -->
 <!-- TODO: figure out exactly what the
     format of 'verifications' is here
     based on KYCAID documentation and parse
     that here. -->
 <pre>
 {{ verifications }}
 </pre>
 </body>
 </html>
--- a/contrib/persona-load-failure.en.must
+++ b/contrib/persona-load-failure.en.must
@ -1,13 +0,0 @@
 <html>
 <head>
 <title>KYC provider rate limit reached</title>
 </head>
 <body>
 The KYC backend interaction ran into a rate limit.
 <pre>
 {{ kyc_http_status }}
 {{ kyc_logic }}
 {{ kyc_server_reply }}
 </pre>
 </body>
 </html>
--- a/contrib/persona-logic-failure.en.must
+++ b/contrib/persona-logic-failure.en.must
@ -1,13 +0,0 @@
 <html>
 <head>
 <title>KYC server interaction failed</title>
 </head>
 <body>
 The KYC backend returned a response indicating a problem with the exchange logic. Please inform the exchange operator about this failure.
 <pre>
 {{ kyc_http_status }}
 {{ kyc_logic }}
 {{ kyc_server_reply }}
 </pre>
 </body>
 </html>
--- a/contrib/persona-network-timeout.en.must
+++ b/contrib/persona-network-timeout.en.must
@ -1,13 +0,0 @@
 <html>
 <head>
 <title>KYC provider timeout</title>
 </head>
 <body>
 The KYC backend interaction ran into a timeout.
 <pre>
 {{ kyc_http_status }}
 {{ kyc_logic }}
 {{ kyc_server_reply }}
 </pre>
 </body>
 </html>
--- a/contrib/persona-provider-failure.en.must
+++ b/contrib/persona-provider-failure.en.must
@ -1,13 +0,0 @@
 <html>
 <head>
 <title>KYC provider had an internal error</title>
 </head>
 <body>
 The KYC backend had an internal error.
 <pre>
 {{ kyc_http_status }}
 {{ kyc_logic }}
 {{ kyc_server_reply }}
 </pre>
 </body>
 </html>
--- a/contrib/pp/README
+++ b/contrib/pp/README
@ -9,7 +9,7 @@ Generating a new Privacy Policy requires Sphinx, LaTeX with babel
 packages for all supported languages.  On Debian, you should
 at least install:
-$ apt install python3-sphinx sphinx-intl texlive-lang-german texlive-lang-english latexmk texlive-latex-recommended texlive-latex-extra
+$ apt install python3-sphinx sphinx-intl texlive-lang-german texlive-lang-english
 (NOTE: List may be incomplete.)
--- a/contrib/pp/conf.py.in
+++ b/contrib/pp/conf.py.in
@ -1,6 +1,6 @@
 """
  This file is part of GNU TALER.
-  Copyright (C) 2014-2022 Taler Systems SA
+  Copyright (C) 2014-2020 Taler Systems SA
  TALER is free software; you can redistribute it and/or modify it under the
  terms of the GNU Lesser General Public License as published by the Free Software
@ -68,20 +68,20 @@ source_suffix = {
 #source_encoding = 'utf-8-sig'
 # The master toctree document.
-master_doc = '%VERSION%'
+master_doc = 'pp'
 # General information about the project.
-project = u'%VERSION%'
+project = u'pp'
-copyright = u'2014-2022 Taler Systems SA (GPLv3+ or GFDL 1.3+)'
+copyright = u'2014-2020 Taler Systems SA (GPLv3+ or GFDL 1.3+)'
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
 # The short X.Y version.
-version = '%VERSION%'
+version = '0'
 # The full version, including alpha/beta/rc tags.
-release = '%VERSION%'
+release = '0'
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
@ -192,7 +192,7 @@ html_short_title = "Privacy Policy"
 #html_domain_indices = True
 # If false, no index is generated.
-html_use_index = True
+#html_use_index = True
 # If true, the index is split into individual pages for each letter.
 #html_split_index = False
@ -231,7 +231,7 @@ latex_elements = {
 # (source start file, target name, title,
 #  author, documentclass [howto, manual, or own class]).
 latex_documents = [
-    ('%VERSION%', '%VERSION%.tex',
+    ('pp', 'pp.tex',
     'Privacy Policy', 'GNU Taler team', 'manual'),
 ]
@ -277,6 +277,6 @@ latex_documents = [
 # -- Options for epub output  ----------------------------
-epub_basename = "%VERSION%"
+epub_basename = "pp"
 epub_title = "Privacy Policy"
--- a/contrib/pp/en/0.epub
+++ b/contrib/pp/en/0.epub
--- a/contrib/pp/en/0.html
+++ b/contrib/pp/en/0.html
@ -0,0 +1,211 @@
 <html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Privacy Policy &#8212; Taler Privacy Policy</title>
    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
    <link rel="stylesheet" href="_static/epub.css" type="text/css" />
    <script id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
    <script src="_static/jquery.js"></script>
    <script src="_static/underscore.js"></script>
    <script src="_static/doctools.js"></script> 
  </head><body>
    <div class="document">
      <div class="documentwrapper">
        <div class="bodywrapper">
          <div class="body" role="main">
  <div class="section" id="privacy-policy">
 <h1>Privacy Policy<a class="headerlink" href="#privacy-policy" title="Permalink to this headline">¶</a></h1>
 <p>Last Updated: 11.12.2019</p>
 <p>This Privacy Policy describes the policies and procedures of Taler Systems SA
 (“we,” “our,” or “us”) pertaining to the collection, use, and disclosure of
 your information on our sites and related mobile applications and products we
 offer (the “Services” or “Taler Wallet”). This Privacy Statement applies to
 your personal data when you use our Services, and does not apply to online
 websites or services that we do not own or control.</p>
 <div class="section" id="overview">
 <h2>Overview<a class="headerlink" href="#overview" title="Permalink to this headline">¶</a></h2>
 <p>Your privacy is important to us. We follow a few fundamental principles: We
 don’t ask you for personally identifiable information (defined below). That
 being said, your contact information, such as your phone number, social media
 handle, or email address (depending on how you contact us), may be collected
 when you communicate with us, for example to report a bug or other error
 related to the Taler Wallet. We don’t share your information with third
 parties except when strictly required to deliver you our Services and
 products, or to comply with the law. If you have any questions or concerns
 about this policy, please reach out to us at <a class="reference external" href="mailto:privacy&#37;&#52;&#48;taler-systems&#46;net">privacy<span>&#64;</span>taler-systems<span>&#46;</span>net</a>.</p>
 </div>
 <div class="section" id="how-you-accept-this-policy">
 <h2>How you accept this policy<a class="headerlink" href="#how-you-accept-this-policy" title="Permalink to this headline">¶</a></h2>
 <p>By using our Services or visiting our sites, you agree to the use, disclosure,
 and procedures outlined in this Privacy Policy.</p>
 </div>
 <div class="section" id="what-personal-information-do-we-collect-from-our-users">
 <h2>What personal information do we collect from our users?<a class="headerlink" href="#what-personal-information-do-we-collect-from-our-users" title="Permalink to this headline">¶</a></h2>
 <p>The information we collect from you falls into two categories: (i) personally
 identifiable information (i.e., data that could potentially identify you as an
 individual) (“Personal Information”), and (ii) non-personally identifiable
 information (i.e., information that cannot be used to identify who you are)
 (“Non-Personal Information”). This Privacy Policy covers both categories and
 will tell you how we might collect and use each type.</p>
 <p>We do our best to not collect any Personal Information from Taler Wallet
 users. We believe that the Taler Wallet never transmits personal information
 to our services without at least clear implied consent, and we only process
 and retain information with a strict business need. That being said, when
 using our Services, we inherently have to collect the following information:</p>
 <blockquote>
 <div><ul class="simple">
 <li><p>Bank account details necessary when receiving funds from you to top-up your wallet or to transfer funds to you when you are being paid via Taler. At the current experimental stage, only the pseudonym and password you entered in the bank demonstrator is stored.</p></li>
 <li><p>The amounts being withdrawn or deposited, with associated unique transaction identifiers and cryptographic signatures authorizing the transaction. Note that for purchases, we cannot identify the buyer from the collected data, so when you spend money, we only receive non-personal information.</p></li>
 <li><p>When you contact us. We may collect certain information if you choose to contact us, for example to report a bug or other error with the Taler Wallet. This may include contact information such as your name, email address or phone number depending on the method you choose to contact us.</p></li>
 </ul>
 </div></blockquote>
 </div>
 <div class="section" id="how-we-collect-and-process-information">
 <h2>How we collect and process information<a class="headerlink" href="#how-we-collect-and-process-information" title="Permalink to this headline">¶</a></h2>
 <p>We may process your information for the following reasons:</p>
 <blockquote>
 <div><ul class="simple">
 <li><p>to transfer money as specified by our users (Taler transactions);</p></li>
 <li><p>to assist government entities in linking income to the underlying contract as required by law and local regulations</p></li>
 <li><p>to support you using the Taler Wallet or to improve our Services</p></li>
 </ul>
 </div></blockquote>
 </div>
 <div class="section" id="how-we-share-and-use-the-information-we-gather">
 <h2>How we share and use the information we gather<a class="headerlink" href="#how-we-share-and-use-the-information-we-gather" title="Permalink to this headline">¶</a></h2>
 <p>We may share your Personal Data or other information about you only if you are
 a merchant receiving income, with your bank, to the degree necessary to
 execute the payment.</p>
 <p>We retain Personal Data to transfer funds to the accounts designated by our
 users. We may retain Personal Data only for as long as mandated by law and
 required for the wire transfers.</p>
 <p>We primarily use the limited information we receive directly from you to
 enhance the Taler Wallet. Some ways we may use your Personal Information are
 to: Contact you when necessary to respond to your comments, answer your
 questions, or obtain additional information on issues related to bugs or
 errors with the Taler Wallet that you reported.</p>
 </div>
 <div class="section" id="agents-or-third-party-partners">
 <h2>Agents or third party partners<a class="headerlink" href="#agents-or-third-party-partners" title="Permalink to this headline">¶</a></h2>
 <p>We may provide your Personal Information to our employees, contractors,
 agents, service providers, and designees (“Agents”) to enable them to perform
 certain services for us exclusively, including: improvement and maintenance of
 our software and Services.</p>
 </div>
 <div class="section" id="protection-of-us-and-others">
 <h2>Protection of us and others<a class="headerlink" href="#protection-of-us-and-others" title="Permalink to this headline">¶</a></h2>
 <p>We reserve the right to access, read, preserve, and disclose any information
 that we reasonably believe is necessary to comply with the law or a court
 order.</p>
 </div>
 <div class="section" id="what-personal-information-can-i-access-or-change">
 <h2>What personal information can I access or change?<a class="headerlink" href="#what-personal-information-can-i-access-or-change" title="Permalink to this headline">¶</a></h2>
 <p>You can request access to the information we have collected from you. You can
 do this by contacting us at <a class="reference external" href="mailto:privacy&#37;&#52;&#48;taler-systems&#46;net">privacy<span>&#64;</span>taler-systems<span>&#46;</span>net</a>. We will make sure to
 provide you with a copy of the data we process about you. To comply with your
 request, we may ask you to verify your identity. We will fulfill your request
 by sending your copy electronically. For any subsequent access request, we may
 charge you with an administrative fee. If you believe that the information we
 have collected is incorrect, you are welcome to contact us so we can update it
 and keep your data accurate. Any data that is no longer needed for purposes
 specified in the “How We Use the Information We Gather” section will be
 deleted after ninety (90) days.</p>
 </div>
 <div class="section" id="what-are-your-data-protection-rights">
 <h2>What are your data protection rights?<a class="headerlink" href="#what-are-your-data-protection-rights" title="Permalink to this headline">¶</a></h2>
 <p>Anastasis would like to make sure you are fully aware of all of your
 data protection rights. Every user is entitled to the following:</p>
 <dl class="simple">
 <dt><strong>The right to access</strong>: You have the right to request Anastasis for</dt><dd><p>copies of your personal data. We may charge you a small fee for this
 service.</p>
 </dd>
 </dl>
 <p><strong>The right to rectification</strong>: You have the right to request that
 Anastasis correct any information you believe is inaccurate. You also
 have the right to request Anastasis to complete information you
 believe is incomplete.  The right to erasure - You have the right to
 request that Anastasis erase your personal data, under certain
 conditions.</p>
 <dl class="simple">
 <dt><strong>The right to restrict processing</strong>: You have the right to request</dt><dd><p>that Anastasis restrict the processing of your personal data, under
 certain conditions.</p>
 </dd>
 <dt><strong>The right to object to processing</strong>: You have the right to object to</dt><dd><p>Anastasis’s processing of your personal data, under certain
 conditions.</p>
 </dd>
 <dt><strong>The right to data portability</strong>: You have the right to request that</dt><dd><p>Anastasis transfer the data that we have collected to another
 organization, or directly to you, under certain conditions.</p>
 </dd>
 </dl>
 <p>If you make a request, we have one month to respond to you. If you
 would like to exercise any of these rights, please contact us at our
 email: <a class="reference external" href="mailto:privacy&#37;&#52;&#48;taler-systems&#46;com">privacy<span>&#64;</span>taler-systems<span>&#46;</span>com</a></p>
 <p>You can always contact your local data protection authority to enforce
 your rights.</p>
 </div>
 <div class="section" id="data-retention">
 <h2>Data retention<a class="headerlink" href="#data-retention" title="Permalink to this headline">¶</a></h2>
 <p>If you uninstall the Taler Wallet mobile applications from your device, or
 request that your information be deleted, we still may retain some information
 that you have provided to us to maintain the Taler Wallet or to comply with
 relevant laws.</p>
 </div>
 <div class="section" id="data-security">
 <h2>Data security<a class="headerlink" href="#data-security" title="Permalink to this headline">¶</a></h2>
 <p>We are committed to making sure your information is protected. We employ
 several physical and electronic safeguards to keep your information safe,
 including encrypted user passwords, two factor verification and authentication
 on passwords where possible, and securing connections with industry standard
 transport layer security. You are also welcome to contact us using GnuPG
 encrypted e-mail. Even with all these precautions, we cannot fully guarantee
 against the access, disclosure, alteration, or deletion of data through
 events, including but not limited to hardware or software failure or
 unauthorized use. Any information that you provide to us is done so entirely
 at your own risk.</p>
 </div>
 <div class="section" id="changes-and-updates-to-privacy-policy">
 <h2>Changes and updates to privacy policy<a class="headerlink" href="#changes-and-updates-to-privacy-policy" title="Permalink to this headline">¶</a></h2>
 <p>We reserve the right to update and revise this privacy policy at any time. We
 occasionally review this Privacy Policy to make sure it complies with
 applicable laws and conforms to changes in our business. We may need to update
 this Privacy Policy, and we reserve the right to do so at any time. If we do
 revise this Privacy Policy, we will update the “Effective Date” at the bottom
 of this page so that you can tell if it has changed since your last visit. As
 we generally do not collect contact information and also do not track your
 visits, we will not be able to notify you directly. However, the Taler Wallet
 may inform you about a change in the privacy policy once it detects that the
 policy has changed. Please review this Privacy Policy regularly to ensure that
 you are aware of its terms. Any use of our Services after an amendment to our
 Privacy Policy constitutes your acceptance to the revised or amended
 agreement.</p>
 </div>
 <div class="section" id="international-users-and-visitors">
 <h2>International users and visitors<a class="headerlink" href="#international-users-and-visitors" title="Permalink to this headline">¶</a></h2>
 <p>Our Services are hosted in Switzerland. If you are a user accessing the
 Services from the European Union, Asia, US, or any other region with laws or
 regulations governing personal data collection, use, and disclosure that
 differ from Swiss laws, please be advised that through your continued use of
 the Services, which is governed by Swiss law, you are transferring your
 Personal Information to Switzerland and you consent to that transfer.</p>
 </div>
 <div class="section" id="questions">
 <h2>Questions<a class="headerlink" href="#questions" title="Permalink to this headline">¶</a></h2>
 <p>Please contact us at <a class="reference external" href="mailto:privacy&#37;&#52;&#48;taler-systems&#46;net">privacy<span>&#64;</span>taler-systems<span>&#46;</span>net</a> if you have questions about our
 privacy practices that are not addressed in this Privacy Statement.</p>
 </div>
 </div>
            <div class="clearer"></div>
          </div>
        </div>
      </div>
      <div class="clearer"></div>
    </div>
  </body>
 </html>
--- a/contrib/pp/en/pp-v0.pdf
+++ b/contrib/pp/en/pp-v0.pdf
--- a/contrib/pp/en/pp-v0.md
+++ b/contrib/pp/en/pp-v0.md
--- a/contrib/pp/en/pp-v0.xml
+++ b/contrib/pp/en/pp-v0.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE document PUBLIC "+//IDN docutils.sourceforge.net//DTD Docutils Generic//EN//XML" "http://docutils.sourceforge.net/docs/ref/docutils.dtd">
 <!-- Generated by Docutils 0.16 -->
-<document source="/research/taler/exchange/contrib/pp/pp-v0.rst">
+<document source="/research/taler/exchange/contrib/pp/pp.rst">
    <section ids="privacy-policy" names="privacy\ policy">
        <title>Privacy Policy</title>
        <paragraph>Last Updated: 11.12.2019</paragraph>
--- a/contrib/pp/en/pp-v0.epub
+++ b/contrib/pp/en/pp-v0.epub
--- a/contrib/pp/en/pp-v0.html
+++ b/contrib/pp/en/pp-v0.html
--- a/contrib/pp/en/pp-v0.txt
+++ b/contrib/pp/en/pp-v0.txt
@ -1,237 +0,0 @@
 Privacy Policy
 **************
 Last Updated: 11.12.2019
 This Privacy Policy describes the policies and procedures of Taler
 Systems SA (“we,” “our,” or “us”) pertaining to the collection, use,
 and disclosure of your information on our sites and related mobile
 applications and products we offer (the “Services” or “Taler Wallet”).
 This Privacy Statement applies to your personal data when you use our
 Services, and does not apply to online websites or services that we do
 not own or control.
 Overview
 ========
 Your privacy is important to us. We follow a few fundamental
 principles: We don’t ask you for personally identifiable information
 (defined below). That being said, your contact information, such as
 your phone number, social media handle, or email address (depending on
 how you contact us), may be collected when you communicate with us,
 for example to report a bug or other error related to the Taler
 Wallet. We don’t share your information with third parties except when
 strictly required to deliver you our Services and products, or to
 comply with the law. If you have any questions or concerns about this
 policy, please reach out to us at privacy@taler-systems.net.
 How you accept this policy
 ==========================
 By using our Services or visiting our sites, you agree to the use,
 disclosure, and procedures outlined in this Privacy Policy.
 What personal information do we collect from our users?
 =======================================================
 The information we collect from you falls into two categories: (i)
 personally identifiable information (i.e., data that could potentially
 identify you as an individual) (“Personal Information”), and (ii) non-
 personally identifiable information (i.e., information that cannot be
 used to identify who you are) (“Non-Personal Information”). This
 Privacy Policy covers both categories and will tell you how we might
 collect and use each type.
 We do our best to not collect any Personal Information from Taler
 Wallet users. We believe that the Taler Wallet never transmits
 personal information to our services without at least clear implied
 consent, and we only process and retain information with a strict
 business need. That being said, when using our Services, we inherently
 have to collect the following information:
   * Bank account details necessary when receiving funds from you to
     top-up your wallet or to transfer funds to you when you are being
     paid via Taler. At the current experimental stage, only the
     pseudonym and password you entered in the bank demonstrator is
     stored.
   * The amounts being withdrawn or deposited, with associated unique
     transaction identifiers and cryptographic signatures authorizing
     the transaction. Note that for purchases, we cannot identify the
     buyer from the collected data, so when you spend money, we only
     receive non-personal information.
   * When you contact us. We may collect certain information if you
     choose to contact us, for example to report a bug or other error
     with the Taler Wallet. This may include contact information such
     as your name, email address or phone number depending on the
     method you choose to contact us.
 How we collect and process information
 ======================================
 We may process your information for the following reasons:
   * to transfer money as specified by our users (Taler transactions);
   * to assist government entities in linking income to the underlying
     contract as required by law and local regulations
   * to support you using the Taler Wallet or to improve our Services
 How we share and use the information we gather
 ==============================================
 We may share your Personal Data or other information about you only if
 you are a merchant receiving income, with your bank, to the degree
 necessary to execute the payment.
 We retain Personal Data to transfer funds to the accounts designated
 by our users. We may retain Personal Data only for as long as mandated
 by law and required for the wire transfers.
 We primarily use the limited information we receive directly from you
 to enhance the Taler Wallet. Some ways we may use your Personal
 Information are to: Contact you when necessary to respond to your
 comments, answer your questions, or obtain additional information on
 issues related to bugs or errors with the Taler Wallet that you
 reported.
 Agents or third party partners
 ==============================
 We may provide your Personal Information to our employees,
 contractors, agents, service providers, and designees (“Agents”) to
 enable them to perform certain services for us exclusively, including:
 improvement and maintenance of our software and Services.
 Protection of us and others
 ===========================
 We reserve the right to access, read, preserve, and disclose any
 information that we reasonably believe is necessary to comply with the
 law or a court order.
 What personal information can I access or change?
 =================================================
 You can request access to the information we have collected from you.
 You can do this by contacting us at privacy@taler-systems.net. We will
 make sure to provide you with a copy of the data we process about you.
 To comply with your request, we may ask you to verify your identity.
 We will fulfill your request by sending your copy electronically. For
 any subsequent access request, we may charge you with an
 administrative fee. If you believe that the information we have
 collected is incorrect, you are welcome to contact us so we can update
 it and keep your data accurate. Any data that is no longer needed for
 purposes specified in the “How We Use the Information We Gather”
 section will be deleted after ninety (90) days.
 What are your data protection rights?
 =====================================
 Anastasis would like to make sure you are fully aware of all of your
 data protection rights. Every user is entitled to the following:
 **The right to access**: You have the right to request Anastasis for
   copies of your personal data. We may charge you a small fee for
   this service.
 **The right to rectification**: You have the right to request that
 Anastasis correct any information you believe is inaccurate. You also
 have the right to request Anastasis to complete information you
 believe is incomplete.  The right to erasure - You have the right to
 request that Anastasis erase your personal data, under certain
 conditions.
 **The right to restrict processing**: You have the right to request
   that Anastasis restrict the processing of your personal data, under
   certain conditions.
 **The right to object to processing**: You have the right to object to
   Anastasis's processing of your personal data, under certain
   conditions.
 **The right to data portability**: You have the right to request that
   Anastasis transfer the data that we have collected to another
   organization, or directly to you, under certain conditions.
 If you make a request, we have one month to respond to you. If you
 would like to exercise any of these rights, please contact us at our
 email: privacy@taler-systems.com
 You can always contact your local data protection authority to enforce
 your rights.
 Data retention
 ==============
 If you uninstall the Taler Wallet mobile applications from your
 device, or request that your information be deleted, we still may
 retain some information that you have provided to us to maintain the
 Taler Wallet or to comply with relevant laws.
 Data security
 =============
 We are committed to making sure your information is protected. We
 employ several physical and electronic safeguards to keep your
 information safe, including encrypted user passwords, two factor
 verification and authentication on passwords where possible, and
 securing connections with industry standard transport layer security.
 You are also welcome to contact us using GnuPG encrypted e-mail. Even
 with all these precautions, we cannot fully guarantee against the
 access, disclosure, alteration, or deletion of data through events,
 including but not limited to hardware or software failure or
 unauthorized use. Any information that you provide to us is done so
 entirely at your own risk.
 Changes and updates to privacy policy
 =====================================
 We reserve the right to update and revise this privacy policy at any
 time. We occasionally review this Privacy Policy to make sure it
 complies with applicable laws and conforms to changes in our business.
 We may need to update this Privacy Policy, and we reserve the right to
 do so at any time. If we do revise this Privacy Policy, we will update
 the “Effective Date” at the bottom of this page so that you can tell
 if it has changed since your last visit. As we generally do not
 collect contact information and also do not track your visits, we will
 not be able to notify you directly. However, the Taler Wallet may
 inform you about a change in the privacy policy once it detects that
 the policy has changed. Please review this Privacy Policy regularly to
 ensure that you are aware of its terms. Any use of our Services after
 an amendment to our Privacy Policy constitutes your acceptance to the
 revised or amended agreement.
 International users and visitors
 ================================
 Our Services are hosted in Switzerland. If you are a user accessing
 the Services from the European Union, Asia, US, or any other region
 with laws or regulations governing personal data collection, use, and
 disclosure that differ from Swiss laws, please be advised that through
 your continued use of the Services, which is governed by Swiss law,
 you are transferring your Personal Information to Switzerland and you
 consent to that transfer.
 Questions
 =========
 Please contact us at privacy@taler-systems.net if you have questions
 about our privacy practices that are not addressed in this Privacy
 Statement.
--- a/contrib/pp/pp-v0.rst
+++ b/contrib/pp/pp-v0.rst
--- a/contrib/samples/wire-auditor.json
+++ b/contrib/samples/wire-auditor.json
@ -38,8 +38,8 @@
    "value": 5,
    "fraction": 1000000
  },
-  "misattribution_in_inconsistencies": [],
+  "missattribution_in_inconsistencies": [],
-  "total_misattribution_in": {
+  "total_missattribution_in": {
    "currency": "KUDOS",
    "value": 0,
    "fraction": 0
@ -233,4 +233,4 @@
    "fraction": 1000000
  },
  "lag_details": []
-}
+}
--- a/contrib/sigp/.gitignore
+++ b/contrib/sigp/.gitignore
@ -1,3 +0,0 @@
 /registry.rec
 /taler_signatures.h
 /taler_signatures.h.tmp
--- a/contrib/sigp/Makefile
+++ b/contrib/sigp/Makefile
@ -1,21 +0,0 @@
 FILES = taler_signatures.h
 gana = ../gana
 all: check $(FILES)
 check: registry.rec
 	recfix --check registry.rec
 registry.rec:
 	ln -s $(gana)/gnunet-signatures/registry.rec
 distclean:
 	rm -f *.tmp
 clean:
 	rm -f $(FILES) *.tmp registry.rec
 taler_signatures.h.tmp: registry.rec h.template
 	$(gana)/format.sh h.template 'Package = "GNU Taler"' < registry.rec > $@
 taler_signatures.h: h.header taler_signatures.h.tmp h.footer
 	cat h.header taler_signatures.h.tmp h.footer > $@
 .PHONY: check clean distclean
--- a/contrib/sigp/README
+++ b/contrib/sigp/README
@ -1,10 +0,0 @@
 This directory contains bootstrap code to extract info from the
 Signature Purposes database (registry) and format it in various ways.
 It is a peer of ${top_srcdir}/contrib/gana/ (q.v.).
 NB: New database entries MUST have field "Package: GNU Taler" if
    you want them to be visible to the Makefile in this directory.
 Don't make changes to registry.rec here (it is a symlink, after all).
 Instead, make them in ../gana/gnunet-signatures/ or from a separate
 checkout of the GANA Git repo (commit from there, too).
--- a/contrib/sigp/h.footer
+++ b/contrib/sigp/h.footer
@ -1,3 +0,0 @@
 #endif
--- a/contrib/sigp/h.header
+++ b/contrib/sigp/h.header
@ -1,31 +0,0 @@
 /*
  This file is part of TALER
  Copyright (C) 2014-2022 Taler Systems SA
  TALER is free software; you can redistribute it and/or modify it under the
  terms of the GNU General Public License as published by the Free Software
  Foundation; either version 3, or (at your option) any later version.
  TALER is distributed in the hope that it will be useful, but WITHOUT ANY
  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
  You should have received a copy of the GNU General Public License along with
  TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
 */
 /**
 * @file taler_signatures.h
 * @brief message formats and signature constants used to define
 *        the binary formats of signatures in Taler
 * @author Florian Dold
 * @author Benedikt Mueller
 *
 * This file should define the constants and C structs that one needs
 * to know to implement Taler clients (wallets or merchants or
 * auditor) that need to produce or verify Taler signatures.
 */
 #ifndef TALER_SIGNATURES_H
 #define TALER_SIGNATURES_H
--- a/contrib/sigp/h.template
+++ b/contrib/sigp/h.template
@ -1,6 +0,0 @@
 /**
 * {{Comment}}
 */
 #define TALER_SIGNATURE_{{Name}} {{Number}}
--- a/contrib/taler-bank-manage-testing
+++ b/contrib/taler-bank-manage-testing
@ -1,187 +1,27 @@
 #!/bin/sh
 # This file is in the public domain
-# Wrapper around libeufin to first configure the required
+# Wrapper around 'taler-bank-manage' to first configure the required
 # testing accounts before launching the bank properly.
 #
-# Takes 4 arguments:
+# Takes 3 arguments:
-# $1: the Nexus port (Sandbox port prepends 1 to it)
+# $1: the configuration file name
 # $2: the database name
-# $3: exchange base URL (used to specify the default exchange)
+# $3: serve-http or serve-uwsgi
 # $4: config file (needs patch to specify exchange's PAYTO_URI)
 set -eu
-if [ "$1" = "--help" ];
+if [ "$#" -ne 3 ];
 then
-    echo "This is a tool to launch a libeufin based bank for testing."
+    echo "illegal number of parameters"
    echo "Call using: Nexus port number, SQLite file path, exchange base URL, config file path."
    exit 0
 fi
 if [ "$#" -ne 4 ];
 then
    echo "illegal number of parameters.  \
 Give: Nexus port number, SQLite file path, exchange base URL, config file path."
    exit 1
 fi
-# Must not terminate jobs here, as they are needed
+# Ensure starting accounts exist
-# by the script _importing_ this one.  Those script
+taler-bank-manage -c $1 --with-db $2 django provide_accounts
-# will then manage the termination.
+taler-bank-manage -c $1 --with-db $2 django add_bank_account 42
-# trap cleanup EXIT
+taler-bank-manage -c $1 --with-db $2 django add_bank_account 43
-export LIBEUFIN_SANDBOX_DB_CONNECTION="jdbc:sqlite:$2"
+taler-bank-manage -c $1 --with-db $2 django changepassword_unsafe Exchange x
 # Create the default demobank.
 libeufin-sandbox config --currency TESTKUDOS default
 export LIBEUFIN_SANDBOX_ADMIN_PASSWORD=secret
 libeufin-sandbox serve --port "1$1" \
  > libeufin-sandbox-stdout.log \
  2> libeufin-sandbox-stderr.log &
 echo $! > libeufin-sandbox.pid
 export LIBEUFIN_SANDBOX_URL="http://localhost:1$1/"
 set +e
 echo -n "Waiting for Sandbox.."
 for n in `seq 1 50`; do
  echo -n "."
  sleep 1
  if wget --timeout=1 \
    --tries=3 --waitretry=0 \
    -o /dev/null -O /dev/null \
    $LIBEUFIN_SANDBOX_URL; then
    break
  fi
 done
 echo OK
-register_sandbox_account() {
+# Now run Django for good
-    export LIBEUFIN_SANDBOX_USERNAME=$1
+exec taler-bank-manage -c $1 --with-db $2 $3
    export LIBEUFIN_SANDBOX_PASSWORD=$2
    libeufin-cli sandbox \
      demobank \
      register --name "$3"
    unset LIBEUFIN_SANDBOX_USERNAME
    unset LIBEUFIN_SANDBOX_PASSWORD
 }
 set -e
 echo -n "Register the 'fortytwo' Sandbox user.."
 register_sandbox_account fortytwo x "Forty Two"
 echo OK
 echo -n "Register the 'fortythree' Sandbox user.."
 register_sandbox_account fortythree x "Forty Three"
 echo OK
 echo -n "Register 'exchange' Sandbox user.."
 register_sandbox_account exchange x "Exchange Company"
 echo OK
 echo -n "Register 'tor' Sandbox user.."
 register_sandbox_account tor x "Tor Project"
 echo OK
 echo -n "Register 'gnunet' Sandbox user.."
 register_sandbox_account gnunet x "GNUnet"
 echo OK
 echo -n "Register 'tutorial' Sandbox user.."
 register_sandbox_account tutorial x "Tutorial"
 echo OK
 echo -n "Register 'survey' Sandbox user.."
 register_sandbox_account survey x "Survey"
 echo OK
 echo -n "Specify exchange's PAYTO_URI in the config ..."
 export LIBEUFIN_SANDBOX_USERNAME=exchange
 export LIBEUFIN_SANDBOX_PASSWORD=x
 PAYTO=`libeufin-cli sandbox demobank info --bank-account exchange | jq --raw-output '.paytoUri'`
 taler-config -c $4 -s exchange-account-1 -o PAYTO_URI -V $PAYTO
 echo " OK"
 echo -n "Setting this exchange as the bank's default ..."
 EXCHANGE_PAYTO=`libeufin-cli sandbox demobank info --bank-account exchange | jq --raw-output '.paytoUri'`
 libeufin-sandbox default-exchange "$3" "$EXCHANGE_PAYTO"
 echo " OK"
 # Prepare EBICS: create Ebics host and Exchange subscriber.
 # Shortly becoming admin to setup Ebics.
 export LIBEUFIN_SANDBOX_USERNAME=admin
 export LIBEUFIN_SANDBOX_PASSWORD=secret
 echo -n "Create EBICS host at Sandbox.."
 libeufin-cli sandbox \
  --sandbox-url http://localhost:1$1 \
  ebicshost create --host-id talerebics
 echo OK
 echo -n "Create exchange EBICS subscriber at Sandbox.."
 libeufin-cli sandbox \
  demobank new-ebicssubscriber --host-id talerebics \
  --user-id exchangeebics --partner-id talerpartner \
  --bank-account exchange # that's a username _and_ a bank account name
 echo OK
 unset LIBEUFIN_SANDBOX_USERNAME
 unset LIBEUFIN_SANDBOX_PASSWORD
 # Prepare Nexus, which is the side actually talking
 # to the exchange.
 export LIBEUFIN_NEXUS_DB_CONNECTION="jdbc:sqlite:$2"
 # For convenience, username and password are
 # identical to those used at the Sandbox.
 echo -n Create exchange Nexus user..
 libeufin-nexus superuser exchange --password x
 echo OK
 libeufin-nexus serve --port $1 \
  2> libeufin-nexus-stderr.log \
  > libeufin-nexus-stdout.log &
 echo $! > libeufin-nexus.pid
 export LIBEUFIN_NEXUS_URL=http://localhost:$1
 echo -n Waiting for Nexus..
 set +e
 for n in `seq 1 50`; do
  echo -n "."
  sleep 1
  if wget --timeout=1 \
    --tries=3 --waitretry=0 \
    -o /dev/null -O /dev/null \
    $LIBEUFIN_NEXUS_URL; then
    break
  fi
 done
 set -e
 echo OK
 export LIBEUFIN_NEXUS_USERNAME=exchange
 export LIBEUFIN_NEXUS_PASSWORD=x
 echo -n Creating a EBICS connection at Nexus..
 libeufin-cli connections new-ebics-connection \
  --ebics-url "http://localhost:1$1/ebicsweb" \
  --host-id talerebics \
  --partner-id talerpartner \
  --ebics-user-id exchangeebics \
  talerconn
 echo OK
 echo -n Setup EBICS keying..
 libeufin-cli connections connect talerconn > /dev/null
 echo OK
 echo -n Download bank account name from Sandbox..
 libeufin-cli connections download-bank-accounts talerconn
 echo OK
 echo -n Importing bank account info into Nexus..
 libeufin-cli connections import-bank-account \
  --offered-account-id exchange \
  --nexus-bank-account-id exchange-nexus \
  talerconn
 echo OK
 echo -n Setup payments submission task..
 # Tries every second.
 libeufin-cli accounts task-schedule \
  --task-type submit \
  --task-name exchange-payments \
  --task-cronspec "* * *" \
  exchange-nexus
 echo OK
 # Tries every second.  Ask C52
 echo -n Setup history fetch task..
 libeufin-cli accounts task-schedule \
  --task-type fetch \
  --task-name exchange-history \
  --task-cronspec "* * *" \
  --task-param-level report \
  --task-param-range-type latest \
  exchange-nexus
 echo OK
 # TBD: create Taler facade.
 echo -n Create the Taler facade at Nexus..
 libeufin-cli facades \
  new-taler-wire-gateway-facade \
  --currency TESTKUDOS --facade-name test-facade \
  talerconn exchange-nexus
 echo OK
 # Facade schema: http://localhost:$1/facades/test-facade/taler-wire-gateway/
--- a/contrib/taler-nexus-prepare
+++ b/contrib/taler-nexus-prepare
@ -1,115 +1,128 @@
-#!/bin/bash
+#!/usr/bin/env python3
 # This file is in the public domain.
-set -eu
+from requests import get, post
 from subprocess import call
 import base64
 # EBICS details
-EBICS_URL="http://localhost:5000/ebicsweb"
+EBICS_URL = "http://localhost:5000/ebicsweb"
-HOST_ID="HOST01"
+HOST_ID = "HOST01"
-PARTNER_ID="PARTNER1"
+PARTNER_ID = "PARTNER1"
-USER_ID="USER1"
+USER_ID = "USER1"
 EBICS_VERSION = "H004"
-# This is used _both_ at Sandbox and at Nexus.
+SUBSCRIBER_IBAN = "ES9121000418450200051332"
-# Basically, Nexus imports the offered bank account
+SUBSCRIBER_BIC = "BIC"
-# using the same name used by the Sandbox.
+SUBSCRIBER_NAME = "Exchange"
-BANK_ACCOUNT_LABEL="my-bank-account"
+
-BANK_CONNECTION_LABEL="my-bank-connection"
+BANK_ACCOUNT_LABEL = "my-bank-account"
 BANK_CONNECTION_LABEL = "my-bank-connection"
 FACADE_LABEL="my-facade"
-export LIBEUFIN_SANDBOX_USERNAME=exchange
+USERNAME="Exchange"
-export LIBEUFIN_SANDBOX_PASSWORD=x
+USER_AUTHORIZATION_HEADER = "basic {}".format(
-export LIBEUFIN_SANDBOX_URL=http://localhost:5000/
+    base64.b64encode(b"Exchange:x").decode("utf-8")
-libeufin-cli sandbox demobank register --name "Exchange Company"
+)
-export LIBEUFIN_SANDBOX_USERNAME=fortytwo
+def assertResponse(response):
-export LIBEUFIN_SANDBOX_PASSWORD=x
+    if response.status_code != 200:
-export LIBEUFIN_SANDBOX_URL=http://localhost:5000/
+        print("Test failed on URL: {}".format(response.url))
-libeufin-cli sandbox demobank register \
+        # stdout/stderr from both services is A LOT of text.
-  --name User42 --iban FR7630006000011234567890189
+        # Confusing to dump all that to console.
        print("Check nexus.log and sandbox.log, probably under /tmp")
        exit(1)
    # Allows for finer grained checks.
    return response
-export LIBEUFIN_SANDBOX_USERNAME=fortythree
+# Create a nexus (super-) user
-export LIBEUFIN_SANDBOX_PASSWORD=x
+check_call(["libeufin-nexus",
-export LIBEUFIN_SANDBOX_URL=http://localhost:5000/
+      "superuser",
-libeufin-cli sandbox demobank register \
+      "--db-name", "/tmp/nexus-exchange-test.sqlite3",
-  --name User43 --iban GB33BUKB20201555555555
+      "Exchange",
      "--password", "x"]
 )
-export LIBEUFIN_SANDBOX_USERNAME=admin
+# Create a EBICS bank connection.
-export LIBEUFIN_SANDBOX_PASSWORD=secret
+assertResponse(
-export LIBEUFIN_SANDBOX_URL=http://localhost:5000/
+    post(
-echo -n "Create EBICS host at Sandbox..."
+        "http://localhost:5001/bank-connections",
-libeufin-cli sandbox \
+        json=dict(
-  --sandbox-url "http://localhost:5000" \
+            name=BANK_CONNECTION_LABEL,
-  ebicshost create --host-id $HOST_ID
+            source="new",
-echo " OK"
+            type="ebics",
            data=dict(
                ebicsURL=EBICS_URL, hostID=HOST_ID, partnerID=PARTNER_ID, userID=USER_ID
            ),
        ),
        headers=dict(Authorization=USER_AUTHORIZATION_HEADER),
    )
 )
-echo -n "Create exchange EBICS subscriber at Sandbox..."
+# Create a facade
-libeufin-cli sandbox \
+assertResponse(
-  demobank new-ebicssubscriber --host-id $HOST_ID \
+    post(
-  --user-id $USER_ID --partner-id $PARTNER_ID \
+        "http://localhost:5001/facades",
-  --bank-account exchange # that's a username _and_ a bank account name
+        json=dict(
-echo " OK"
+            name=FACADE_LABEL,
-unset LIBEUFIN_SANDBOX_USERNAME
+            type="taler-wire-gateway",
-unset LIBEUFIN_SANDBOX_PASSWORD
+            creator=USERNAME,
-unset LIBEUFIN_SANDBOX_URL
+            config=dict(
                bankAccount=BANK_ACCOUNT_LABEL,
                bankConnection=BANK_CONNECTION_LABEL,
                reserveTransferLevel="UNUSED",
                intervalIncremental="UNUSED"
            )
        ),
        headers=dict(Authorization=USER_AUTHORIZATION_HEADER),
    )
 )
-export LIBEUFIN_NEXUS_USERNAME=exchange
+# Create the EBICS host at the Sandbox.
-export LIBEUFIN_NEXUS_PASSWORD=x
+assertResponse(
-export LIBEUFIN_NEXUS_URL=http://localhost:5001/
+    post(
        "http://localhost:5000/admin/ebics/host",
        json=dict(hostID=HOST_ID, ebicsVersion=EBICS_VERSION),
    )
 )
-echo -n "Create the exchange (super)user at Nexus..."
+# Create Exchange EBICS subscriber at the Sandbox.
-libeufin-nexus superuser exchange --password x
+assertResponse(
-echo " DONE"
+    post(
        "http://localhost:5000/admin/ebics/subscribers",
        json=dict(hostID=HOST_ID, partnerID=PARTNER_ID, userID=USER_ID),
    )
 )
-echo -n "Creating a EBICS connection at Nexus..."
+# Create a bank account associated to the Exchange's EBICS subscriber,
-libeufin-cli connections new-ebics-connection \
+# again at the Sandbox.
-  --ebics-url $EBICS_URL \
+assertResponse(
-  --host-id $HOST_ID \
+    post(
-  --partner-id $PARTNER_ID \
+        "http://localhost:5000/admin/ebics/bank-accounts",
-  --ebics-user-id $USER_ID \
+        json=dict(
-  $BANK_CONNECTION_LABEL
+            subscriber=dict(hostID=HOST_ID, partnerID=PARTNER_ID, userID=USER_ID),
-echo " OK"
+            iban=SUBSCRIBER_IBAN,
            bic=SUBSCRIBER_BIC,
            name=SUBSCRIBER_NAME,
            label=BANK_ACCOUNT_LABEL,
        ),
    )
 )
-echo -n "Setup EBICS keying..."
+# 'connect' to the bank: upload+download keys.
-libeufin-cli connections connect $BANK_CONNECTION_LABEL > /dev/null
+assertResponse(
-echo " OK"
+    post(
        "http://localhost:5001/bank-connections/{}/connect".format(BANK_CONNECTION_LABEL),
        json=dict(),
        headers=dict(Authorization=USER_AUTHORIZATION_HEADER),
    )
 )
-echo -n "Download bank account name from Sandbox..."
+# Download bank accounts.
-libeufin-cli connections download-bank-accounts $BANK_CONNECTION_LABEL
+assertResponse(
-echo " OK"
+    post(
-
+        "http://localhost:5001/bank-connections/{}/ebics/import-accounts".format(BANK_CONNECTION_LABEL),
-echo -n "Importing bank account info into Nexus..."
+        json=dict(),
-libeufin-cli connections import-bank-account \
+        headers=dict(Authorization=USER_AUTHORIZATION_HEADER),
-  --offered-account-id exchange \
+    )
-  --nexus-bank-account-id $BANK_ACCOUNT_LABEL \
+)
  $BANK_CONNECTION_LABEL
 echo " OK"
 echo -n "Create the Taler facade at Nexus..."
 libeufin-cli facades \
  new-taler-wire-gateway-facade \
  --currency KUDOS --facade-name $FACADE_LABEL \
  $BANK_CONNECTION_LABEL $BANK_ACCOUNT_LABEL
 echo " DONE"
 echo -n Setup payments submission task..
 # Tries every second.
 libeufin-cli accounts task-schedule \
  --task-type submit \
  --task-name exchange-payments \
  --task-cronspec "* * *" \
  $BANK_ACCOUNT_LABEL
 echo OK
 # Tries every second.  Ask C52
 echo -n Setup history fetch task..
 libeufin-cli accounts task-schedule \
  --task-type fetch \
  --task-name exchange-history \
  --task-cronspec "* * *" \
  --task-param-level report \
  --task-param-range-type latest \
  $BANK_ACCOUNT_LABEL
 echo OK
 # unset, in case the script gets 'source'd.
 unset LIBEUFIN_NEXUS_USERNAME
 unset LIBEUFIN_NEXUS_PASSWORD
 unset LIBEUFIN_NEXUS_URL
--- a/contrib/tos/README
+++ b/contrib/tos/README
@ -9,7 +9,7 @@ Generating new Terms of Service requires Sphinx, LaTeX with babel
 packages for all supported languages.  On Debian, you should
 at least install:
-$ apt install python3-sphinx sphinx-intl texlive-lang-german texlive-lang-english latexmk texlive-latex-recommended texlive-latex-extra
+$ apt install python3-sphinx sphinx-intl texlive-lang-german texlive-lang-english
 (NOTE: List may be incomplete.)
--- a/contrib/tos/bfh-v0.rst
+++ b/contrib/tos/bfh-v0.rst
@ -1,310 +0,0 @@
 Terms Of Service
 ================
 Last Updated: 09.06.2022
 Welcome! The ICE research center of the Bern University of Applied Sciences
 in Switzerland (“we,” “our,” or “us”) provides an experimental payment service
 through our Internet presence (collectively the “Services”). Before using our
 Services, please read the Terms of Service (the “Terms” or the “Agreement”)
 carefully.
 This is research
 ----------------
 This is a research experiment. Any funds wired to our Bitcoin address are
 considered a donation to our research group. We may use them to enable
 payments following the GNU Taler protocol, or simply keep them at our
 discretion.  The service is experimental and may also be discontinued at
 any time, in which case all remaining funds will definitively be kept by
 the research group.
 Overview
 --------
 This section provides a brief summary of the highlights of this
 Agreement. Please note that when you accept this Agreement, you are accepting
 all of the terms and conditions and not just this section. We and possibly
 other third parties provide Internet services which interact with the Taler
 Wallet’s self-hosted personal payment application. When using the Taler Wallet
 to interact with our Services, you are agreeing to our Terms, so please read
 carefully.
 Highlights:
 ~~~~~~~~~~~
    • You are responsible for keeping the data in your Taler Wallet at all times
      under your control. Any losses arising from you not being in control of
      your private information are your problem.
    • We may transfer funds we receive from our users to any legal
      recipient to the best of our ability within the limitations of the law and
      our implementation. However, the Services offered today are highly
      experimental and the set of recipients of funds is severely restricted.
      Again, we stress this is a research experiment and technically all funds
      held by the exchange are owned by the research group of the university.
    • For our Services, we may charge transaction fees. The specific fee structure
      is provided based on the Taler protocol and should be shown to you when you
      withdraw electronic coins using a Taler Wallet. You agree and understand
      that the Taler protocol allows for the fee structure to change.
    • You agree to not intentionally overwhelm our systems with requests and
      follow responsible disclosure if you find security issues in our services.
    • We cannot be held accountable for our Services not being available due to
      any circumstances. If we modify or terminate our services,
      we may give you the opportunity to recover your funds. However,
      given the experimental state of the Services today, this may not be
      possible. You are strongly advised to limit your use of the Service
      to small-scale experiments expecting total loss of all funds.
 These terms outline approved uses of our Services. The Services and these
 Terms are still at an experimental stage. If you have any questions or
 comments related to this Agreement, please send us a message to
 ice@bfh.ch. If you do not agree to this Agreement, you must not
 use our Services.
 How you accept this policy
 --------------------------
 By sending funds to us (to top-up your Taler Wallet), you acknowledge that you
 have read, understood, and agreed to these Terms. We reserve the right to
 change these Terms at any time. If you disagree with the change, we may in the
 future offer you with an easy option to recover your unspent funds. However,
 in the current experimental period you acknowledge that this feature is not
 yet available, resulting in your funds being lost unless you accept the new
 Terms. If you continue to use our Services other than to recover your unspent
 funds, your continued use of our Services following any such change will
 signify your acceptance to be bound by the then current Terms. Please check
 the effective date above to determine if there have been any changes since you
 have last reviewed these Terms.
 Services
 --------
 We will try to transfer funds that we receive from users to any legal
 recipient to the best of our ability and within the limitations of the
 law. However, the Services offered today are highly experimental and the set
 of recipients of funds is severely restricted.  The Taler Wallet can be loaded
 by exchanging fiat or cryptocurrencies against electronic coins. We are
 providing this exchange service. Once your Taler Wallet is loaded with
 electronic coins they can be spent for purchases if the seller is accepting
 Taler as a means of payment. We are not guaranteeing that any seller is
 accepting Taler at all or a particular seller.  The seller or recipient of
 deposits of electronic coins must specify the target account, as per the
 design of the Taler protocol. They are responsible for following the protocol
 and specifying the correct bank account, and are solely liable for any losses
 that may arise from specifying the wrong account. We may allow the government
 to link wire transfers to the underlying contract hash. It is the
 responsibility of recipients to preserve the full contracts and to pay
 whatever taxes and charges may be applicable. Technical issues may lead to
 situations where we are unable to make transfers at all or lead to incorrect
 transfers that cannot be reversed. We may refuse to execute transfers if the
 transfers are prohibited by a competent legal authority and we are ordered to
 do so.
 When using our Services, you agree to not take any action that intentionally
 imposes an unreasonable load on our infrastructure. If you find security
 problems in our Services, you agree to first report them to
 security@taler-systems.com and grant us the right to publish your report. We
 warrant that we will ourselves publicly disclose any issues reported within 3
 months, and that we will not prosecute anyone reporting security issues if
 they did not exploit the issue beyond a proof-of-concept, and followed the
 above responsible disclosure practice.
 Fees
 ----
 You agree to pay the fees for exchanges and withdrawals completed via the
 Taler Wallet ("Fees") as defined by us, which we may change from time to
 time. With the exception of wire transfer fees, Taler transaction fees are set
 for any electronic coin at the time of withdrawal and fixed throughout the
 validity period of the respective electronic coin. Your wallet should obtain
 and display applicable fees when withdrawing funds. Fees for coins obtained as
 change may differ from the fees applicable to the original coin. Wire transfer
 fees that are independent from electronic coins may change annually.  You
 authorize us to charge or deduct applicable fees owed in connection with
 deposits, exchanges and withdrawals following the rules of the Taler protocol.
 We reserve the right to provide different types of rewards to users either in
 the form of discount for our Services or in any other form at our discretion
 and without prior notice to you.
 Eligibility and Financial self-responsibility
 ---------------------------------------------
 To be eligible to use our Services, you must be able to form legally binding
 contracts or have the permission of your legal guardian. By using our
 Services, you represent and warrant that you meet all eligibility requirements
 that we outline in these Terms.
 You will be responsible for maintaining the availability, integrity and
 confidentiality of the data stored in your wallet. When you setup a Taler
 Wallet, you are strongly advised to follow the precautionary measures offered
 by the software to minimize the chances to losse access to or control over
 your Wallet data. We will not be liable for any loss or damage arising from
 your failure to comply with this paragraph.
 Copyrights and trademarks
 -------------------------
 The Taler Wallet is released under the terms of the GNU General Public License
 (GNU GPL). You have the right to access, use, and share the Taler Wallet, in
 modified or unmodified form. However, the GPL is a strong copyleft license,
 which means that any derivative works must be distributed under the same
 license terms as the original software. If you have any questions, you should
 review the GNU GPL’s full terms and conditions at
 https://www.gnu.org/licenses/gpl-3.0.en.html.  “Taler” itself is a trademark
 of Taler Systems SA. You are welcome to use the name in relation to processing
 payments using the Taler protocol, assuming your use is compatible with an
 official release from the GNU Project that is not older than two years.
 Limitation of liability & disclaimer of warranties
 --------------------------------------------------
 You understand and agree that we have no control over, and no duty to take any
 action regarding: Failures, disruptions, errors, or delays in processing that
 you may experience while using our Services; The risk of failure of hardware,
 software, and Internet connections; The risk of malicious software being
 introduced or found in the software underlying the Taler Wallet; The risk that
 third parties may obtain unauthorized access to information stored within your
 Taler Wallet, including, but not limited to your Taler Wallet coins or backup
 encryption keys.  You release us from all liability related to any losses,
 damages, or claims arising from:
 (a) user error such as forgotten passwords, incorrectly constructed
    transactions;
 (b) server failure or data loss;
 (c) unauthorized access to the Taler Wallet application;
 (d) bugs or other errors in the Taler Wallet software; and
 (e) any unauthorized third party activities, including, but not limited to,
    the use of viruses, phishing, brute forcing, or other means of attack
    against the Taler Wallet. We make no representations concerning any
    Third Party Content contained in or accessed through our Services.
 Any other terms, conditions, warranties, or representations associated with
 such content, are solely between you and such organizations and/or
 individuals.
 To the fullest extent permitted by applicable law, in no event will we or any
 of our officers, directors, representatives, agents, servants, counsel,
 employees, consultants, lawyers, and other personnel authorized to act,
 acting, or purporting to act on our behalf (collectively the “Taler Parties”)
 be liable to you under contract, tort, strict liability, negligence, or any
 other legal or equitable theory, for:
 (a) any lost profits, data loss, cost of procurement of substitute goods or
    services, or direct, indirect, incidental, special, punitive, compensatory,
    or consequential damages of any kind whatsoever resulting from:
  (i) your use of, or conduct in connection with, our services;
  (ii) any unauthorized use of your wallet and/or private key due to your
       failure to maintain the confidentiality of your wallet;
  (iii) any interruption or cessation of transmission to or from the services; or
  (iv) any bugs, viruses, trojan horses, or the like that are found in the Taler
       Wallet software or that may be transmitted to or through our services by
       any third party (regardless of the source of origination), or
 (b) any direct damages.
 These limitations apply regardless of legal theory, whether based on tort,
 strict liability, breach of contract, breach of warranty, or any other legal
 theory, and whether or not we were advised of the possibility of such
 damages. Some jurisdictions do not allow the exclusion or limitation of
 liability for consequential or incidental damages, so the above limitation may
 not apply to you.
 Our services are provided "as is" and without warranty of any kind. To the
 maximum extent permitted by law, we disclaim all representations and
 warranties, express or implied, relating to the services and underlying
 software or any content on the services, whether provided or owned by us or by
 any third party, including without limitation, warranties of merchantability,
 fitness for a particular purpose, title, non-infringement, freedom from
 computer virus, and any implied warranties arising from course of dealing,
 course of performance, or usage in trade, all of which are expressly
 disclaimed. In addition, we do not represent or warrant that the content
 accessible via the services is accurate, complete, available, current, free of
 viruses or other harmful components, or that the results of using the services
 will meet your requirements. Some states do not allow the disclaimer of
 implied warranties, so the foregoing disclaimers may not apply to you. This
 paragraph gives you specific legal rights and you may also have other legal
 rights that vary from state to state.
 Indemnity and Time limitation on claims and Termination
 -------------------------------------------------------
 To the extent permitted by applicable law, you agree to defend, indemnify, and
 hold harmless the Taler Parties from and against any and all claims, damages,
 obligations, losses, liabilities, costs or debt, and expenses (including, but
 not limited to, attorney’s fees) arising from: (a) your use of and access to
 the Services; (b) any feedback or submissions you provide to us concerning the
 Taler Wallet; (c) your violation of any term of this Agreement; or (d) your
 violation of any law, rule, or regulation, or the rights of any third party.
 You agree that any claim you may have arising out of or related to your
 relationship with us must be filed within one year after such claim arises,
 otherwise, your claim in permanently barred.
 In the event of termination concerning your use of our Services, your
 obligations under this Agreement will still continue.
 Discontinuance of services and Force majeure
 --------------------------------------------
 We may, in our sole discretion and without cost to you, with or without prior
 notice, and at any time, modify or discontinue, temporarily or permanently,
 any portion of our Services. We will use the Taler protocol’s provisions to
 notify Wallets if our Services are to be discontinued. It is your
 responsibility to ensure that the Taler Wallet is online at least once every
 three months to observe these notifications. We shall not be held responsible
 or liable for any loss of funds in the event that we discontinue or depreciate
 the Services and your Taler Wallet fails to transfer out the coins within a
 three months notification period.
 We shall not be held liable for any delays, failure in performance, or
 interruptions of service which result directly or indirectly from any cause or
 condition beyond our reasonable control, including but not limited to: any
 delay or failure due to any act of God, act of civil or military authorities,
 act of terrorism, civil disturbance, war, strike or other labor dispute, fire,
 interruption in telecommunications or Internet services or network provider
 services, failure of equipment and/or software, other catastrophe, or any
 other occurrence which is beyond our reasonable control and shall not affect
 the validity and enforceability of any remaining provisions.
 Governing law, Waivers, Severability and Assignment
 ---------------------------------------------------
 No matter where you’re located, the laws of Switzerland will govern these
 Terms. If any provisions of these Terms are inconsistent with any applicable
 law, those provisions will be superseded or modified only to the extent such
 provisions are inconsistent. The parties agree to submit to the ordinary
 courts in Bern, Switzerland for exclusive jurisdiction of any dispute
 arising out of or related to your use of the Services or your breach of these
 Terms.
 Our failure to exercise or delay in exercising any right, power, or privilege
 under this Agreement shall not operate as a waiver; nor shall any single or
 partial exercise of any right, power, or privilege preclude any other or
 further exercise thereof.
 You agree that we may assign any of our rights and/or transfer, sub-contract,
 or delegate any of our obligations under these Terms.
 If it turns out that any part of this Agreement is invalid, void, or for any
 reason unenforceable, that term will be deemed severable and limited or
 eliminated to the minimum extent necessary.
 This Agreement sets forth the entire understanding and agreement as to the
 subject matter hereof and supersedes any and all prior discussions,
 agreements, and understandings of any kind (including, without limitation, any
 prior versions of this Agreement) and every nature between us. Except as
 provided for above, any modification to this Agreement must be in writing and
 must be signed by both parties.
 Questions or comments
 ---------------------
 We welcome comments, questions, concerns, or suggestions. Please send us a
 message on our contact page at legal@taler-systems.com.
--- a/contrib/tos/conf.py.in
+++ b/contrib/tos/conf.py.in
@ -17,7 +17,6 @@
  @author Benedikt Muller
  @author Sree Harsha Totakura
  @author Marcello Stanisci
  @author Christian Grothoff
 """
 # -*- coding: utf-8 -*-
 #
@ -69,20 +68,20 @@ source_suffix = {
 #source_encoding = 'utf-8-sig'
 # The master toctree document.
-master_doc = '%VERSION%'
+master_doc = 'tos'
 # General information about the project.
-project = u'%VERSION%'
+project = u'tos'
-copyright = u'2014-2022 Taler Systems SA (GPLv3+ or GFDL 1.3+)'
+copyright = u'2014-2020 Taler Systems SA (GPLv3+ or GFDL 1.3+)'
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
 # The short X.Y version.
-version = '%VERSION%'
+version = '0'
 # The full version, including alpha/beta/rc tags.
-release = '%VERSION%'
+release = '0'
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
@ -150,7 +149,7 @@ html_theme_options = {
 # The name for this set of Sphinx documents.  If None, it defaults to
 # "<project> v<release> documentation".
-html_title = "Taler Exchange Terms of Service"
+html_title = "Taler Terms of Service"
 # A shorter title for the navigation bar.  Default is the same as html_title.
 html_short_title = "Terms of Service"
@ -193,7 +192,7 @@ html_short_title = "Terms of Service"
 #html_domain_indices = True
 # If false, no index is generated.
-html_use_index = True
+#html_use_index = True
 # If true, the index is split into individual pages for each letter.
 #html_split_index = False
@ -232,7 +231,7 @@ latex_elements = {
 # (source start file, target name, title,
 #  author, documentclass [howto, manual, or own class]).
 latex_documents = [
-    ('%VERSION%', '%VERSION%.tex',
+    ('tos', 'tos.tex',
     'Terms of Service', 'GNU Taler team', 'manual'),
 ]
@ -278,6 +277,6 @@ latex_documents = [
 # -- Options for epub output  ----------------------------
-epub_basename = "%VERSION%"
+epub_basename = "tos"
 epub_title = "Terms of Service"
--- a/contrib/tos/en/0.epub
+++ b/contrib/tos/en/0.epub
--- a/contrib/tos/en/0.html
+++ b/contrib/tos/en/0.html
@ -0,0 +1,304 @@
 <html lang="en">
  <head>
    <meta charset="utf-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <title>Terms Of Service &#8212; Taler Terms of Service</title>
    <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
    <link rel="stylesheet" href="_static/epub.css" type="text/css" />
    <script id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
    <script src="_static/jquery.js"></script>
    <script src="_static/underscore.js"></script>
    <script src="_static/doctools.js"></script> 
  </head><body>
    <div class="document">
      <div class="documentwrapper">
        <div class="bodywrapper">
          <div class="body" role="main">
  <div class="section" id="terms-of-service">
 <h1>Terms Of Service<a class="headerlink" href="#terms-of-service" title="Permalink to this headline">¶</a></h1>
 <p>Last Updated: 12.4.2019</p>
 <p>Welcome! Taler Systems SA (“we,” “our,” or “us”) provides a payment service
 through our Internet presence (collectively the “Services”). Before using our
 Services, please read the Terms of Service (the “Terms” or the “Agreement”)
 carefully.</p>
 <div class="section" id="overview">
 <h2>Overview<a class="headerlink" href="#overview" title="Permalink to this headline">¶</a></h2>
 <p>This section provides a brief summary of the highlights of this
 Agreement. Please note that when you accept this Agreement, you are accepting
 all of the terms and conditions and not just this section. We and possibly
 other third parties provide Internet services which interact with the Taler
 Wallet’s self-hosted personal payment application. When using the Taler Wallet
 to interact with our Services, you are agreeing to our Terms, so please read
 carefully.</p>
 <div class="section" id="highlights">
 <h3>Highlights:<a class="headerlink" href="#highlights" title="Permalink to this headline">¶</a></h3>
 <blockquote>
 <div><ul class="simple">
 <li><p>You are responsible for keeping the data in your Taler Wallet at all times
 under your control. Any losses arising from you not being in control of
 your private information are your problem.</p></li>
 <li><p>We will try to transfer funds we hold in escrow for our users to any legal
 recipient to the best of our ability within the limitations of the law and
 our implementation. However, the Services offered today are highly
 experimental and the set of recipients of funds is severely restricted.</p></li>
 <li><p>For our Services, we may charge transaction fees. The specific fee structure
 is provided based on the Taler protocol and should be shown to you when you
 withdraw electronic coins using a Taler Wallet. You agree and understand
 that the Taler protocol allows for the fee structure to change.</p></li>
 <li><p>You agree to not intentionally overwhelm our systems with requests and
 follow responsible disclosure if you find security issues in our services.</p></li>
 <li><p>We cannot be held accountable for our Services not being available due to
 circumstances beyond our control. If we modify or terminate our services,
 we will try to give you the opportunity to recover your funds. However,
 given the experimental state of the Services today, this may not be
 possible. You are strongly advised to limit your use of the Service
 to small-scale experiments expecting total loss of all funds.</p></li>
 </ul>
 </div></blockquote>
 <p>These terms outline approved uses of our Services. The Services and these
 Terms are still at an experimental stage. If you have any questions or
 comments related to this Agreement, please send us a message to
 <a class="reference external" href="mailto:legal&#37;&#52;&#48;taler-systems&#46;com">legal<span>&#64;</span>taler-systems<span>&#46;</span>com</a>. If you do not agree to this Agreement, you must not
 use our Services.</p>
 </div>
 </div>
 <div class="section" id="how-you-accept-this-policy">
 <h2>How you accept this policy<a class="headerlink" href="#how-you-accept-this-policy" title="Permalink to this headline">¶</a></h2>
 <p>By sending funds to us (to top-up your Taler Wallet), you acknowledge that you
 have read, understood, and agreed to these Terms. We reserve the right to
 change these Terms at any time. If you disagree with the change, we may in the
 future offer you with an easy option to recover your unspent funds. However,
 in the current experimental period you acknowledge that this feature is not
 yet available, resulting in your funds being lost unless you accept the new
 Terms. If you continue to use our Services other than to recover your unspent
 funds, your continued use of our Services following any such change will
 signify your acceptance to be bound by the then current Terms. Please check
 the effective date above to determine if there have been any changes since you
 have last reviewed these Terms.</p>
 </div>
 <div class="section" id="services">
 <h2>Services<a class="headerlink" href="#services" title="Permalink to this headline">¶</a></h2>
 <p>We will try to transfer funds that we hold in escrow for our users to any
 legal recipient to the best of our ability and within the limitations of the
 law and our implementation. However, the Services offered today are highly
 experimental and the set of recipients of funds is severely restricted.  The
 Taler Wallet can be loaded by exchanging fiat currencies against electronic
 coins. We are providing this exchange service. Once your Taler Wallet is
 loaded with electronic coins they can be spent for purchases if the seller is
 accepting Taler as a means of payment. We are not guaranteeing that any seller
 is accepting Taler at all or a particular seller.  The seller or recipient of
 deposits of electronic coins must specify the target account, as per the
 design of the Taler protocol. They are responsible for following the protocol
 and specifying the correct bank account, and are solely liable for any losses
 that may arise from specifying the wrong account. We will allow the government
 to link wire transfers to the underlying contract hash. It is the
 responsibility of recipients to preserve the full contracts and to pay
 whatever taxes and charges may be applicable. Technical issues may lead to
 situations where we are unable to make transfers at all or lead to incorrect
 transfers that cannot be reversed. We will only refuse to execute transfers if
 the transfers are prohibited by a competent legal authority and we are ordered
 to do so.</p>
 <p>When using our Services, you agree to not take any action that intentionally
 imposes an unreasonable load on our infrastructure. If you find security
 problems in our Services, you agree to first report them to
 <a class="reference external" href="mailto:security&#37;&#52;&#48;taler-systems&#46;com">security<span>&#64;</span>taler-systems<span>&#46;</span>com</a> and grant us the right to publish your report. We
 warrant that we will ourselves publicly disclose any issues reported within 3
 months, and that we will not prosecute anyone reporting security issues if
 they did not exploit the issue beyond a proof-of-concept, and followed the
 above responsible disclosure practice.</p>
 </div>
 <div class="section" id="fees">
 <h2>Fees<a class="headerlink" href="#fees" title="Permalink to this headline">¶</a></h2>
 <p>You agree to pay the fees for exchanges and withdrawals completed via the
 Taler Wallet (“Fees”) as defined by us, which we may change from time to
 time. With the exception of wire transfer fees, Taler transaction fees are set
 for any electronic coin at the time of withdrawal and fixed throughout the
 validity period of the respective electronic coin. Your wallet should obtain
 and display applicable fees when withdrawing funds. Fees for coins obtained as
 change may differ from the fees applicable to the original coin. Wire transfer
 fees that are independent from electronic coins may change annually.  You
 authorize us to charge or deduct applicable fees owed in connection with
 deposits, exchanges and withdrawals following the rules of the Taler protocol.
 We reserve the right to provide different types of rewards to users either in
 the form of discount for our Services or in any other form at our discretion
 and without prior notice to you.</p>
 </div>
 <div class="section" id="eligibility-and-financial-self-responsibility">
 <h2>Eligibility and Financial self-responsibility<a class="headerlink" href="#eligibility-and-financial-self-responsibility" title="Permalink to this headline">¶</a></h2>
 <p>To be eligible to use our Services, you must be able to form legally binding
 contracts or have the permission of your legal guardian. By using our
 Services, you represent and warrant that you meet all eligibility requirements
 that we outline in these Terms.</p>
 <p>You will be responsible for maintaining the availability, integrity and
 confidentiality of the data stored in your wallet. When you setup a Taler
 Wallet, you are strongly advised to follow the precautionary measures offered
 by the software to minimize the chances to losse access to or control over
 your Wallet data. We will not be liable for any loss or damage arising from
 your failure to comply with this paragraph.</p>
 </div>
 <div class="section" id="copyrights-and-trademarks">
 <h2>Copyrights and trademarks<a class="headerlink" href="#copyrights-and-trademarks" title="Permalink to this headline">¶</a></h2>
 <p>The Taler Wallet is released under the terms of the GNU General Public License
 (GNU GPL). You have the right to access, use, and share the Taler Wallet, in
 modified or unmodified form. However, the GPL is a strong copyleft license,
 which means that any derivative works must be distributed under the same
 license terms as the original software. If you have any questions, you should
 review the GNU GPL’s full terms and conditions at
 <a class="reference external" href="https://www.gnu.org/licenses/gpl-3.0.en.html">https://www.gnu.org/licenses/gpl-3.0.en.html</a>.  “Taler” itself is a trademark
 of Taler Systems SA. You are welcome to use the name in relation to processing
 payments using the Taler protocol, assuming your use is compatible with an
 official release from the GNU Project that is not older than two years.</p>
 </div>
 <div class="section" id="limitation-of-liability-disclaimer-of-warranties">
 <h2>Limitation of liability &amp; disclaimer of warranties<a class="headerlink" href="#limitation-of-liability-disclaimer-of-warranties" title="Permalink to this headline">¶</a></h2>
 <p>You understand and agree that we have no control over, and no duty to take any
 action regarding: Failures, disruptions, errors, or delays in processing that
 you may experience while using our Services; The risk of failure of hardware,
 software, and Internet connections; The risk of malicious software being
 introduced or found in the software underlying the Taler Wallet; The risk that
 third parties may obtain unauthorized access to information stored within your
 Taler Wallet, including, but not limited to your Taler Wallet coins or backup
 encryption keys.  You release us from all liability related to any losses,
 damages, or claims arising from:</p>
 <ol class="loweralpha simple">
 <li><p>user error such as forgotten passwords, incorrectly constructed
 transactions;</p></li>
 <li><p>server failure or data loss;</p></li>
 <li><p>unauthorized access to the Taler Wallet application;</p></li>
 <li><p>bugs or other errors in the Taler Wallet software; and</p></li>
 <li><p>any unauthorized third party activities, including, but not limited to,
 the use of viruses, phishing, brute forcing, or other means of attack
 against the Taler Wallet. We make no representations concerning any
 Third Party Content contained in or accessed through our Services.</p></li>
 </ol>
 <p>Any other terms, conditions, warranties, or representations associated with
 such content, are solely between you and such organizations and/or
 individuals.</p>
 <p>To the fullest extent permitted by applicable law, in no event will we or any
 of our officers, directors, representatives, agents, servants, counsel,
 employees, consultants, lawyers, and other personnel authorized to act,
 acting, or purporting to act on our behalf (collectively the “Taler Parties”)
 be liable to you under contract, tort, strict liability, negligence, or any
 other legal or equitable theory, for:</p>
 <ol class="loweralpha simple">
 <li><p>any lost profits, data loss, cost of procurement of substitute goods or
 services, or direct, indirect, incidental, special, punitive, compensatory,
 or consequential damages of any kind whatsoever resulting from:</p></li>
 </ol>
 <blockquote>
 <div><ol class="lowerroman simple">
 <li><p>your use of, or conduct in connection with, our services;</p></li>
 <li><p>any unauthorized use of your wallet and/or private key due to your
 failure to maintain the confidentiality of your wallet;</p></li>
 <li><p>any interruption or cessation of transmission to or from the services; or</p></li>
 <li><p>any bugs, viruses, trojan horses, or the like that are found in the Taler
 Wallet software or that may be transmitted to or through our services by
 any third party (regardless of the source of origination), or</p></li>
 </ol>
 </div></blockquote>
 <ol class="loweralpha simple" start="2">
 <li><p>any direct damages.</p></li>
 </ol>
 <p>These limitations apply regardless of legal theory, whether based on tort,
 strict liability, breach of contract, breach of warranty, or any other legal
 theory, and whether or not we were advised of the possibility of such
 damages. Some jurisdictions do not allow the exclusion or limitation of
 liability for consequential or incidental damages, so the above limitation may
 not apply to you.</p>
 <p>Our services are provided “as is” and without warranty of any kind. To the
 maximum extent permitted by law, we disclaim all representations and
 warranties, express or implied, relating to the services and underlying
 software or any content on the services, whether provided or owned by us or by
 any third party, including without limitation, warranties of merchantability,
 fitness for a particular purpose, title, non-infringement, freedom from
 computer virus, and any implied warranties arising from course of dealing,
 course of performance, or usage in trade, all of which are expressly
 disclaimed. In addition, we do not represent or warrant that the content
 accessible via the services is accurate, complete, available, current, free of
 viruses or other harmful components, or that the results of using the services
 will meet your requirements. Some states do not allow the disclaimer of
 implied warranties, so the foregoing disclaimers may not apply to you. This
 paragraph gives you specific legal rights and you may also have other legal
 rights that vary from state to state.</p>
 </div>
 <div class="section" id="indemnity-and-time-limitation-on-claims-and-termination">
 <h2>Indemnity and Time limitation on claims and Termination<a class="headerlink" href="#indemnity-and-time-limitation-on-claims-and-termination" title="Permalink to this headline">¶</a></h2>
 <p>To the extent permitted by applicable law, you agree to defend, indemnify, and
 hold harmless the Taler Parties from and against any and all claims, damages,
 obligations, losses, liabilities, costs or debt, and expenses (including, but
 not limited to, attorney’s fees) arising from: (a) your use of and access to
 the Services; (b) any feedback or submissions you provide to us concerning the
 Taler Wallet; (c) your violation of any term of this Agreement; or (d) your
 violation of any law, rule, or regulation, or the rights of any third party.</p>
 <p>You agree that any claim you may have arising out of or related to your
 relationship with us must be filed within one year after such claim arises,
 otherwise, your claim in permanently barred.</p>
 <p>In the event of termination concerning your use of our Services, your
 obligations under this Agreement will still continue.</p>
 </div>
 <div class="section" id="discontinuance-of-services-and-force-majeure">
 <h2>Discontinuance of services and Force majeure<a class="headerlink" href="#discontinuance-of-services-and-force-majeure" title="Permalink to this headline">¶</a></h2>
 <p>We may, in our sole discretion and without cost to you, with or without prior
 notice, and at any time, modify or discontinue, temporarily or permanently,
 any portion of our Services. We will use the Taler protocol’s provisions to
 notify Wallets if our Services are to be discontinued. It is your
 responsibility to ensure that the Taler Wallet is online at least once every
 three months to observe these notifications. We shall not be held responsible
 or liable for any loss of funds in the event that we discontinue or depreciate
 the Services and your Taler Wallet fails to transfer out the coins within a
 three months notification period.</p>
 <p>We shall not be held liable for any delays, failure in performance, or
 interruptions of service which result directly or indirectly from any cause or
 condition beyond our reasonable control, including but not limited to: any
 delay or failure due to any act of God, act of civil or military authorities,
 act of terrorism, civil disturbance, war, strike or other labor dispute, fire,
 interruption in telecommunications or Internet services or network provider
 services, failure of equipment and/or software, other catastrophe, or any
 other occurrence which is beyond our reasonable control and shall not affect
 the validity and enforceability of any remaining provisions.</p>
 </div>
 <div class="section" id="governing-law-waivers-severability-and-assignment">
 <h2>Governing law, Waivers, Severability and Assignment<a class="headerlink" href="#governing-law-waivers-severability-and-assignment" title="Permalink to this headline">¶</a></h2>
 <p>No matter where you’re located, the laws of Switzerland will govern these
 Terms. If any provisions of these Terms are inconsistent with any applicable
 law, those provisions will be superseded or modified only to the extent such
 provisions are inconsistent. The parties agree to submit to the ordinary
 courts in Zurich, Switzerland for exclusive jurisdiction of any dispute
 arising out of or related to your use of the Services or your breach of these
 Terms.</p>
 <p>Our failure to exercise or delay in exercising any right, power, or privilege
 under this Agreement shall not operate as a waiver; nor shall any single or
 partial exercise of any right, power, or privilege preclude any other or
 further exercise thereof.</p>
 <p>You agree that we may assign any of our rights and/or transfer, sub-contract,
 or delegate any of our obligations under these Terms.</p>
 <p>If it turns out that any part of this Agreement is invalid, void, or for any
 reason unenforceable, that term will be deemed severable and limited or
 eliminated to the minimum extent necessary.</p>
 <p>This Agreement sets forth the entire understanding and agreement as to the
 subject matter hereof and supersedes any and all prior discussions,
 agreements, and understandings of any kind (including, without limitation, any
 prior versions of this Agreement) and every nature between us. Except as
 provided for above, any modification to this Agreement must be in writing and
 must be signed by both parties.</p>
 </div>
 <div class="section" id="questions-or-comments">
 <h2>Questions or comments<a class="headerlink" href="#questions-or-comments" title="Permalink to this headline">¶</a></h2>
 <p>We welcome comments, questions, concerns, or suggestions. Please send us a
 message on our contact page at <a class="reference external" href="mailto:legal&#37;&#52;&#48;taler-systems&#46;com">legal<span>&#64;</span>taler-systems<span>&#46;</span>com</a>.</p>
 </div>
 </div>
            <div class="clearer"></div>
          </div>
        </div>
      </div>
      <div class="clearer"></div>
    </div>
  </body>
 </html>
--- a/contrib/tos/en/tos-v0.pdf
+++ b/contrib/tos/en/tos-v0.pdf
--- a/contrib/tos/en/tos-v0.md
+++ b/contrib/tos/en/tos-v0.md
--- a/contrib/tos/en/tos-v0.xml
+++ b/contrib/tos/en/tos-v0.xml
@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE document PUBLIC "+//IDN docutils.sourceforge.net//DTD Docutils Generic//EN//XML" "http://docutils.sourceforge.net/docs/ref/docutils.dtd">
 <!-- Generated by Docutils 0.16 -->
-<document source="/research/taler/exchange/contrib/tos/tos-v0.rst">
+<document source="/research/taler/exchange/contrib/tos/tos.rst">
    <section ids="terms-of-service" names="terms\ of\ service">
        <title>Terms Of Service</title>
        <paragraph>Last Updated: 12.4.2019</paragraph>
--- a/contrib/tos/en/bfh-v0.epub
+++ b/contrib/tos/en/bfh-v0.epub
--- a/contrib/tos/en/bfh-v0.html
+++ b/contrib/tos/en/bfh-v0.html
--- a/contrib/tos/en/bfh-v0.pdf
+++ b/contrib/tos/en/bfh-v0.pdf
--- a/contrib/tos/en/bfh-v0.txt
+++ b/contrib/tos/en/bfh-v0.txt
@ -1,349 +0,0 @@
 Terms Of Service
 ****************
 Last Updated: 09.06.2022
 Welcome! The ICE research center of the Bern University of Applied
 Sciences in Switzerland (“we,” “our,” or “us”) provides an
 experimental payment service through our Internet presence
 (collectively the “Services”). Before using our Services, please read
 the Terms of Service (the “Terms” or the “Agreement”) carefully.
 This is research
 ================
 This is a research experiment. Any funds wired to our Bitcoin address
 are considered a donation to our research group. We may use them to
 enable payments following the GNU Taler protocol, or simply keep them
 at our discretion.  The service is experimental and may also be
 discontinued at any time, in which case all remaining funds will
 definitively be kept by the research group.
 Overview
 ========
 This section provides a brief summary of the highlights of this
 Agreement. Please note that when you accept this Agreement, you are
 accepting all of the terms and conditions and not just this section.
 We and possibly other third parties provide Internet services which
 interact with the Taler Wallet’s self-hosted personal payment
 application. When using the Taler Wallet to interact with our
 Services, you are agreeing to our Terms, so please read carefully.
 Highlights:
 -----------
   * You are responsible for keeping the data in your Taler Wallet at
     all times under your control. Any losses arising from you not
     being in control of your private information are your problem.
   * We may transfer funds we receive from our users to any legal
     recipient to the best of our ability within the limitations of
     the law and our implementation. However, the Services offered
     today are highly experimental and the set of recipients of funds
     is severely restricted. Again, we stress this is a research
     experiment and technically all funds held by the exchange are
     owned by the research group of the university.
   * For our Services, we may charge transaction fees. The specific
     fee structure is provided based on the Taler protocol and should
     be shown to you when you withdraw electronic coins using a Taler
     Wallet. You agree and understand that the Taler protocol allows
     for the fee structure to change.
   * You agree to not intentionally overwhelm our systems with
     requests and follow responsible disclosure if you find security
     issues in our services.
   * We cannot be held accountable for our Services not being
     available due to any circumstances. If we modify or terminate our
     services, we may give you the opportunity to recover your funds.
     However, given the experimental state of the Services today, this
     may not be possible. You are strongly advised to limit your use
     of the Service to small-scale experiments expecting total loss of
     all funds.
 These terms outline approved uses of our Services. The Services and
 these Terms are still at an experimental stage. If you have any
 questions or comments related to this Agreement, please send us a
 message to ice@bfh.ch. If you do not agree to this Agreement, you must
 not use our Services.
 How you accept this policy
 ==========================
 By sending funds to us (to top-up your Taler Wallet), you acknowledge
 that you have read, understood, and agreed to these Terms. We reserve
 the right to change these Terms at any time. If you disagree with the
 change, we may in the future offer you with an easy option to recover
 your unspent funds. However, in the current experimental period you
 acknowledge that this feature is not yet available, resulting in your
 funds being lost unless you accept the new Terms. If you continue to
 use our Services other than to recover your unspent funds, your
 continued use of our Services following any such change will signify
 your acceptance to be bound by the then current Terms. Please check
 the effective date above to determine if there have been any changes
 since you have last reviewed these Terms.
 Services
 ========
 We will try to transfer funds that we receive from users to any legal
 recipient to the best of our ability and within the limitations of the
 law. However, the Services offered today are highly experimental and
 the set of recipients of funds is severely restricted.  The Taler
 Wallet can be loaded by exchanging fiat or cryptocurrencies against
 electronic coins. We are providing this exchange service. Once your
 Taler Wallet is loaded with electronic coins they can be spent for
 purchases if the seller is accepting Taler as a means of payment. We
 are not guaranteeing that any seller is accepting Taler at all or a
 particular seller.  The seller or recipient of deposits of electronic
 coins must specify the target account, as per the design of the Taler
 protocol. They are responsible for following the protocol and
 specifying the correct bank account, and are solely liable for any
 losses that may arise from specifying the wrong account. We may allow
 the government to link wire transfers to the underlying contract hash.
 It is the responsibility of recipients to preserve the full contracts
 and to pay whatever taxes and charges may be applicable. Technical
 issues may lead to situations where we are unable to make transfers at
 all or lead to incorrect transfers that cannot be reversed. We may
 refuse to execute transfers if the transfers are prohibited by a
 competent legal authority and we are ordered to do so.
 When using our Services, you agree to not take any action that
 intentionally imposes an unreasonable load on our infrastructure. If
 you find security problems in our Services, you agree to first report
 them to security@taler-systems.com and grant us the right to publish
 your report. We warrant that we will ourselves publicly disclose any
 issues reported within 3 months, and that we will not prosecute anyone
 reporting security issues if they did not exploit the issue beyond a
 proof-of-concept, and followed the above responsible disclosure
 practice.
 Fees
 ====
 You agree to pay the fees for exchanges and withdrawals completed via
 the Taler Wallet ("Fees") as defined by us, which we may change from
 time to time. With the exception of wire transfer fees, Taler
 transaction fees are set for any electronic coin at the time of
 withdrawal and fixed throughout the validity period of the respective
 electronic coin. Your wallet should obtain and display applicable fees
 when withdrawing funds. Fees for coins obtained as change may differ
 from the fees applicable to the original coin. Wire transfer fees that
 are independent from electronic coins may change annually.  You
 authorize us to charge or deduct applicable fees owed in connection
 with deposits, exchanges and withdrawals following the rules of the
 Taler protocol. We reserve the right to provide different types of
 rewards to users either in the form of discount for our Services or in
 any other form at our discretion and without prior notice to you.
 Eligibility and Financial self-responsibility
 =============================================
 To be eligible to use our Services, you must be able to form legally
 binding contracts or have the permission of your legal guardian. By
 using our Services, you represent and warrant that you meet all
 eligibility requirements that we outline in these Terms.
 You will be responsible for maintaining the availability, integrity
 and confidentiality of the data stored in your wallet. When you setup
 a Taler Wallet, you are strongly advised to follow the precautionary
 measures offered by the software to minimize the chances to losse
 access to or control over your Wallet data. We will not be liable for
 any loss or damage arising from your failure to comply with this
 paragraph.
 Copyrights and trademarks
 =========================
 The Taler Wallet is released under the terms of the GNU General Public
 License (GNU GPL). You have the right to access, use, and share the
 Taler Wallet, in modified or unmodified form. However, the GPL is a
 strong copyleft license, which means that any derivative works must be
 distributed under the same license terms as the original software. If
 you have any questions, you should review the GNU GPL’s full terms and
 conditions at https://www.gnu.org/licenses/gpl-3.0.en.html.  “Taler”
 itself is a trademark of Taler Systems SA. You are welcome to use the
 name in relation to processing payments using the Taler protocol,
 assuming your use is compatible with an official release from the GNU
 Project that is not older than two years.
 Limitation of liability & disclaimer of warranties
 ==================================================
 You understand and agree that we have no control over, and no duty to
 take any action regarding: Failures, disruptions, errors, or delays in
 processing that you may experience while using our Services; The risk
 of failure of hardware, software, and Internet connections; The risk
 of malicious software being introduced or found in the software
 underlying the Taler Wallet; The risk that third parties may obtain
 unauthorized access to information stored within your Taler Wallet,
 including, but not limited to your Taler Wallet coins or backup
 encryption keys.  You release us from all liability related to any
 losses, damages, or claims arising from:
 1. user error such as forgotten passwords, incorrectly constructed
   transactions;
 2. server failure or data loss;
 3. unauthorized access to the Taler Wallet application;
 4. bugs or other errors in the Taler Wallet software; and
 5. any unauthorized third party activities, including, but not limited
   to, the use of viruses, phishing, brute forcing, or other means of
   attack against the Taler Wallet. We make no representations
   concerning any Third Party Content contained in or accessed through
   our Services.
 Any other terms, conditions, warranties, or representations associated
 with such content, are solely between you and such organizations
 and/or individuals.
 To the fullest extent permitted by applicable law, in no event will we
 or any of our officers, directors, representatives, agents, servants,
 counsel, employees, consultants, lawyers, and other personnel
 authorized to act, acting, or purporting to act on our behalf
 (collectively the “Taler Parties”) be liable to you under contract,
 tort, strict liability, negligence, or any other legal or equitable
 theory, for:
 1. any lost profits, data loss, cost of procurement of substitute
   goods or services, or direct, indirect, incidental, special,
   punitive, compensatory, or consequential damages of any kind
   whatsoever resulting from:
   1. your use of, or conduct in connection with, our services;
   2. any unauthorized use of your wallet and/or private key due to
      your failure to maintain the confidentiality of your wallet;
   3. any interruption or cessation of transmission to or from the
      services; or
   4. any bugs, viruses, trojan horses, or the like that are found in
      the Taler Wallet software or that may be transmitted to or
      through our services by any third party (regardless of the
      source of origination), or
 2. any direct damages.
 These limitations apply regardless of legal theory, whether based on
 tort, strict liability, breach of contract, breach of warranty, or any
 other legal theory, and whether or not we were advised of the
 possibility of such damages. Some jurisdictions do not allow the
 exclusion or limitation of liability for consequential or incidental
 damages, so the above limitation may not apply to you.
 Our services are provided "as is" and without warranty of any kind. To
 the maximum extent permitted by law, we disclaim all representations
 and warranties, express or implied, relating to the services and
 underlying software or any content on the services, whether provided
 or owned by us or by any third party, including without limitation,
 warranties of merchantability, fitness for a particular purpose,
 title, non-infringement, freedom from computer virus, and any implied
 warranties arising from course of dealing, course of performance, or
 usage in trade, all of which are expressly disclaimed. In addition, we
 do not represent or warrant that the content accessible via the
 services is accurate, complete, available, current, free of viruses or
 other harmful components, or that the results of using the services
 will meet your requirements. Some states do not allow the disclaimer
 of implied warranties, so the foregoing disclaimers may not apply to
 you. This paragraph gives you specific legal rights and you may also
 have other legal rights that vary from state to state.
 Indemnity and Time limitation on claims and Termination
 =======================================================
 To the extent permitted by applicable law, you agree to defend,
 indemnify, and hold harmless the Taler Parties from and against any
 and all claims, damages, obligations, losses, liabilities, costs or
 debt, and expenses (including, but not limited to, attorney’s fees)
 arising from: (a) your use of and access to the Services; (b) any
 feedback or submissions you provide to us concerning the Taler Wallet;
 (c) your violation of any term of this Agreement; or (d) your
 violation of any law, rule, or regulation, or the rights of any third
 party.
 You agree that any claim you may have arising out of or related to
 your relationship with us must be filed within one year after such
 claim arises, otherwise, your claim in permanently barred.
 In the event of termination concerning your use of our Services, your
 obligations under this Agreement will still continue.
 Discontinuance of services and Force majeure
 ============================================
 We may, in our sole discretion and without cost to you, with or
 without prior notice, and at any time, modify or discontinue,
 temporarily or permanently, any portion of our Services. We will use
 the Taler protocol’s provisions to notify Wallets if our Services are
 to be discontinued. It is your responsibility to ensure that the Taler
 Wallet is online at least once every three months to observe these
 notifications. We shall not be held responsible or liable for any loss
 of funds in the event that we discontinue or depreciate the Services
 and your Taler Wallet fails to transfer out the coins within a three
 months notification period.
 We shall not be held liable for any delays, failure in performance, or
 interruptions of service which result directly or indirectly from any
 cause or condition beyond our reasonable control, including but not
 limited to: any delay or failure due to any act of God, act of civil
 or military authorities, act of terrorism, civil disturbance, war,
 strike or other labor dispute, fire, interruption in
 telecommunications or Internet services or network provider services,
 failure of equipment and/or software, other catastrophe, or any other
 occurrence which is beyond our reasonable control and shall not affect
 the validity and enforceability of any remaining provisions.
 Governing law, Waivers, Severability and Assignment
 ===================================================
 No matter where you’re located, the laws of Switzerland will govern
 these Terms. If any provisions of these Terms are inconsistent with
 any applicable law, those provisions will be superseded or modified
 only to the extent such provisions are inconsistent. The parties agree
 to submit to the ordinary courts in Bern, Switzerland for exclusive
 jurisdiction of any dispute arising out of or related to your use of
 the Services or your breach of these Terms.
 Our failure to exercise or delay in exercising any right, power, or
 privilege under this Agreement shall not operate as a waiver; nor
 shall any single or partial exercise of any right, power, or privilege
 preclude any other or further exercise thereof.
 You agree that we may assign any of our rights and/or transfer, sub-
 contract, or delegate any of our obligations under these Terms.
 If it turns out that any part of this Agreement is invalid, void, or
 for any reason unenforceable, that term will be deemed severable and
 limited or eliminated to the minimum extent necessary.
 This Agreement sets forth the entire understanding and agreement as to
 the subject matter hereof and supersedes any and all prior
 discussions, agreements, and understandings of any kind (including,
 without limitation, any prior versions of this Agreement) and every
 nature between us. Except as provided for above, any modification to
 this Agreement must be in writing and must be signed by both parties.
 Questions or comments
 =====================
 We welcome comments, questions, concerns, or suggestions. Please send
 us a message on our contact page at legal@taler-systems.com.
--- a/contrib/tos/en/bfh-v0.xml
+++ b/contrib/tos/en/bfh-v0.xml
@ -1,323 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE document PUBLIC "+//IDN docutils.sourceforge.net//DTD Docutils Generic//EN//XML" "http://docutils.sourceforge.net/docs/ref/docutils.dtd">
 <!-- Generated by Docutils 0.16 -->
 <document source="/research/taler/exchange/contrib/tos/bfh-v0.rst">
    <section ids="terms-of-service" names="terms\ of\ service">
        <title>Terms Of Service</title>
        <paragraph>Last Updated: 09.06.2022</paragraph>
        <paragraph>Welcome! The ICE research center of the Bern University of Applied Sciences
            in Switzerland (“we,” “our,” or “us”) provides an experimental payment service
            through our Internet presence (collectively the “Services”). Before using our
            Services, please read the Terms of Service (the “Terms” or the “Agreement”)
            carefully.</paragraph>
        <section ids="this-is-research" names="this\ is\ research">
            <title>This is research</title>
            <paragraph>This is a research experiment. Any funds wired to our Bitcoin address are
                considered a donation to our research group. We may use them to enable
                payments following the GNU Taler protocol, or simply keep them at our
                discretion.  The service is experimental and may also be discontinued at
                any time, in which case all remaining funds will definitively be kept by
                the research group.</paragraph>
        </section>
        <section ids="overview" names="overview">
            <title>Overview</title>
            <paragraph>This section provides a brief summary of the highlights of this
                Agreement. Please note that when you accept this Agreement, you are accepting
                all of the terms and conditions and not just this section. We and possibly
                other third parties provide Internet services which interact with the Taler
                Wallet’s self-hosted personal payment application. When using the Taler Wallet
                to interact with our Services, you are agreeing to our Terms, so please read
                carefully.</paragraph>
            <section ids="highlights" names="highlights:">
                <title>Highlights:</title>
                <block_quote>
                    <bullet_list bullet="•">
                        <list_item>
                            <paragraph>You are responsible for keeping the data in your Taler Wallet at all times
                                under your control. Any losses arising from you not being in control of
                                your private information are your problem.</paragraph>
                        </list_item>
                        <list_item>
                            <paragraph>We may transfer funds we receive from our users to any legal
                                recipient to the best of our ability within the limitations of the law and
                                our implementation. However, the Services offered today are highly
                                experimental and the set of recipients of funds is severely restricted.
                                Again, we stress this is a research experiment and technically all funds
                                held by the exchange are owned by the research group of the university.</paragraph>
                        </list_item>
                        <list_item>
                            <paragraph>For our Services, we may charge transaction fees. The specific fee structure
                                is provided based on the Taler protocol and should be shown to you when you
                                withdraw electronic coins using a Taler Wallet. You agree and understand
                                that the Taler protocol allows for the fee structure to change.</paragraph>
                        </list_item>
                        <list_item>
                            <paragraph>You agree to not intentionally overwhelm our systems with requests and
                                follow responsible disclosure if you find security issues in our services.</paragraph>
                        </list_item>
                        <list_item>
                            <paragraph>We cannot be held accountable for our Services not being available due to
                                any circumstances. If we modify or terminate our services,
                                we may give you the opportunity to recover your funds. However,
                                given the experimental state of the Services today, this may not be
                                possible. You are strongly advised to limit your use of the Service
                                to small-scale experiments expecting total loss of all funds.</paragraph>
                        </list_item>
                    </bullet_list>
                </block_quote>
                <paragraph>These terms outline approved uses of our Services. The Services and these
                    Terms are still at an experimental stage. If you have any questions or
                    comments related to this Agreement, please send us a message to
                    <reference refuri="mailto:ice@bfh.ch">ice@bfh.ch</reference>. If you do not agree to this Agreement, you must not
                    use our Services.</paragraph>
            </section>
        </section>
        <section ids="how-you-accept-this-policy" names="how\ you\ accept\ this\ policy">
            <title>How you accept this policy</title>
            <paragraph>By sending funds to us (to top-up your Taler Wallet), you acknowledge that you
                have read, understood, and agreed to these Terms. We reserve the right to
                change these Terms at any time. If you disagree with the change, we may in the
                future offer you with an easy option to recover your unspent funds. However,
                in the current experimental period you acknowledge that this feature is not
                yet available, resulting in your funds being lost unless you accept the new
                Terms. If you continue to use our Services other than to recover your unspent
                funds, your continued use of our Services following any such change will
                signify your acceptance to be bound by the then current Terms. Please check
                the effective date above to determine if there have been any changes since you
                have last reviewed these Terms.</paragraph>
        </section>
        <section ids="services" names="services">
            <title>Services</title>
            <paragraph>We will try to transfer funds that we receive from users to any legal
                recipient to the best of our ability and within the limitations of the
                law. However, the Services offered today are highly experimental and the set
                of recipients of funds is severely restricted.  The Taler Wallet can be loaded
                by exchanging fiat or cryptocurrencies against electronic coins. We are
                providing this exchange service. Once your Taler Wallet is loaded with
                electronic coins they can be spent for purchases if the seller is accepting
                Taler as a means of payment. We are not guaranteeing that any seller is
                accepting Taler at all or a particular seller.  The seller or recipient of
                deposits of electronic coins must specify the target account, as per the
                design of the Taler protocol. They are responsible for following the protocol
                and specifying the correct bank account, and are solely liable for any losses
                that may arise from specifying the wrong account. We may allow the government
                to link wire transfers to the underlying contract hash. It is the
                responsibility of recipients to preserve the full contracts and to pay
                whatever taxes and charges may be applicable. Technical issues may lead to
                situations where we are unable to make transfers at all or lead to incorrect
                transfers that cannot be reversed. We may refuse to execute transfers if the
                transfers are prohibited by a competent legal authority and we are ordered to
                do so.</paragraph>
            <paragraph>When using our Services, you agree to not take any action that intentionally
                imposes an unreasonable load on our infrastructure. If you find security
                problems in our Services, you agree to first report them to
                <reference refuri="mailto:security@taler-systems.com">security@taler-systems.com</reference> and grant us the right to publish your report. We
                warrant that we will ourselves publicly disclose any issues reported within 3
                months, and that we will not prosecute anyone reporting security issues if
                they did not exploit the issue beyond a proof-of-concept, and followed the
                above responsible disclosure practice.</paragraph>
        </section>
        <section ids="fees" names="fees">
            <title>Fees</title>
            <paragraph>You agree to pay the fees for exchanges and withdrawals completed via the
                Taler Wallet (“Fees”) as defined by us, which we may change from time to
                time. With the exception of wire transfer fees, Taler transaction fees are set
                for any electronic coin at the time of withdrawal and fixed throughout the
                validity period of the respective electronic coin. Your wallet should obtain
                and display applicable fees when withdrawing funds. Fees for coins obtained as
                change may differ from the fees applicable to the original coin. Wire transfer
                fees that are independent from electronic coins may change annually.  You
                authorize us to charge or deduct applicable fees owed in connection with
                deposits, exchanges and withdrawals following the rules of the Taler protocol.
                We reserve the right to provide different types of rewards to users either in
                the form of discount for our Services or in any other form at our discretion
                and without prior notice to you.</paragraph>
        </section>
        <section ids="eligibility-and-financial-self-responsibility" names="eligibility\ and\ financial\ self-responsibility">
            <title>Eligibility and Financial self-responsibility</title>
            <paragraph>To be eligible to use our Services, you must be able to form legally binding
                contracts or have the permission of your legal guardian. By using our
                Services, you represent and warrant that you meet all eligibility requirements
                that we outline in these Terms.</paragraph>
            <paragraph>You will be responsible for maintaining the availability, integrity and
                confidentiality of the data stored in your wallet. When you setup a Taler
                Wallet, you are strongly advised to follow the precautionary measures offered
                by the software to minimize the chances to losse access to or control over
                your Wallet data. We will not be liable for any loss or damage arising from
                your failure to comply with this paragraph.</paragraph>
        </section>
        <section ids="copyrights-and-trademarks" names="copyrights\ and\ trademarks">
            <title>Copyrights and trademarks</title>
            <paragraph>The Taler Wallet is released under the terms of the GNU General Public License
                (GNU GPL). You have the right to access, use, and share the Taler Wallet, in
                modified or unmodified form. However, the GPL is a strong copyleft license,
                which means that any derivative works must be distributed under the same
                license terms as the original software. If you have any questions, you should
                review the GNU GPL’s full terms and conditions at
                <reference refuri="https://www.gnu.org/licenses/gpl-3.0.en.html">https://www.gnu.org/licenses/gpl-3.0.en.html</reference>.  “Taler” itself is a trademark
                of Taler Systems SA. You are welcome to use the name in relation to processing
                payments using the Taler protocol, assuming your use is compatible with an
                official release from the GNU Project that is not older than two years.</paragraph>
        </section>
        <section ids="limitation-of-liability-disclaimer-of-warranties" names="limitation\ of\ liability\ &amp;\ disclaimer\ of\ warranties">
            <title>Limitation of liability &amp; disclaimer of warranties</title>
            <paragraph>You understand and agree that we have no control over, and no duty to take any
                action regarding: Failures, disruptions, errors, or delays in processing that
                you may experience while using our Services; The risk of failure of hardware,
                software, and Internet connections; The risk of malicious software being
                introduced or found in the software underlying the Taler Wallet; The risk that
                third parties may obtain unauthorized access to information stored within your
                Taler Wallet, including, but not limited to your Taler Wallet coins or backup
                encryption keys.  You release us from all liability related to any losses,
                damages, or claims arising from:</paragraph>
            <enumerated_list enumtype="loweralpha" prefix="(" suffix=")">
                <list_item>
                    <paragraph>user error such as forgotten passwords, incorrectly constructed
                        transactions;</paragraph>
                </list_item>
                <list_item>
                    <paragraph>server failure or data loss;</paragraph>
                </list_item>
                <list_item>
                    <paragraph>unauthorized access to the Taler Wallet application;</paragraph>
                </list_item>
                <list_item>
                    <paragraph>bugs or other errors in the Taler Wallet software; and</paragraph>
                </list_item>
                <list_item>
                    <paragraph>any unauthorized third party activities, including, but not limited to,
                        the use of viruses, phishing, brute forcing, or other means of attack
                        against the Taler Wallet. We make no representations concerning any
                        Third Party Content contained in or accessed through our Services.</paragraph>
                </list_item>
            </enumerated_list>
            <paragraph>Any other terms, conditions, warranties, or representations associated with
                such content, are solely between you and such organizations and/or
                individuals.</paragraph>
            <paragraph>To the fullest extent permitted by applicable law, in no event will we or any
                of our officers, directors, representatives, agents, servants, counsel,
                employees, consultants, lawyers, and other personnel authorized to act,
                acting, or purporting to act on our behalf (collectively the “Taler Parties”)
                be liable to you under contract, tort, strict liability, negligence, or any
                other legal or equitable theory, for:</paragraph>
            <enumerated_list enumtype="loweralpha" prefix="(" suffix=")">
                <list_item>
                    <paragraph>any lost profits, data loss, cost of procurement of substitute goods or
                        services, or direct, indirect, incidental, special, punitive, compensatory,
                        or consequential damages of any kind whatsoever resulting from:</paragraph>
                </list_item>
            </enumerated_list>
            <block_quote>
                <enumerated_list enumtype="lowerroman" prefix="(" suffix=")">
                    <list_item>
                        <paragraph>your use of, or conduct in connection with, our services;</paragraph>
                    </list_item>
                    <list_item>
                        <paragraph>any unauthorized use of your wallet and/or private key due to your
                            failure to maintain the confidentiality of your wallet;</paragraph>
                    </list_item>
                    <list_item>
                        <paragraph>any interruption or cessation of transmission to or from the services; or</paragraph>
                    </list_item>
                    <list_item>
                        <paragraph>any bugs, viruses, trojan horses, or the like that are found in the Taler
                            Wallet software or that may be transmitted to or through our services by
                            any third party (regardless of the source of origination), or</paragraph>
                    </list_item>
                </enumerated_list>
            </block_quote>
            <enumerated_list enumtype="loweralpha" prefix="(" start="2" suffix=")">
                <list_item>
                    <paragraph>any direct damages.</paragraph>
                </list_item>
            </enumerated_list>
            <paragraph>These limitations apply regardless of legal theory, whether based on tort,
                strict liability, breach of contract, breach of warranty, or any other legal
                theory, and whether or not we were advised of the possibility of such
                damages. Some jurisdictions do not allow the exclusion or limitation of
                liability for consequential or incidental damages, so the above limitation may
                not apply to you.</paragraph>
            <paragraph>Our services are provided “as is” and without warranty of any kind. To the
                maximum extent permitted by law, we disclaim all representations and
                warranties, express or implied, relating to the services and underlying
                software or any content on the services, whether provided or owned by us or by
                any third party, including without limitation, warranties of merchantability,
                fitness for a particular purpose, title, non-infringement, freedom from
                computer virus, and any implied warranties arising from course of dealing,
                course of performance, or usage in trade, all of which are expressly
                disclaimed. In addition, we do not represent or warrant that the content
                accessible via the services is accurate, complete, available, current, free of
                viruses or other harmful components, or that the results of using the services
                will meet your requirements. Some states do not allow the disclaimer of
                implied warranties, so the foregoing disclaimers may not apply to you. This
                paragraph gives you specific legal rights and you may also have other legal
                rights that vary from state to state.</paragraph>
        </section>
        <section ids="indemnity-and-time-limitation-on-claims-and-termination" names="indemnity\ and\ time\ limitation\ on\ claims\ and\ termination">
            <title>Indemnity and Time limitation on claims and Termination</title>
            <paragraph>To the extent permitted by applicable law, you agree to defend, indemnify, and
                hold harmless the Taler Parties from and against any and all claims, damages,
                obligations, losses, liabilities, costs or debt, and expenses (including, but
                not limited to, attorney’s fees) arising from: (a) your use of and access to
                the Services; (b) any feedback or submissions you provide to us concerning the
                Taler Wallet; (c) your violation of any term of this Agreement; or (d) your
                violation of any law, rule, or regulation, or the rights of any third party.</paragraph>
            <paragraph>You agree that any claim you may have arising out of or related to your
                relationship with us must be filed within one year after such claim arises,
                otherwise, your claim in permanently barred.</paragraph>
            <paragraph>In the event of termination concerning your use of our Services, your
                obligations under this Agreement will still continue.</paragraph>
        </section>
        <section ids="discontinuance-of-services-and-force-majeure" names="discontinuance\ of\ services\ and\ force\ majeure">
            <title>Discontinuance of services and Force majeure</title>
            <paragraph>We may, in our sole discretion and without cost to you, with or without prior
                notice, and at any time, modify or discontinue, temporarily or permanently,
                any portion of our Services. We will use the Taler protocol’s provisions to
                notify Wallets if our Services are to be discontinued. It is your
                responsibility to ensure that the Taler Wallet is online at least once every
                three months to observe these notifications. We shall not be held responsible
                or liable for any loss of funds in the event that we discontinue or depreciate
                the Services and your Taler Wallet fails to transfer out the coins within a
                three months notification period.</paragraph>
            <paragraph>We shall not be held liable for any delays, failure in performance, or
                interruptions of service which result directly or indirectly from any cause or
                condition beyond our reasonable control, including but not limited to: any
                delay or failure due to any act of God, act of civil or military authorities,
                act of terrorism, civil disturbance, war, strike or other labor dispute, fire,
                interruption in telecommunications or Internet services or network provider
                services, failure of equipment and/or software, other catastrophe, or any
                other occurrence which is beyond our reasonable control and shall not affect
                the validity and enforceability of any remaining provisions.</paragraph>
        </section>
        <section ids="governing-law-waivers-severability-and-assignment" names="governing\ law,\ waivers,\ severability\ and\ assignment">
            <title>Governing law, Waivers, Severability and Assignment</title>
            <paragraph>No matter where you’re located, the laws of Switzerland will govern these
                Terms. If any provisions of these Terms are inconsistent with any applicable
                law, those provisions will be superseded or modified only to the extent such
                provisions are inconsistent. The parties agree to submit to the ordinary
                courts in Bern, Switzerland for exclusive jurisdiction of any dispute
                arising out of or related to your use of the Services or your breach of these
                Terms.</paragraph>
            <paragraph>Our failure to exercise or delay in exercising any right, power, or privilege
                under this Agreement shall not operate as a waiver; nor shall any single or
                partial exercise of any right, power, or privilege preclude any other or
                further exercise thereof.</paragraph>
            <paragraph>You agree that we may assign any of our rights and/or transfer, sub-contract,
                or delegate any of our obligations under these Terms.</paragraph>
            <paragraph>If it turns out that any part of this Agreement is invalid, void, or for any
                reason unenforceable, that term will be deemed severable and limited or
                eliminated to the minimum extent necessary.</paragraph>
            <paragraph>This Agreement sets forth the entire understanding and agreement as to the
                subject matter hereof and supersedes any and all prior discussions,
                agreements, and understandings of any kind (including, without limitation, any
                prior versions of this Agreement) and every nature between us. Except as
                provided for above, any modification to this Agreement must be in writing and
                must be signed by both parties.</paragraph>
        </section>
        <section ids="questions-or-comments" names="questions\ or\ comments">
            <title>Questions or comments</title>
            <paragraph>We welcome comments, questions, concerns, or suggestions. Please send us a
                message on our contact page at <reference refuri="mailto:legal@taler-systems.com">legal@taler-systems.com</reference>.</paragraph>
        </section>
    </section>
 </document>
--- a/contrib/tos/en/tos-v0.epub
+++ b/contrib/tos/en/tos-v0.epub
--- a/contrib/tos/en/tos-v0.html
+++ b/contrib/tos/en/tos-v0.html
--- a/contrib/tos/en/tos-v0.txt
+++ b/contrib/tos/en/tos-v0.txt
@ -1,337 +0,0 @@
 Terms Of Service
 ****************
 Last Updated: 12.4.2019
 Welcome! Taler Systems SA (“we,” “our,” or “us”) provides a payment
 service through our Internet presence (collectively the “Services”).
 Before using our Services, please read the Terms of Service (the
 “Terms” or the “Agreement”) carefully.
 Overview
 ========
 This section provides a brief summary of the highlights of this
 Agreement. Please note that when you accept this Agreement, you are
 accepting all of the terms and conditions and not just this section.
 We and possibly other third parties provide Internet services which
 interact with the Taler Wallet’s self-hosted personal payment
 application. When using the Taler Wallet to interact with our
 Services, you are agreeing to our Terms, so please read carefully.
 Highlights:
 -----------
   * You are responsible for keeping the data in your Taler Wallet at
     all times under your control. Any losses arising from you not
     being in control of your private information are your problem.
   * We will try to transfer funds we hold in escrow for our users to
     any legal recipient to the best of our ability within the
     limitations of the law and our implementation. However, the
     Services offered today are highly experimental and the set of
     recipients of funds is severely restricted.
   * For our Services, we may charge transaction fees. The specific
     fee structure is provided based on the Taler protocol and should
     be shown to you when you withdraw electronic coins using a Taler
     Wallet. You agree and understand that the Taler protocol allows
     for the fee structure to change.
   * You agree to not intentionally overwhelm our systems with
     requests and follow responsible disclosure if you find security
     issues in our services.
   * We cannot be held accountable for our Services not being
     available due to circumstances beyond our control. If we modify
     or terminate our services, we will try to give you the
     opportunity to recover your funds. However, given the
     experimental state of the Services today, this may not be
     possible. You are strongly advised to limit your use of the
     Service to small-scale experiments expecting total loss of all
     funds.
 These terms outline approved uses of our Services. The Services and
 these Terms are still at an experimental stage. If you have any
 questions or comments related to this Agreement, please send us a
 message to legal@taler-systems.com. If you do not agree to this
 Agreement, you must not use our Services.
 How you accept this policy
 ==========================
 By sending funds to us (to top-up your Taler Wallet), you acknowledge
 that you have read, understood, and agreed to these Terms. We reserve
 the right to change these Terms at any time. If you disagree with the
 change, we may in the future offer you with an easy option to recover
 your unspent funds. However, in the current experimental period you
 acknowledge that this feature is not yet available, resulting in your
 funds being lost unless you accept the new Terms. If you continue to
 use our Services other than to recover your unspent funds, your
 continued use of our Services following any such change will signify
 your acceptance to be bound by the then current Terms. Please check
 the effective date above to determine if there have been any changes
 since you have last reviewed these Terms.
 Services
 ========
 We will try to transfer funds that we hold in escrow for our users to
 any legal recipient to the best of our ability and within the
 limitations of the law and our implementation. However, the Services
 offered today are highly experimental and the set of recipients of
 funds is severely restricted.  The Taler Wallet can be loaded by
 exchanging fiat currencies against electronic coins. We are providing
 this exchange service. Once your Taler Wallet is loaded with
 electronic coins they can be spent for purchases if the seller is
 accepting Taler as a means of payment. We are not guaranteeing that
 any seller is accepting Taler at all or a particular seller.  The
 seller or recipient of deposits of electronic coins must specify the
 target account, as per the design of the Taler protocol. They are
 responsible for following the protocol and specifying the correct bank
 account, and are solely liable for any losses that may arise from
 specifying the wrong account. We will allow the government to link
 wire transfers to the underlying contract hash. It is the
 responsibility of recipients to preserve the full contracts and to pay
 whatever taxes and charges may be applicable. Technical issues may
 lead to situations where we are unable to make transfers at all or
 lead to incorrect transfers that cannot be reversed. We will only
 refuse to execute transfers if the transfers are prohibited by a
 competent legal authority and we are ordered to do so.
 When using our Services, you agree to not take any action that
 intentionally imposes an unreasonable load on our infrastructure. If
 you find security problems in our Services, you agree to first report
 them to security@taler-systems.com and grant us the right to publish
 your report. We warrant that we will ourselves publicly disclose any
 issues reported within 3 months, and that we will not prosecute anyone
 reporting security issues if they did not exploit the issue beyond a
 proof-of-concept, and followed the above responsible disclosure
 practice.
 Fees
 ====
 You agree to pay the fees for exchanges and withdrawals completed via
 the Taler Wallet ("Fees") as defined by us, which we may change from
 time to time. With the exception of wire transfer fees, Taler
 transaction fees are set for any electronic coin at the time of
 withdrawal and fixed throughout the validity period of the respective
 electronic coin. Your wallet should obtain and display applicable fees
 when withdrawing funds. Fees for coins obtained as change may differ
 from the fees applicable to the original coin. Wire transfer fees that
 are independent from electronic coins may change annually.  You
 authorize us to charge or deduct applicable fees owed in connection
 with deposits, exchanges and withdrawals following the rules of the
 Taler protocol. We reserve the right to provide different types of
 rewards to users either in the form of discount for our Services or in
 any other form at our discretion and without prior notice to you.
 Eligibility and Financial self-responsibility
 =============================================
 To be eligible to use our Services, you must be able to form legally
 binding contracts or have the permission of your legal guardian. By
 using our Services, you represent and warrant that you meet all
 eligibility requirements that we outline in these Terms.
 You will be responsible for maintaining the availability, integrity
 and confidentiality of the data stored in your wallet. When you setup
 a Taler Wallet, you are strongly advised to follow the precautionary
 measures offered by the software to minimize the chances to losse
 access to or control over your Wallet data. We will not be liable for
 any loss or damage arising from your failure to comply with this
 paragraph.
 Copyrights and trademarks
 =========================
 The Taler Wallet is released under the terms of the GNU General Public
 License (GNU GPL). You have the right to access, use, and share the
 Taler Wallet, in modified or unmodified form. However, the GPL is a
 strong copyleft license, which means that any derivative works must be
 distributed under the same license terms as the original software. If
 you have any questions, you should review the GNU GPL’s full terms and
 conditions at https://www.gnu.org/licenses/gpl-3.0.en.html.  “Taler”
 itself is a trademark of Taler Systems SA. You are welcome to use the
 name in relation to processing payments using the Taler protocol,
 assuming your use is compatible with an official release from the GNU
 Project that is not older than two years.
 Limitation of liability & disclaimer of warranties
 ==================================================
 You understand and agree that we have no control over, and no duty to
 take any action regarding: Failures, disruptions, errors, or delays in
 processing that you may experience while using our Services; The risk
 of failure of hardware, software, and Internet connections; The risk
 of malicious software being introduced or found in the software
 underlying the Taler Wallet; The risk that third parties may obtain
 unauthorized access to information stored within your Taler Wallet,
 including, but not limited to your Taler Wallet coins or backup
 encryption keys.  You release us from all liability related to any
 losses, damages, or claims arising from:
 1. user error such as forgotten passwords, incorrectly constructed
   transactions;
 2. server failure or data loss;
 3. unauthorized access to the Taler Wallet application;
 4. bugs or other errors in the Taler Wallet software; and
 5. any unauthorized third party activities, including, but not limited
   to, the use of viruses, phishing, brute forcing, or other means of
   attack against the Taler Wallet. We make no representations
   concerning any Third Party Content contained in or accessed through
   our Services.
 Any other terms, conditions, warranties, or representations associated
 with such content, are solely between you and such organizations
 and/or individuals.
 To the fullest extent permitted by applicable law, in no event will we
 or any of our officers, directors, representatives, agents, servants,
 counsel, employees, consultants, lawyers, and other personnel
 authorized to act, acting, or purporting to act on our behalf
 (collectively the “Taler Parties”) be liable to you under contract,
 tort, strict liability, negligence, or any other legal or equitable
 theory, for:
 1. any lost profits, data loss, cost of procurement of substitute
   goods or services, or direct, indirect, incidental, special,
   punitive, compensatory, or consequential damages of any kind
   whatsoever resulting from:
   1. your use of, or conduct in connection with, our services;
   2. any unauthorized use of your wallet and/or private key due to
      your failure to maintain the confidentiality of your wallet;
   3. any interruption or cessation of transmission to or from the
      services; or
   4. any bugs, viruses, trojan horses, or the like that are found in
      the Taler Wallet software or that may be transmitted to or
      through our services by any third party (regardless of the
      source of origination), or
 2. any direct damages.
 These limitations apply regardless of legal theory, whether based on
 tort, strict liability, breach of contract, breach of warranty, or any
 other legal theory, and whether or not we were advised of the
 possibility of such damages. Some jurisdictions do not allow the
 exclusion or limitation of liability for consequential or incidental
 damages, so the above limitation may not apply to you.
 Our services are provided "as is" and without warranty of any kind. To
 the maximum extent permitted by law, we disclaim all representations
 and warranties, express or implied, relating to the services and
 underlying software or any content on the services, whether provided
 or owned by us or by any third party, including without limitation,
 warranties of merchantability, fitness for a particular purpose,
 title, non-infringement, freedom from computer virus, and any implied
 warranties arising from course of dealing, course of performance, or
 usage in trade, all of which are expressly disclaimed. In addition, we
 do not represent or warrant that the content accessible via the
 services is accurate, complete, available, current, free of viruses or
 other harmful components, or that the results of using the services
 will meet your requirements. Some states do not allow the disclaimer
 of implied warranties, so the foregoing disclaimers may not apply to
 you. This paragraph gives you specific legal rights and you may also
 have other legal rights that vary from state to state.
 Indemnity and Time limitation on claims and Termination
 =======================================================
 To the extent permitted by applicable law, you agree to defend,
 indemnify, and hold harmless the Taler Parties from and against any
 and all claims, damages, obligations, losses, liabilities, costs or
 debt, and expenses (including, but not limited to, attorney’s fees)
 arising from: (a) your use of and access to the Services; (b) any
 feedback or submissions you provide to us concerning the Taler Wallet;
 (c) your violation of any term of this Agreement; or (d) your
 violation of any law, rule, or regulation, or the rights of any third
 party.
 You agree that any claim you may have arising out of or related to
 your relationship with us must be filed within one year after such
 claim arises, otherwise, your claim in permanently barred.
 In the event of termination concerning your use of our Services, your
 obligations under this Agreement will still continue.
 Discontinuance of services and Force majeure
 ============================================
 We may, in our sole discretion and without cost to you, with or
 without prior notice, and at any time, modify or discontinue,
 temporarily or permanently, any portion of our Services. We will use
 the Taler protocol’s provisions to notify Wallets if our Services are
 to be discontinued. It is your responsibility to ensure that the Taler
 Wallet is online at least once every three months to observe these
 notifications. We shall not be held responsible or liable for any loss
 of funds in the event that we discontinue or depreciate the Services
 and your Taler Wallet fails to transfer out the coins within a three
 months notification period.
 We shall not be held liable for any delays, failure in performance, or
 interruptions of service which result directly or indirectly from any
 cause or condition beyond our reasonable control, including but not
 limited to: any delay or failure due to any act of God, act of civil
 or military authorities, act of terrorism, civil disturbance, war,
 strike or other labor dispute, fire, interruption in
 telecommunications or Internet services or network provider services,
 failure of equipment and/or software, other catastrophe, or any other
 occurrence which is beyond our reasonable control and shall not affect
 the validity and enforceability of any remaining provisions.
 Governing law, Waivers, Severability and Assignment
 ===================================================
 No matter where you’re located, the laws of Switzerland will govern
 these Terms. If any provisions of these Terms are inconsistent with
 any applicable law, those provisions will be superseded or modified
 only to the extent such provisions are inconsistent. The parties agree
 to submit to the ordinary courts in Zurich, Switzerland for exclusive
 jurisdiction of any dispute arising out of or related to your use of
 the Services or your breach of these Terms.
 Our failure to exercise or delay in exercising any right, power, or
 privilege under this Agreement shall not operate as a waiver; nor
 shall any single or partial exercise of any right, power, or privilege
 preclude any other or further exercise thereof.
 You agree that we may assign any of our rights and/or transfer, sub-
 contract, or delegate any of our obligations under these Terms.
 If it turns out that any part of this Agreement is invalid, void, or
 for any reason unenforceable, that term will be deemed severable and
 limited or eliminated to the minimum extent necessary.
 This Agreement sets forth the entire understanding and agreement as to
 the subject matter hereof and supersedes any and all prior
 discussions, agreements, and understandings of any kind (including,
 without limitation, any prior versions of this Agreement) and every
 nature between us. Except as provided for above, any modification to
 this Agreement must be in writing and must be signed by both parties.
 Questions or comments
 =====================
 We welcome comments, questions, concerns, or suggestions. Please send
 us a message on our contact page at legal@taler-systems.com.
--- a/contrib/tos/tos-v0.rst
+++ b/contrib/tos/tos-v0.rst
--- a/contrib/uncrustify_precommit
+++ b/contrib/uncrustify_precommit
@ -1,10 +1,11 @@
 #!/bin/sh
 # use as .git/hooks/pre-commit
 exec 1>&2
 RET=0
-changed=$(git diff --cached --name-only | grep -v mustach)
+changed=$(git diff --cached --name-only)
 crustified=""
 for f in $changed;
--- a/contrib/update-pp.sh
+++ b/contrib/update-pp.sh
@ -14,8 +14,7 @@ cd pp
 for l in $@
 do
    mkdir -p $l
-    echo "Generating PP for language $l"
+    echo Generating PP for language $l
    cat conf.py.in | sed -e "s/%VERSION%/$VERSION/g" > conf.py
    # 'f' is for the supported formats, note that the 'make' target
    # MUST match the file extension.
    for f in html txt pdf epub xml
@ -23,16 +22,7 @@ do
        rm -rf _build
        echo "  Generating format $f"
        make -e SPHINXOPTS="-D language='$l'" $f >>sphinx.log 2>>sphinx.err < /dev/null
-        if test $f = "html"
+        mv _build/$f/pp.$f $l/${VERSION}.$f
        then
            htmlark -o $l/${VERSION}.$f _build/$f/${VERSION}.$f
        else
            mv _build/$f/${VERSION}.$f $l/${VERSION}.$f
        fi
        if test $f = "txt"
        then
            cp $l/${VERSION}.$f $l/${VERSION}.md
        fi
    done
 done
 cd ..
--- a/contrib/update-tos.sh
+++ b/contrib/update-tos.sh
@ -14,8 +14,7 @@ cd tos
 for l in $@
 do
    mkdir -p $l
-    echo "Generating TOS for language $l"
+    echo Generating TOS for language $l
    cat conf.py.in | sed -e "s/%VERSION%/$VERSION/g" > conf.py
    # 'f' is for the supported formats, note that the 'make' target
    # MUST match the file extension.
    for f in html txt pdf epub xml
@ -23,17 +22,7 @@ do
        rm -rf _build
        echo "  Generating format $f"
        make -e SPHINXOPTS="-D language='$l'" $f >>sphinx.log 2>>sphinx.err < /dev/null
-        if test $f = "html"
+        mv _build/$f/tos.$f $l/${VERSION}.$f
        then
            htmlark -o $l/${VERSION}.$f _build/$f/${VERSION}.$f
        else
            mv _build/$f/${VERSION}.$f $l/${VERSION}.$f
        fi
        if test $f = "txt"
        then
            cp $l/${VERSION}.$f $l/${VERSION}.md
        fi
    done
 done
 cd ..
 echo "Success"
--- a/debian/changelog
+++ b/debian/changelog
@ -1,51 +1,3 @@
 taler-exchange (0.9.2-3) unstable; urgency=low
  * Improvements to timeout handling when DB is not available yet.
 -- Florian Dold <dold@taler.net>  Tue, 14 Mar 2023 12:30:15 +0100
 taler-exchange (0.9.2-2) unstable; urgency=low
  * Further improvements to Debian package.
 -- Christian Grothoff <grothoff@gnu.org>  Sat, 3 Mar 2023 23:50:12 +0200
 taler-exchange (0.9.2-1) unstable; urgency=low
  * Minor improvements to Debian package, also adds age-withdraw REST APIs.
 -- Christian Grothoff <grothoff@gnu.org>  Sat, 3 Mar 2023 13:50:12 +0200
 taler-exchange (0.9.2) unstable; urgency=low
  * Packaging latest release.
 -- Christian Grothoff <grothoff@gnu.org>  Tue, 21 Feb 2023 13:50:12 +0200
 taler-exchange (0.9.1) unstable; urgency=low
  * Packaging latest release.
 -- Christian Grothoff <grothoff@gnu.org>  Tue, 17 Jan 2023 11:50:12 +0200
 taler-exchange (0.9.0) unstable; urgency=low
  * Packaging latest release.
 -- Christian Grothoff <grothoff@gnu.org>  Sat, 5 Nov 2022 11:50:12 +0200
 taler-exchange (0.8.99-2) unstable; urgency=low
  * Packaging latest pre-release from Git.
 -- Christian Grothoff <grothoff@gnu.org>  Mon, 26 Sep 2022 09:50:12 +0200
 taler-exchange (0.8.99-1) unstable; urgency=low
  * Updating to latest pre-release from Git.
 -- Christian Grothoff <grothoff@taler.net>  Mon, 20 Jun 2022 13:12:58 +0200
 taler-exchange (0.8.5-3) unstable; urgency=low
  * Updating to latest Git with minor bugfixes and improvements.
--- a/debian/control
+++ b/debian/control
@ -9,22 +9,27 @@ Build-Depends:
 bash,
 debhelper-compat (= 12),
 gettext,
- libgnunet-dev (>=0.17.1),
+ libgnunet-dev (>=0.15.3),
 libcurl4-gnutls-dev (>=7.35.0) | libcurl4-openssl-dev (>= 7.35.0),
- libgcrypt20-dev (>=1.8),
+ libgcrypt20-dev (>=1.6),
 libgnutls28-dev (>=3.2.12),
 libidn2-dev,
 libjansson-dev,
 libltdl-dev (>=2.2),
- libmicrohttpd-dev (>=0.9.71),
+ libmicrohttpd-dev (>=0.9.63),
- libpq-dev (>=13),
+ libpq-dev (>=9.5),
 libsodium-dev (>=1.0.11),
 libsqlite3-dev (>=3.8),
 libunistring-dev (>=0.9.2),
 python3-jinja2,
 net-tools,
 po-debconf,
 python3-dev,
 texinfo (>=5.2),
 zlib1g-dev
 Build-Conflicts:
 autoconf2.13,
 automake1.4
 Standards-Version: 4.5.0
 Vcs-Git: https://salsa.debian.org/debian/taler-exchange.git
 Vcs-browser: https://salsa.debian.org/debian/taler-exchange
@ -39,12 +44,7 @@ Depends:
 netbase,
 ${misc:Depends},
 ${shlibs:Depends}
-Description: Libraries to talk to a GNU Taler exchange.
+Description: libraries to talk to a GNU Taler exchange
  The package also contains various files fundamental
  to all GNU Taler installations, such as the
  taler-config configuration command-line tool,
  various base configuration files and associated
  documentation.
 Package: taler-exchange-database
 Architecture: any
@ -55,10 +55,7 @@ Depends:
 netbase,
 ${misc:Depends},
 ${shlibs:Depends}
-Description: Programs and libraries to manage a GNU Taler exchange database.
+Description: programs and libraries to manage a GNU Taler exchange database
 This package contains only the code to setup the
 (Postgresql) database interaction (taler-exchange-dbinit
 and associated resource files).
 Package: taler-exchange
 Architecture: any
@ -75,24 +72,8 @@ Depends:
 ${misc:Depends},
 ${shlibs:Depends}
 Recommends:
-  taler-exchange-offline (= ${binary:Version}),
+  taler-exchange-offline (= ${binary:Version})
-  postgresql (>=13.0)
+Description: GNU's payment system operator
 Description: GNU's payment system operator.
  GNU Taler is the privacy-preserving digital payment
  system from the GNU project. This package contains the
  core logic that must be run by the payment service
  provider or bank to offer payments to consumers and
  merchants.  At least one exchange must be operated
  per currency.
  In addition to the core logic, an exchange operator
  must also have a system running the "offline" logic
  which is packaged as taler-exchange-offline. It is
  recommended to keep the "offline" logic on a system
  that is never connected to the Internet. However, it
  is also possible to run the "offline" logic directly
  on the production system, especially for testing.
  Finally, an exchange operator should also be prepared
  to run a taler-auditor.
 Package: taler-exchange-offline
 Architecture: any
@ -105,14 +86,7 @@ Depends:
 netbase,
 ${misc:Depends},
 ${shlibs:Depends}
-Description: Tools for managing the GNU Taler exchange offline keys.
+Description: tools for managing the GNU Taler exchange offline keys
 A GNU Taler exchange uses an offline key to sign its online
 keys, fee structure, bank routing information and other meta
 data. The offline signing key is the root of the Taler PKI
 that is then embedded in consumer wallets and merchant backends.
 This package includes the tool to download material to sign
 from the exchange, create signatures, and upload the resulting
 signatures to the exchange.
 Package: taler-auditor
 Architecture: any
@ -128,24 +102,16 @@ Depends:
 python3-jinja2,
 ${misc:Depends},
 ${shlibs:Depends}
-Description: GNU's payment system auditor.
+Description: GNU's payment system auditor
  GNU Taler is the privacy-preserving digital payment
  system from the GNU project. This package contains the
  auditor logic. It verifies that the taler-exchange run
  by a payment service provider is correctly performing
  its bank transactions and thus has the correct balance
  in its escrow account.  Each exchange operator is
  expected to make use of one or more auditors as part
  of its regulatory compliance.
 Package: libtalerexchange-dev
 Section: libdevel
 Architecture: any
 Depends:
 libtalerexchange (= ${binary:Version}),
- libgnunet-dev (>=0.17.1),
+ libgnunet-dev (>=0.15.3),
- libgcrypt20-dev (>=1.8),
+ libgcrypt20-dev (>=1.6),
- libmicrohttpd-dev (>=0.9.71),
+ libmicrohttpd-dev (>=0.9.33),
 ${misc:Depends},
 ${shlibs:Depends}
 Description: libraries to talk to a GNU Taler exchange (development)
--- a/debian/etc-libtalerexchange/taler/taler.conf
+++ b/debian/etc-libtalerexchange/taler/taler.conf
@ -30,8 +30,6 @@
 # systems is always rounded to this unit.
 #currency_round_unit = KUDOS:0.01
 # Monthly amount that mandatorily triggers an AML check
 #AML_THRESHOLD = KUDOS:10000000
 [paths]
--- a/debian/etc-taler-auditor/nginx/sites-available/taler-auditor
+++ b/debian/etc-taler-auditor/nginx/sites-available/taler-auditor
@ -1,18 +1,7 @@
-server {
+location /taler-auditor/ {
-
+         proxy_pass http://unix:/var/lib/taler-auditor/auditor.sock;
-  listen 80;
+         proxy_redirect off;
-  listen [::]:80;
+         proxy_set_header Host $host;
-
+         proxy_set_header X-Forwarded-Host "example.com";
-  server_name localhost;
+         proxy_set_header X-Forwarded-Proto "https";
  access_log /var/log/nginx/auditor.log;
  error_log /var/log/nginx/auditor.err;
  location /taler-auditor/ {
    proxy_pass http://unix:/var/lib/taler-auditor/auditor.sock;
    proxy_redirect off;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Host "localhost";
    #proxy_set_header X-Forwarded-Proto "https";
  }
 }
--- a/debian/etc-taler-exchange/nginx/sites-available/taler-exchange
+++ b/debian/etc-taler-exchange/nginx/sites-available/taler-exchange
@ -2,16 +2,13 @@ server {
  listen 80;
  listen [::]:80;
-  server_name localhost;
+  #server_name example.com;
  access_log /var/log/nginx/exchange.log;
  error_log /var/log/nginx/exchange.err;
  location /taler-exchange/ {
     proxy_pass http://unix:/run/taler/exchange-httpd/exchange-http.sock:/;
     proxy_redirect off;
     proxy_set_header Host $host;
-     proxy_set_header X-Forwarded-Host "localhost";
+     #proxy_set_header X-Forwarded-Host "example.com";
     #proxy_set_header X-Forwarded-Proto "https";
  }
 }
--- a/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
+++ b/debian/etc-taler-exchange/taler/conf.d/exchange-business.conf
@ -6,11 +6,11 @@
 # which you can get using `taler-exchange-offline setup`.
 # This is just an example, your key will be different!
 # MASTER_PUBLIC_KEY = YE6Q6TR1EDB7FD0S68TGDZGF1P0GHJD2S0XVV8R2S62MYJ6HJ4ZG
-# MASTER_PUBLIC_KEY =
+MASTER_PUBLIC_KEY =
 # Publicly visible base URL of the exchange.
 # BASE_URL = https://example.com/
-# BASE_URL =
+BASE_URL =
 # For your terms of service and privacy policy, you should specify
 # an Etag that must be updated whenever there are significant
@ -20,14 +20,12 @@
 # TERMS_ETAG =
 # PRIVACY_ETAG =
 SERVE = unix
 UNIXPATH_MODE = 666
 # Bank accounts used by the exchange should be specified here:
 [exchange-account-1]
-enable_credit = no
+enable_credit = yes
-enable_debit = no
+enable_debit = yes
 # Account identifier in the form of an RFC-8905 payto:// URI.
 # For SEPA, looks like payto://sepa/$IBAN?receiver-name=$NAME
@ -36,4 +34,4 @@ payto_uri =
 # Credentials to access the account are in a separate
 # config file with restricted permissions.
-@inline-secret@ exchange-accountcredentials-1 ../secrets/exchange-accountcredentials-1.secret.conf
+@inline-secret@ exchange-accountcredentials-1 ../secrets/exchange-accountcredentials.secret.conf
--- a/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials-1.secret.conf
+++ b/debian/etc-taler-exchange/taler/secrets/exchange-accountcredentials-1.secret.conf
--- a/debian/etc-taler-exchange/taler/secrets/exchange-db.secret.conf
+++ b/debian/etc-taler-exchange/taler/secrets/exchange-db.secret.conf
@ -4,7 +4,7 @@
 # Typically, there should only be a single line here, of the form:
-# CONFIG=postgres:///DATABASE
+CONFIG=postgres:///DATABASE
 # The details of the URI depend on where the database lives and how
 # access control was configured.
--- a/debian/libtalerexchange-dev.install
+++ b/debian/libtalerexchange-dev.install
@ -3,17 +3,12 @@ usr/bin/taler-aggregator-benchmark
 usr/bin/taler-exchange-benchmark
 usr/bin/taler-fakebank-run
 usr/bin/taler-bank-benchmark
 usr/bin/taler-exchange-kyc-tester
 # Only used in test cases.  Maybe these
 # shouldn't even be installed?
 usr/bin/taler-nexus-prepare
 usr/bin/taler-bank-manage-testing
 # Man pages
 usr/share/man/man1/taler-exchange-kyc-tester*
 # Headers
 usr/include/taler/*
--- a/debian/rules
+++ b/debian/rules
@ -7,9 +7,6 @@ include /usr/share/dpkg/architecture.mk
 %:
 	dh ${@}
 override_dh_builddeb:
 	dh_builddeb -- -Zgzip
 override_dh_auto_configure-arch:
 	dh_auto_configure -- --disable-rpath --with-microhttpd=yes $(shell dpkg-buildflags --export=configure)
@ -40,7 +37,6 @@ override_dh_installsystemd:
 	dh_installsystemd -ptaler-exchange --name=taler-exchange-aggregator --no-start --no-enable
 	dh_installsystemd -ptaler-exchange --name=taler-exchange-transfer --no-start --no-enable
 	dh_installsystemd -ptaler-exchange --name=taler-exchange-wirewatch --no-start --no-enable
 	dh_installsystemd -ptaler-exchange --name=taler-exchange-secmod-cs --no-start --no-enable
 	dh_installsystemd -ptaler-exchange --name=taler-exchange-secmod-eddsa --no-start --no-enable
 	dh_installsystemd -ptaler-exchange --name=taler-exchange-secmod-rsa --no-start --no-enable
 	dh_installsystemd -ptaler-exchange --name=taler-exchange-closer --no-start --no-enable
--- a/debian/taler-exchange-offline.postinst
+++ b/debian/taler-exchange-offline.postinst
@ -4,21 +4,20 @@ set -e
 . /usr/share/debconf/confmodule
 TALER_HOME="/var/lib/taler"
 case "${1}" in
 configure)
  if ! getent group taler-exchange-offline >/dev/null; then
-    addgroup --quiet taler-exchange-offline
+    addgroup --quiet --system taler-exchange-offline
  fi
  if ! getent passwd taler-exchange-offline >/dev/null; then
-    adduser --quiet \
+    adduser --quiet --system \
      --disabled-password \
      --system \
      --shell /bin/bash \
      --home /home/taler-exchange-offline \
      --ingroup taler-exchange-offline \
-      taler-exchange-offline
+      --no-create-home \
      --home ${TALER_HOME} taler-exchange-offline
  fi
  ;;
--- a/debian/taler-exchange.install
+++ b/debian/taler-exchange.install
@ -1,25 +1,17 @@
 usr/bin/taler-exchange-aggregator
 usr/bin/taler-exchange-closer
 usr/bin/taler-exchange-dbinit
 usr/bin/taler-exchange-drain
 usr/bin/taler-exchange-expire
 usr/bin/taler-exchange-httpd
 usr/bin/taler-exchange-router
 usr/bin/taler-exchange-secmod-cs
 usr/bin/taler-exchange-secmod-eddsa
 usr/bin/taler-exchange-secmod-rsa
 usr/bin/taler-exchange-transfer
 usr/bin/taler-exchange-wirewatch
 usr/bin/taler-exchange-wire-gateway-client
 usr/lib/*/taler/libtaler_plugin_kyclogic_*.so
 usr/lib/*/taler/libtaler_extension_*.so
 usr/share/man/man1/taler-exchange-aggregator*
 usr/share/man/man1/taler-exchange-closer*
 usr/share/man/man1/taler-exchange-dbinit*
 usr/share/man/man1/taler-exchange-drain*
 usr/share/man/man1/taler-exchange-expire*
 usr/share/man/man1/taler-exchange-httpd*
 usr/share/man/man1/taler-exchange-router*
 usr/share/man/man1/taler-exchange-secmod-eddsa*
 usr/share/man/man1/taler-exchange-secmod-rsa*
 usr/share/man/man1/taler-exchange-secmod-cs*
@ -30,7 +22,6 @@ usr/share/man/man1/taler-exchange-wire-gateway-client*
 usr/share/info/taler-bank*
 usr/share/info/taler-exchange*
 usr/share/taler/config.d/*
 usr/share/taler/exchange/templates/*.must
 # configuration files in /etc/taler
 debian/etc-taler-exchange/* etc/
--- a/debian/taler-exchange.postinst
+++ b/debian/taler-exchange.postinst
@ -30,7 +30,6 @@ configure)
  if ! getent passwd ${_EUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_EUSERNAME}
    adduser --quiet ${_EUSERNAME} ${_DBGROUPNAME}
    adduser --quiet ${_EUSERNAME} ${_GROUPNAME}
  fi
  if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_RSECUSERNAME}
@ -54,10 +53,10 @@ configure)
    adduser --quiet ${_AGGRUSERNAME} ${_DBGROUPNAME}
  fi
-  if ! dpkg-statoverride --list /etc/taler/secrets/exchange-accountcredentials-1.secret.conf >/dev/null 2>&1; then
+  if ! dpkg-statoverride --list /etc/taler/secrets/exchange-accountcredentials.secret.conf >/dev/null 2>&1; then
    dpkg-statoverride --add --update \
      ${_WIREUSERNAME} root 460 \
-      /etc/taler/secrets/exchange-accountcredentials-1.secret.conf
+      /etc/taler/secrets/exchange-accountcredentials.secret.conf
  fi
  if ! dpkg-statoverride --list /etc/taler/secrets/exchange-db.secret.conf >/dev/null 2>&1; then
--- a/debian/taler-exchange.postrm
+++ b/debian/taler-exchange.postrm
@ -7,16 +7,13 @@ if [ -f /usr/share/debconf/confmodule ]; then
 fi
 case "${1}" in
-purge)
+purge) ;;
-    rm -rf /var/lib/taler/exchange-offline /var/lib/taler/exchange-secmod-*
+remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear) ;;
    ;;
 remove | upgrade | failed-upgrade | abort-install | abort-upgrade | disappear)
    ;;
 *)
-    echo "postrm called with unknown argument \`${1}'" >&2
+  echo "postrm called with unknown argument \`${1}'" >&2
-    exit 1
+  exit 1
-    ;;
+  ;;
 esac
 #DEBHELPER#
--- a/debian/taler-exchange.taler-exchange-aggregator.service
+++ b/debian/taler-exchange.taler-exchange-aggregator.service
@ -1,18 +1,15 @@
 [Unit]
 Description=GNU Taler payment system exchange aggregator service
 PartOf=taler-exchange.target
 After=postgres.service
 [Service]
 User=taler-exchange-aggregator
 Type=simple
 Restart=always
-RestartSec=1s
+RestartSec=100ms
 ExecStart=/usr/bin/taler-exchange-aggregator -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 RuntimeMaxSec=3600s
--- a/debian/taler-exchange.taler-exchange-aggregator@.service
+++ b/debian/taler-exchange.taler-exchange-aggregator@.service
@ -1,17 +0,0 @@
 [Unit]
 Description=GNU Taler payment system exchange aggregator service
 PartOf=taler-exchange.target
 [Service]
 User=taler-exchange-aggregator
 Type=simple
 Restart=always
 RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-aggregator -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 RuntimeMaxSec=3600s
--- a/debian/taler-exchange.taler-exchange-closer.service
+++ b/debian/taler-exchange.taler-exchange-closer.service
@ -1,18 +1,15 @@
 [Unit]
 Description=GNU Taler payment system exchange closer service
 PartOf=taler-exchange.target
 After=network.target postgres.service
 [Service]
 User=taler-exchange-closer
 Type=simple
 Restart=always
-RestartSec=1s
+RestartSec=100ms
 ExecStart=/usr/bin/taler-exchange-closer -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 RuntimeMaxSec=3600s
--- a/debian/taler-exchange.taler-exchange-expire.service
+++ b/debian/taler-exchange.taler-exchange-expire.service
@ -1,18 +0,0 @@
 [Unit]
 Description=GNU Taler payment system exchange expire service
 PartOf=taler-exchange.target
 After=postgres.service
 [Service]
 User=taler-exchange-expire
 Type=simple
 Restart=always
 RestartSec=1s
 ExecStart=/usr/bin/taler-exchange-expire -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 RuntimeMaxSec=3600s
--- a/debian/taler-exchange.taler-exchange-httpd.service
+++ b/debian/taler-exchange.taler-exchange-httpd.service
@ -8,26 +8,17 @@ PartOf=taler-exchange.target
 [Service]
 User=taler-exchange-httpd
 Type=simple
-
+# Depending on the configuration, the service suicides and then
-# Depending on the configuration, the service process kills itself and then
+# needs to be restarted.
 # needs to be restarted. Thus no significant delay on restarts.
 Restart=always
 # Do not dally on restarts.
 RestartSec=1ms
 # Disable the service if more than 5 restarts are encountered within 5s.
 # These are usually the systemd defaults, but can be overwritten, thus we set
 # them here explicitly, as the exchange code assumes StartLimitInterval
 # to be >=5s.
 StartLimitBurst=5
 StartLimitInterval=5s
 ExecStart=/usr/bin/taler-exchange-httpd -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=no
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 [Install]
 WantedBy=multi-user.target
--- a/debian/taler-exchange.taler-exchange-httpd@.service
+++ b/debian/taler-exchange.taler-exchange-httpd@.service
@ -21,7 +21,6 @@ StandardError=journal
 PrivateTmp=no
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 [Install]
 WantedBy=multi-user.target
--- a/debian/taler-exchange.taler-exchange-secmod-cs.service
+++ b/debian/taler-exchange.taler-exchange-secmod-cs.service
@ -14,5 +14,3 @@ StandardError=journal
 PrivateTmp=no
 PrivateDevices=yes
 ProtectSystem=full
 IPAddressDeny=any
 Slice=taler-exchange.slice
--- a/debian/taler-exchange.taler-exchange-secmod-eddsa.service
+++ b/debian/taler-exchange.taler-exchange-secmod-eddsa.service
@ -14,6 +14,3 @@ StandardError=journal
 PrivateTmp=no
 PrivateDevices=yes
 ProtectSystem=full
 IPAddressDeny=any
 Slice=taler-exchange.slice
--- a/debian/taler-exchange.taler-exchange-secmod-rsa.service
+++ b/debian/taler-exchange.taler-exchange-secmod-rsa.service
@ -14,5 +14,3 @@ StandardError=journal
 PrivateTmp=no
 PrivateDevices=yes
 ProtectSystem=full
 IPAddressDeny=any
 Slice=taler-exchange.slice
--- a/debian/taler-exchange.taler-exchange-transfer.service
+++ b/debian/taler-exchange.taler-exchange-transfer.service
@ -1,18 +1,16 @@
 [Unit]
 Description=Taler Exchange Transfer Service
-After=network.target postgres.service
+After=network.target
 PartOf=taler-exchange.target
 [Service]
 User=taler-exchange-wire
 Type=simple
 Restart=always
-RestartSec=1s
+RestartSec=100ms
 ExecStart=/usr/bin/taler-exchange-transfer -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 RuntimeMaxSec=3600s
--- a/debian/taler-exchange.taler-exchange-wirewatch.service
+++ b/debian/taler-exchange.taler-exchange-wirewatch.service
@ -1,18 +1,16 @@
 [Unit]
 Description=GNU Taler payment system exchange wirewatch service
-After=network.target postgres.service
+After=network.target
 PartOf=taler-exchange.target
 [Service]
 User=taler-exchange-wire
 Type=simple
 Restart=always
-RestartSec=1s
+RestartSec=100ms
 RuntimeMaxSec=3600s
 ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
--- a/debian/taler-exchange.taler-exchange-wirewatch@.service
+++ b/debian/taler-exchange.taler-exchange-wirewatch@.service
@ -7,12 +7,10 @@ PartOf=taler-exchange.target
 User=taler-exchange-wire
 Type=simple
 Restart=always
-RestartSec=1s
+RestartSec=100ms
 ExecStart=/usr/bin/taler-exchange-wirewatch -c /etc/taler/taler.conf
 StandardOutput=journal
 StandardError=journal
 PrivateTmp=yes
 PrivateDevices=yes
 ProtectSystem=full
 Slice=taler-exchange.slice
 RuntimeMaxSec=3600s
--- a/debian/taler-exchange.taler-exchange.slice
+++ b/debian/taler-exchange.taler-exchange.slice
@ -1,7 +0,0 @@
 [Unit]
 Description=Slice for GNU taler exchange processes
 Before=slices.target
 [Slice]
 # Add settings that should affect all GNU Taler exchange
 # components here.
--- a/debian/taler-exchange.taler-exchange.target
+++ b/debian/taler-exchange.taler-exchange.target
@ -6,7 +6,6 @@ Wants=taler-exchange-httpd.service
 Wants=taler-exchange-wirewatch.service
 Wants=taler-exchange-aggregator.service
 Wants=taler-exchange-closer.service
 Wants=taler-exchange-expire.service
 Wants=taler-exchange-transfer.service
 [Install]
--- a/debian/taler-exchange.tmpfiles
+++ b/debian/taler-exchange.tmpfiles
@ -1,8 +1,7 @@
 #Type Path        Mode UID  GID  Age Argument
 d /run/taler/exchange-secmod-rsa 0755 taler-exchange-secmod-rsa taler-exchange-secmod  - -
 d /run/taler/exchange-secmod-cs 0755 taler-exchange-secmod-cs taler-exchange-secmod  - -
 d /run/taler/exchange-secmod-eddsa 0755 taler-exchange-secmod-eddsa taler-exchange-secmod  - -
 d /run/taler/exchange-httpd 0750 taler-exchange-httpd www-data  - -
-d /var/lib/taler/exchange-secmod-cs 0700 taler-exchange-secmod-cs taler-exchange-secmod  - -
+d /var/lib/taler/exchange-offline 0700 taler-exchange-offline taler-exchange-offline  - -
 d /var/lib/taler/exchange-secmod-rsa 0700 taler-exchange-secmod-rsa taler-exchange-secmod  - -
 d /var/lib/taler/exchange-secmod-eddsa 0700 taler-exchange-secmod-eddsa taler-exchange-secmod  - -
--- a/doc/.gitignore
+++ b/doc/.gitignore
@ -1,6 +1,7 @@
 *.aux
 *.dvi
 *.log
 *.pdf
 *.out
 *.snm
 *.toc
@ -24,6 +25,3 @@ taler-exchange.html
 taler-exchange.fn
 taler-exchange.cp
 taler-exchange.auxtaler-exchange.cps
 cbdc-es/cbdc-es.pdf
 cbdc-it/cbdc-it.pdf
 audit/response-202109.pdf
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@ -21,22 +21,16 @@ man_MANS = \
  prebuilt/man/taler-exchange-benchmark.1  \
  prebuilt/man/taler-exchange-closer.1     \
  prebuilt/man/taler-exchange-dbinit.1  \
  prebuilt/man/taler-exchange-drain.1  \
  prebuilt/man/taler-exchange-expire.1  \
  prebuilt/man/taler-exchange-httpd.1       \
  prebuilt/man/taler-exchange-kyc-tester.1       \
  prebuilt/man/taler-exchange-offline.1    \
  prebuilt/man/taler-exchange-router.1\
  prebuilt/man/taler-exchange-secmod-cs.1\
  prebuilt/man/taler-exchange-secmod-eddsa.1\
  prebuilt/man/taler-exchange-secmod-rsa.1 \
  prebuilt/man/taler-exchange-transfer.1\
  prebuilt/man/taler-exchange-wire-gateway-client.1\
  prebuilt/man/taler-exchange-wirewatch.1   \
  prebuilt/man/taler-exchange-wire-gateway-client.1\
  prebuilt/man/taler-helper-auditor-aggregation.1 \
  prebuilt/man/taler-helper-auditor-coins.1\
  prebuilt/man/taler-helper-auditor-deposits.1\
  prebuilt/man/taler-helper-auditor-purses.1\
  prebuilt/man/taler-helper-auditor-reserves.1\
  prebuilt/man/taler-helper-auditor-wire.1
--- a/doc/cbdc-it/cbdc-it.tex
+++ b/doc/cbdc-it/cbdc-it.tex
@ -43,14 +43,14 @@ migliorate per tutelare la privacy nelle transazioni, soddisfare i
 requisiti normativi in modo efficace e offrire un livello di protezione
 resistente ai computer quantistici contro il rischio sistemico per
 la privacy. Né la politica monetaria né la stabilità del sistema
-finanziario sarebbero realmente interessate da questo sistema, dal
+finanziario sarebbero realmente interessate da questo sistema dal
 momento che una moneta emessa in questo modo replicherebbe il contante
 fisico anziché i depositi bancari. \\
 JEL: E42, E51, E52, E58, G2
 \\
-Parole chiave: monete digitali, banca centrale, CBDC, firma cieca (\textit{blind signatures}),
+Parole chiave: monete digitali, banca centrale, CBDC, firma cieca,
 criptovalute stabili, \textit{stablecoins}
 \end{abstract}
@ -91,7 +91,7 @@ CoinMarketCap elenca oltre 5.000 criptovalute. Recentemente le banche
 centrali hanno iniziato a considerare, o almeno a studiare,
 l'emissione di monete digitali~\cite[vedi][]{AuerBoehme,AuerCornelli,Boar,Kiff,Mancini-Griffoli}.
-Attualmente, le banche centrali emettono due tipi di moneta: (i)
+Attualmente le banche centrali emettono due tipi di moneta: (i)
 riserve sotto forma di conti di regolamento presso le banche centrali,
 destinate solo agli operatori dei mercati finanziari, e (ii) divisa
 disponibile per tutti sotto forma di banconote. Di conseguenza, la
@ -1088,14 +1088,13 @@ possono supportare milioni di transazioni al secondo.
 % una discussione a riguardo:
 % https://italian.stackexchange.com/questions/3653/probabilmente-indicativo-o-congiuntivo
 % Not incorrect but FIXED anyway.
-
+Infine, il costo totale del sistema è basso. Probabilmente il costo
-Infine, il costo totale del sistema è basso. Il costo principale è
+principale è rappresentato dall'archiviazione sicura per
-rappresentato dall'archiviazione a lungo termine di 1–10 kilobyte
+molti anni di 1–10 kilobyte per transazione. Gli esperimenti su un
-per transazione. Gli esperimenti su un prototipo di GNU Taler che
+prototipo di GNU Taler che utilizzava i prezzi di \textit{Amazon Web Service}
-utilizzava i prezzi di \textit{Amazon Web Service} hanno stabilito
+hanno stabilito che il costo del sistema (archiviazione, larghezza di
-che il costo del sistema (archiviazione, larghezza di banda e capacità
+banda e capacità di calcolo) su larga scala sarebbe inferiore a 
-di calcolo) su larga scala sarebbe inferiore a 0,0001 USD per
+0,0001 USD per transazione~\cite[per i dettagli sui dati, si veda][]{Dold}.
 transazione~\cite[per i dettagli sui dati, si veda][]{Dold}.
 \section{Considerazioni normative e politiche}
    \label{5.-considerazioni-normative-e-politiche}
--- a/doc/cs/ads/glossary.tex
+++ b/doc/cs/ads/glossary.tex
@ -1,12 +1,12 @@
 %!TEX root = ../thesis.tex
 %
-% vorher in Konsole folgendes aufrufen:
+% vorher in Konsole folgendes aufrufen: 
 %	makeglossaries makeglossaries dokumentation.acn && makeglossaries dokumentation.glo
 %
 %
-% Glossareintraege --> reference, name, beschreibung
+% Glossareintraege --> referenz, name, beschreibung
 % Aufruf mit \gls{...}
 %
 % \newglossaryentry{non-repudiation}{name={non-repudiation},plural={non-repudiation},description={After a message is signed, one can not dispute that a message was signed}}
@ -18,36 +18,36 @@
 }
 \newglossaryentry{25519}{
-    name        = {Curve25519},
+    name        = {Curve25519}, 
-    description = {A popular elliptic curve used in many cryptographic systems based on elliptic curve cryptography. See section \ref{par:curve25519}}
+    description = {A popular elliptic curve used in many cryptographic systems based on elliptic curve cryptography. See section \ref{par:curve25519}} 
 }
 \newglossaryentry{fdh}{
    name        = {FDH},
-    description = {A Full-Domain Hash is a hash function with an image size equal to the original gorup. See section \ref{sec:rsa-fdh}}.
+    description = {A Full-Domain Hash is a hash function with an image size equal to the original gorup. See section \ref{sec:rsa-fdh}}. 
-}
+} 
 \newglossaryentry{idempotence}{
    name        = {idempotence},
-    description = {Idempotence in the context of computer science is a property to ensure that the state of system will not change, no matter how many times the same request was made. See section \ref{abort-idempotency}}
+    description = {Idempotence in the context of computer science is a property to ensure that the state of system will not change, no matter how many times the same request was made. See section \ref{abort-idempotency}} 
-}
+} 
 \newglossaryentry{abort-idempotency}{
    name        = {abort-idempotency},
-    description = {Abort-idempotency is a special case of \gls{idempotence}. On every step in a protocol it needs to be ensured that even on an abort, the same request always receives the same response. See section \ref{abort-idempotency}}
+    description = {Abort-idempotency is a special case of \gls{idempotence}. On every step in a protocol it needs to be ensured that even on an abort, the same request always receives the same response. See section \ref{abort-idempotency}} 
-}
+} 
 \newglossaryentry{RSABS}{
    name        = {RSA Blind Signatures},
-    description = {Chaums Blind Signature Scheme based on RSA. See section \ref{sec:blind-rsa-sign}}
+    description = {Chaums Blind Signature Scheme based on RSA. See section \ref{sec:blind-rsa-sign}} 
 }
 \newglossaryentry{CSBS}{
    name        = {Clause Blind Schnorr Signatures},
    description = {A secure variant of Blind Schnorr Signature Schemes introduced in section \ref{sec:clause-blind-schnorr-sig}}
-}
+} 
 % \newglossaryentry{25519}{
    % name        = {},
-    % description = {}
+    % description = {} 
-% }
+% } 
--- a/doc/cs/content/1_introduction.tex
+++ b/doc/cs/content/1_introduction.tex
@ -51,7 +51,7 @@ In scope are all necessary changes on the protocol(s) and components for the fol
    \item design and implement a protocol where the user proves to the exchange the knowledge of the coin that is to be signed (optional)
 \end{itemize}
-Out of scope is production readiness of the implementation.
+Out of scope is production readyness of the implementation.
 This is because changes in the protocos and code need to be thoroughly vetted to ensure that no weaknesses or security vulnerabilities were introduced.
 Such an audit is out of scope for the thesis and is recommended to be performed in the future.
 The iOS wallet will not be considered in this work.
@ -69,4 +69,4 @@ Scope changes during the project:
    \item \textbf{Adjusted: } Focus is on the implementation of the exchange protocols (Withdraw, Spend, Refresh and cryptographic utilities)
    \item \textbf{Adjusted: } Implementation of the refresh protocol and wallet-core are nice-to-have goals
    \item \textbf{Removed: } The Merchant and the android wallet implementations are out of scope
-\end{itemize}
+\end{itemize}
--- a/doc/cs/content/3_preliminaries.tex
+++ b/doc/cs/content/3_preliminaries.tex
@ -141,6 +141,7 @@ This can be used to detect compromised signing keys or a malicious exchange.
 \subsection{Properties}
 \label{sec:taler-properties}
 %Alle Taler Eigenschaften die wir angreifen wollen auflisten und bezug nehmen wie diese erreicht werden
 This section describes Taler's properties.
 \subsubsection{Free Software}
@ -298,7 +299,7 @@ If verification is successful, only Alice knows her private key and Bob uses Ali
 A digital signature scheme has a message space M, a signature space S and three algorithms:
 \begin{itemize}
    \item Key generation: $(pk,sk) \gets keyGen()$
-    \item Signature generation: $s \gets $sign$_sk(m)$
+    \item Signatue generation: $s \gets $sign$_sk(m)$
    \item Verification: $ v \gets $verify$_pk(m,s)$ where $v \in {0,1}$
 \end{itemize}
 If the result of the verification algorithm equals 1, a signature for m is called valid.
@ -782,7 +783,7 @@ A good introduction to cut and choose protocols gives the Paper from Claude Cré
        The expression cut-and-choose was later introduced by David Chaum in analogy to a popular cake sharing problem:
        Given a complete cake to be shared among two parties distrusting of each other (for reasons of serious appetite).
        A fair way for them to share the cake is to have one of them cut the cake in two equals hares, and let the other one choose his favourite share.
-        This solution guarantees that it is in the formers best interest to cut the shares as evenly as possible."
+        This solution guarantes that it is in the formers best interest to cut the shares as evenly as possible."
    }
 \end{center}
@ -869,10 +870,10 @@ Figure \ref{fig:withdraw-loophole-exploit} explains how such a payment would wor
 Note that we omitted the parts leading up to the coin creation (contract, agreement of price, number of coins and their denominations).
 This is how it works on a high level:
 \begin{enumerate}
-    \item The malicious merchant generates and blinds coins, which are then transmitted to the customer
+    \item The malicous merchant generates and blinds coins, which are then transmitted to the customer
    \item The customer authorizes the withdraw from his reserve by signing the blinded coins with the private key of his reserve, thus generating withdraw confirmations.
-    \item The withdraw confirmations are transmitted to the exchange, which generates the signatures and returns them to the malicious merchant.
+    \item The withdraw confirmations are transmitted to the exchange, which generates the signatures and returns them to the malicous merchant.
-    \item The malicious merchant unblinds the signatures.
+    \item The malicous merchant unblinds the signatures.
          He is now in possession of the coin, thus the payment is completed.
 \end{enumerate}
@ -881,7 +882,7 @@ This is how it works on a high level:
        \resizebox{1.0\textwidth}{!}{$\displaystyle
        \begin{array}{ l c l}
            % preliminaries
-            \textbf{Customer}          &  & \textbf{malicious Merchant}
+            \textbf{Customer}          &  & \textbf{malicous Merchant}
            \\ \text{knows:} & & \text{knows:}
            \\ \text{reserve keys } w_s, W_p
            \\ \text{denomination public key } D_p = \langle e, N \rangle & & \text{denomination public key } D_p = \langle e, N \rangle
@ -902,7 +903,7 @@ This is how it works on a high level:
            \\
            \hline
            \\
-            \textbf{malicious Merchant} &  & \textbf{Exchange}
+            \textbf{malicous Merchant} &  & \textbf{Exchange}
            \\\text{knows:} & & \text{knows:}
            \\& & \text{reserve public key } W_p
            \\ \text{denomination public key } D_p = \langle e, N \rangle & & \text{denomination keys } d_s, D_p
@ -948,6 +949,7 @@ Chapter 4.1.4 describes more general aspects as well as the contract header and
 \subsubsection{Spend Protocol}
 The payment process begins when a customer submits a shopping cart (one or more items to buy) and commits his intent to buy them.
 The merchant has a key pair skM, pkM of which the customer knows the public key.
 % besseres Wort als commit?
 Note that certain details contained in contract header or deposit permission like merchant \ac{KYC} information, deposit and refund deadlines and fees are left out.
 The deposit state machine can be seen in figure \ref{fig:deposit:states}.
 \begin{figure}[htp]
@ -1031,7 +1033,7 @@ In cases where there are multiple deposit permissions (meaning that multiple coi
              \item Is the signature of the coin valid?
              \item Is $ f $ (the value to be spent) smaller or equal the residual value of the coin (check for overspending attempt)?
          \end{itemize}
-          If all checks are successful, the exchange saves the deposit record containing the deposit permission and its signature in a database, subtracts the spent value from the residual value of the coin and schedules the money transfer to the merchant's account $ A_m $ (grouping payments is done to reduce payment fees).
+          If all checks are successful, the exchange saves the deposit record containing the deposit permission and its signature in a database, substracts the spent value from the residual value of the coin and schedules the money transfer to the merchant's account $ A_m $ (grouping payments is done to reduce payment fees).
          \\The exchange calculates a deposit confirmation signature $ \sigma_{DC} $ for the deposit permission with the exchange signing private key and returns them to the merchant.
          \\This signature is also used to prove that a merchant was the first to receive payment from a certain coin.
          Without this, an evil exchange could later deny confirming a payment and claim double spending.
@ -1178,7 +1180,7 @@ The customer, which holds the old partially spend coin and knows \\$C_{old} = \t
    On the exchange's side various checks are done to validate the request.
    Detailed steps of the commit phase are shown in figure  \ref{fig:refresh-part1}.
-
+    
    \begin{figure}
        \begin{equation*}
        \resizebox{1.0\textwidth}{!}{$\displaystyle
@ -1462,4 +1464,4 @@ When the list of trusted auditor certs of a customer/merchant somehow can be man
 One attack scenario would be to attack customers/merchants with a supply-chain attack on the wallets or merchant backends' implementation.
 With software supply-chain attacks on the rise in 2020/21 (although the concept is not new) such an attack could have a big impact. \\
 Since auditor certs are coupled with the wallet (or merchant) implementation, a bank, country, central bank or auditor will most likely publish a wallet and a merchant implementation for the corresponding Taler ecosystem.
-%This would make it possible for the publisher to make changes on the Taler protocol for this specific implementation.
+%This would make it possible for the publisher to make changes on the Taler protocol for this specific implementation.
--- a/doc/cs/content/4_2_specification.tex
+++ b/doc/cs/content/4_2_specification.tex
@ -256,7 +256,7 @@ Further, the API ensures that a caller must generate two secret $r$ as in the Cl
  * To ensure unpredictability a new nonce should be used when a new r needs to be derived.
  * Uses HKDF internally.
  * Comment: Can be done in one HKDF shot and split output.
-  *
+  * 
  * @param nonce is a random nonce
  * @param lts is a long-term-secret in form of a private key
  * @param[out] r array containing derived secrets r0 and r1
@ -265,8 +265,8 @@ Further, the API ensures that a caller must generate two secret $r$ as in the Cl
 GNUNET_CRYPTO_cs_r_derive (const struct GNUNET_CRYPTO_CsNonce *nonce,
                            const struct GNUNET_CRYPTO_CsPrivateKey *lts,
                            struct GNUNET_CRYPTO_CsRSecret r[2]);
-
+ 
-
+ 
 /**
  * Extract the public R of the given secret r.
  *
@ -289,7 +289,7 @@ The blinding secrets are generated by a client who provides a secret as seed to
 * To provide abort-idempotency, blinding factors need to be derived but still need to be UNPREDICTABLE
 * To ensure unpredictability a new nonce has to be used.
 * Uses HKDF internally
- *
+ * 
 * @param secret is secret to derive blinding factors
 * @param secret_len secret length
 * @param[out] bs array containing the two derivedGNUNET_CRYPTO_CsBlindingSecret
@ -306,7 +306,7 @@ Further the Clause Blind Schnorr API provides an API to calculate the two blinde
 /**
 * Calculate two blinded c's
 * Comment: One would be insecure due to Wagner's algorithm solving ROS
- *
+ * 
 * @param bs array of the two blinding factor structs each containing alpha and beta
 * @param r_pub array of the two signer's nonce R
 * @param pub the public key of the signer
@ -336,7 +336,7 @@ See listing \ref{lst:crypto-sign-api}.
 * To ensure unpredictability a new nonce has to be used for every signature
 * HKDF is used internally for derivation
 * r0 and r1 can be derived prior by using GNUNET_CRYPTO_cs_r_derive
- *
+ * 
 * @param priv private key to use for the signing and as LTS in HKDF
 * @param r array of the two secret nonce from the signer
 * @param c array of the two blinded c to sign c_b
@ -370,7 +370,7 @@ GNUNET_CRYPTO_cs_unblind (
    struct GNUNET_CRYPTO_CsS *signature_scalar);
 \end{lstlisting}
-The verify API takes the message and its signature with the public key and returns GNUNET\_OK for a valid signature and GNUNET\_SYSERR otherwise.
+The verify API takes the message and its signature with the public key and returns GNUNET\_OK for a valid signature and GNUNET\_SYSERR otherwhise.
 See listing \ref{lst:crypto-verify-api}.
 \begin{lstlisting}[style=bfh-c,language=C,, caption={GNUnet verify API}, label={lst:crypto-verify-api}]
@ -411,7 +411,7 @@ In crypto.c many utility functions are provided to create planchets (for planche
 One difference between \gls{RSABS} and \gls{CSBS} is, that the coin private key and RSA blinding secret can be created at the same point in time, since the RSA blinding secret is created randomly.
 However, for Clause Blind Schnorr secrets an additional step is needed, the public $R_0$ and $R_1$ are required to calculate the blinding seed to derive the secrets.
-A planchet in the Clause Blind Schnorr Signature Scheme can be created as followed (implementation details omitted).
+A planchet in the Clause Blind Schnorr Signature Scheme can be created as followed (implementation details ommited).
 \begin{enumerate}
  \item Create planchet with new \ac{EdDSA} private key
@ -467,7 +467,7 @@ The exchange offline signer requests the future, not yet signed keys by calling
      master\_pub & Exchange's master public key \\
      denom\_secmod\_public\_key & RSA security module public key \\
      denom\_secmod\_cs\_public\_key & \gls{CSBS} security module public key \\
-      signkey\_secmod\_public\_key & Online signing security module public key \\
+      signkey\_secmod\_public\_key & Online singing security module public key \\
  \end{tabular}
  \caption{GET \url{/management/keys} response data}
  \label{tab:management-keys-get}
--- a/doc/cs/content/4_3_implementation.tex
+++ b/doc/cs/content/4_3_implementation.tex
@ -94,8 +94,8 @@ The corresponding crypto helper, that talks with the security module, and its te
    \item \texttt{src/util/test\_helper\_cs.c}: Tests and benchmarks for the \gls{CSBS} crypto helper
 \end{itemize}
 % Crypto API offene Punkte:
-%Input-validation of points and scalars:
+%Input-Validierung von Punkten und Skalar
-% describe clamping: https://neilmadden.blog/2020/05/28/whats-the-curve25519-clamping-all-about/
+% Clamping beschreiben: https://neilmadden.blog/2020/05/28/whats-the-curve25519-clamping-all-about/
 % Testing: inverse operations, blinded signature test
@ -219,7 +219,7 @@ Tests for deposit are implemented here:
 \begin{itemize}
    \item \url{/src/testing/test_exchange_api.c}: Add tests (see "struct TALER\_TESTING\_Command\ spend\_cs[]") that spend \gls{CSBS} coins withdrawn in tests added for withdrawal
    \item \url{/src/json/json_pack.c}: Implement \gls{CSBS} case in function TALER\_JSON\_pack\_denom\_sig
-\end{itemize}
+\end{itemize} 
 \section{Fixing a Minor Security Issue in Taler's RSA Blind Signature Protocols}
 \label{sec:taler-vuln}
@ -230,7 +230,7 @@ The issue was only in the implementation of the current RSA Blind Signature prot
 \label{sec:taler-vuln-desc}
 The redesigned \gls{CSBS} protocols already include the denomination key in the nonce check, which fixes this issue (see \ref{sec:withdraw-protocol-schnorr}).
-In the case of \gls{RSABS}, the current protocol includes an \gls{idempotence} check by persisting the hash value of the blinded coin $m'$.
+In the case of \gls{RSABS}, the current protocol includes an \gls{idempotence} check by persisting the hash value of the blinded coin $m'$. 
 On a withdrawal/refresh the \gls{idempotence} check compares if the hash value of $m'$ was seen in the past and returns the 'old' signature on a match.
 This could lead to the following scenario:
@ -277,7 +277,7 @@ After discussing this issue with Christian Grothoff, the conclusion was to inclu
        return GNUNET_OK;
      case TALER_DENOMINATION_CS:
      ...
-
+    
 \end{lstlisting}
 The issue is fixed by adding a hash of the current denomination key into the calculation of the hash used in the \gls{idempotence} check.
@ -295,7 +295,7 @@ The applied fix can be seen in listing \ref{lst:fixed-idempotence}.
        {
          struct GNUNET_HashContext *hash_context;
          hash_context = GNUNET_CRYPTO_hash_context_start ();
-
+    
          GNUNET_CRYPTO_hash_context_read (hash_context,
                                           &denom_hash->hash,
                                           sizeof(denom_hash->hash));
@ -312,7 +312,7 @@ The applied fix can be seen in listing \ref{lst:fixed-idempotence}.
        {
          struct GNUNET_HashContext *hash_context;
          hash_context = GNUNET_CRYPTO_hash_context_start ();
-
+    
          GNUNET_CRYPTO_hash_context_read (hash_context,
                                           &denom_hash->hash,
                                           sizeof(denom_hash->hash));
--- a/doc/cs/content/5_discussion.tex
+++ b/doc/cs/content/5_discussion.tex
@ -57,7 +57,7 @@ This section compares how the two schemes perform regarding CPU usage, latency,
 Clause Schnorr has fixed key sizes with 256 bits (32 bytes), which we compare against different RSA key sizes (1024, 2048, 3072 and 4096 bits).
 In terms of security, \gls{CSBS} 256 bit keys could be compared to 3072 bit RSA keys (see \url{https://www.keylength.com/} for more information).
-\subsection{CPU Usage}
+\subsection{CPU Usage}  
 Various benchmarks were made on different CPU architectures.
 This section discusses the main results, detailed information about the performance comparison can be found in appendix \ref{chap:app-perf}.
 We thank the Taler team for providing measurements from additional systems and architectures.
@ -75,7 +75,7 @@ Signing and blinding operations are much faster in \gls{CSBS}, also \gls{CSBS} s
 \begin{bfhBox}[BFH-MediumBlue]{Setup}
 	CPU: 8-core AMD Ryzen 7 PRO 5850U \\
    OS: Ubuntu 21.10 Linux 5.13.0-25-generic \#26-Ubuntu SMP Fri Jan 7 15:48:31 UTC 2022 x86\_64 x86\_64 x86\_64 GNU/Linux \\
-    libsodium version: 1.0.18-1build1 \\
+    libsodium version: 1.0.18-1build1 \\ 
    libgcrypt version: 1.8.7-5ubuntu2 \\\\
    Benchmarks with other hardware setups can be found in appendix \ref{chap:app-perf}.
 \end{bfhBox}
@ -112,7 +112,7 @@ RSA 1024 is in some situations faster than the \gls{CSBS} implementation.
 Note that 1024 bit keys are not recommended for many use cases, but the highest currently known RSA factorization done is 829 bits \cite{enwiki:1055393696}.
 The following section \ref{sec:disc-risk} explains the risk running RSA 1024 or \gls{CSBS} denominations further.\\
 The blind and unblind operations are running in a wallet implementation, therefore the comparison with RSA 1024 is very interesting for devices with less CPU power.
-Comparison of such hardware can be found in appendix \ref{chap:app-perf}, these comparison results come to the same conclusion.\\
+Comparison of such hardware can be found in appendix \ref{chap:app-perf}, these comparison results come to the same conlcusion.\\
 Although RSA 1024 bit is much faster in the blinding operation, \gls{CSBS} still perform better when calculating the blinding and unblinding operations together.
 \gls{CSBS} unblinding computes only an addition of two scalars $s + \alpha \mod p$, while RSA computes $s * r^{-1}$.
 To conclude, \gls{CSBS} are faster than RSA 1024 bit and provide a better level of security.
@ -205,7 +205,7 @@ The disk space comparison for a wallet can be found in \ref{tab:comp-wallet-spac
    These are theoretical calculations, implementations may choose to persist additional values.
 \end{bfhWarnBox}
 The reasons that \gls{CSBS} use less bandwidth is mostly because the signature/key sizes are much smaller.
-The bandwidth improvements for the \texttt{/keys} API is the same as specified in the table with disk space comparison \ref{tab:comp-sign-space}.
+The bandwith improvements for the \texttt{/keys} API is the same as specified in the table with disk space comparison \ref{tab:comp-sign-space}.
 For \gls{CSBS} many calculations are performed twice, therefore also two values are submitted.
 Table \ref{tab:comp-band-withd} compares the bandwidth used in a withdrawal.
 The 32 byte values $2 * n_w, 2 * D_p, R_0, R_1, s,W_p, c_0, c_1, \sigma_W$ as well as an integer $b$ are transmitted for \gls{CSBS}.\\
@ -222,14 +222,14 @@ Depending on the hash size another 32 byte (or 64 byte) value is transmitted.
    \setupBfhTabular
    \begin{tabular}{lccr}
        \rowcolor{BFH-tablehead}
-        \textbf{Signature Scheme} & \textbf{Bandwidth used} & \textbf{Factor} & \textbf{1M coins}\\\hline
+        \textbf{Signature Scheme} & \textbf{Bandwith used} & \textbf{Factor} & \textbf{1M coins}\\\hline
        CS 256 bits & 356 bytes & 1x & 324 MB\\\hline
        RSA 1024 bit & 448 bytes & 1.3x & 448 MB \\\hline
        RSA 2048 bit & 832 bytes & 2.5x & 832 MB\\\hline
        RSA 3072 bit & 1216 bytes & 3.75x & 1216 MB\\\hline
        RSA 4096 bit & 1600 bytes & 4.9x & 1600 MB\\\hline
    \end{tabular}
-    \caption{Bandwidth comparison withdrawal}
+    \caption{Bandwith comparison withdrawal}
    \label{tab:comp-band-withd}
 \end{table}
--- a/doc/cs/content/6_conclusion.tex
+++ b/doc/cs/content/6_conclusion.tex
@ -25,8 +25,8 @@ The thesis provides several results to add support for Schnorr's blind signature
    \end{itemize}
    \item Comparison and Analysis
    \begin{itemize}
-        \item Performance (speed, space, latency \& bandwidth)
+        \item Performance (speed, space, latency \& bandwith)
-        \item Security
+        \item Security 
        \item Scheme Comparison
    \end{itemize}
    \item Fixing a minor security issue in Taler's current protocols
@ -47,7 +47,7 @@ This section provides an outlook on what can be done in future work.
    \item Evaluating \& implementing \gls{CSBS} on other curves
 \end{itemize}
-There are some remaining protocols to implement, which were out of scope for this thesis.
+There are some remaining protocols to implement, which were out of scope for this thesis. 
 To run \gls{CSBS} in production, these protocols have to be implemented too.
 Further, the merchant needs to support \gls{CSBS} too.
 The merchant implementation can be done fast, as the merchant only verifies denomination signatures in most cases. \\
@ -58,7 +58,7 @@ A security audit should always be made when implementing big changes like these.
 As mentioned in the scope section, the optional goal to find and implement a good solution for the withdraw loophole was dropped.
 This was due to the scope shift and because the analysis of the problem showed that finding a good solution needs more research and is a whole project in itself (see \ref{sec:scope} for more information).\\
 Furthermore, \gls{CSBS} could be implemented on other curves.
-For example Curve448 \cite{cryptoeprint:2015:625} could be used, as it provides 224 bits of security, whereas \gls{25519} \cite{bern:curve25519} provides about 128 bits of security.
+For example Curve448 \cite{cryptoeprint:2015:625} could be used, as it provides 224 bits of security, wheras \gls{25519} \cite{bern:curve25519} provides about 128 bits of security.
 Curve secp256k1 could further improve \gls{CSBS} performance.
 While providing support for Curve448 should not be problematic, a potential implementation for secp256k1 needs further analysis (see \cite{bernlange:safecurves} and \cite{bip:schnorr-bitc} for more information).
@ -67,4 +67,4 @@ This thesis includes understanding, analyzing, integrating and implementing a re
 Furthermore, the implementation is done in Taler, an intuitive and modern solution for a social responsible payment system with high ethical standards.
 Although there was a lot of work, we enjoyed working on such a modern and very interesting topic.
 Especially the first successful signature verification and the signature scheme performance benchmarks motivated us to push the implementation and integration into Taler forward.\\
-We are happy to provide an implementation of a modern scheme and making it available as free software.
+We are happy to provide an implementation of a modern scheme and making it available as free software.
--- a/doc/doxygen/taler.doxy
+++ b/doc/doxygen/taler.doxy
@ -153,8 +153,7 @@ EXCLUDE_PATTERNS       = */test_* \
                         */.git/* \
                         */perf_* .* \
                         .* \
-                         */gnu-taler-error-codes/* \
+                         */gnu-taler-error-codes/*
                         */src/templating/mustach*
 EXCLUDE_SYMBOLS        =
 EXAMPLE_PATH           =
 EXAMPLE_PATTERNS       = *
--- a/Show More
+++ b/Show More
		`@ -1 +1 @@`
			`Subproject commit bd4e73b2ed06269fdee42eaad21acb5be8be9302`				`Subproject commit 24eb905bac48869b4184801571c0728c772b299c`