From 955ef7261224effae711b029cd7690421e63fc41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96zg=C3=BCr=20Kesim?= Date: Sun, 30 Oct 2022 15:36:27 +0100 Subject: [PATCH] auction done. v1 ready --- m4/ngi-ap3-m4-report.tex | 147 ++++++++++++++++++++++++++++++++++++--- 1 file changed, 138 insertions(+), 9 deletions(-) diff --git a/m4/ngi-ap3-m4-report.tex b/m4/ngi-ap3-m4-report.tex index 1610aee..28a1084 100644 --- a/m4/ngi-ap3-m4-report.tex +++ b/m4/ngi-ap3-m4-report.tex @@ -311,11 +311,12 @@ content of the mentioned website with recommended concepts of youth protection. GNU Taler is going to be evaluated for the category ``holistic youth protection concept''. The KJM uses this category only for concepts that are widely -accessible to the public and do not only serve a closed user group -(closed user group means: access to content or goods is granted only after age -verification by presenting an official ID card, driving licenses or the -like---which is endangering privacy, data security, and informational -self-determination). +accessible to the public and \textit{do not} serve a closed user group. Here, +\textit{serving a closed user group} means granting access to content or goods +only after ID-based verification of the membership in a particular group, such +as: proof of belonging to a certain age-group by presenting an official ID +card, driving licenses or the like---a type of verification which is +endangering privacy, data security, and informational self-determination. \subsection{Future Works} @@ -569,15 +570,143 @@ locations under \url{https://git.taler.net/wallet-core.git/tree/packages/} \newpage \section{Brandt-Vickrey Auctions} -\TODO{} +\href{https://pub.dss.in.tum.de/brandt-research/ijis2006.pdf}{In 2006, Felix +Brandt} designed cryptographic Vickrey-style auction protocols that only yield +the winners’ identities and the selling price. Losing bidders learn no +information at all, except that they lost. This approach does not rely on +trusted third parties, e.g., auctioneers or---in our case---the payment service +provider. +\href{https://grothoff.org/christian/teich2017ms.pdf}{In 2017, Marcus Teich} +updated the cryptographic primitives in the Brandt-Vickrey protocols to use +elliptic curves and provided an implementation in +\url{https://git.gnunet.org/libbrandt.git/}. + +Based on that work, we implemented a Proof-of-Concept for \textsc{NGI Pointer} +of conditional payments in GNU Taler in the form of sealed-bid auctions of type +Brandt-Vickrey: + +Bidders put coins in escrow with the exchange in order to participate in a +particular auction. The coins are locked and can only be unlocked by timeout +or by winning the auction. After successfully running the Brandt-Vickrey +auction, the seller has to provide the transcript of all (signed) messages +received from all bidders. The exchange then replays the transcript and +determines the winning bidder(s) and price(s) and pays the seller accordingly. +Non-winning coins and rest amounts can be claimed by the bidders. + \subsection{Technical details} -\TODO{} + +We designed and implemented a general framework for conditional payments with +GNU Taler---so-called \textit{policies}. Our proof-of-concept of sealed-bid +auction support is implemented as an policy extension to GNU Taler. In +particular, we implemented the following parts: + +\begin{description} + \item[Transcript generation:] \texttt{libbrandt} has been extended to + generate a transcript of the auction including all + cryptographically signed messages from all bidders in + JSON-encoding. + + \item[Transcript replay:] An external program to replay a transcript + has been implemented as part of \texttt{libbrandt}. It + consumes transcript of an auction in JSON-encoding, generates + an Brandt-Vickrey-auction and replays all provided messages. + On success, it returns the winning bidder(s) and price(s) + according the transcript. + + \item[Policy extension for auctions:] A policy extension for GNU Taler + has been implemented that handles deposit requests with set + policy of type \texttt{\small + policy\_brandt\_vickrey\_auction}. It locks the coins and + persists the policy details under a hash-code, that it + generates by calculating the hash $H(h_a || p_b)$, where $h_a$ + is the hash of the auction meta data and $p_b$ is the public + key of the bidder. Both parameters are part of the policy + structure provided during a deposit. + + \item[POST handler for auction transcripts:] A POST handler for the + policy extension of that type has been implemented that expects + a valid transcript of a Brandt-Vickrey-auction. It uses the + external program to perform a replay of the auction and + determine the winning bidder(s) and price(s). Based on the + outcome information, the exchange unlocks the corresponding + winning coins' value for transfer to the seller---minus an + auction fee---and the rest value of all coins for refresh. + +\end{description} + + \subsection{Future Works} -\TODO{} + +For a fully functional and maintainable solution, further development is needed +in the following areas: + +\begin{description} + +\item[libbrandt upgrade:] The code base of this library is from 2017 and doesn't + compile with the latest version of + \href{https://git.gnunet.org/gnunet.git}{GNUnet}. It also + uses \href{https://gnupg.org/software/libgcrypt/index.html}% + {\ttfamily libgcrypt} as cryptographic library, which is quite + slow compared to its modern alternative + \href{https://doc.libsodium.org/}{\ttfamily libsodium}, at + least with respect to the primitives used in libbrandt. + For future work we plan to refactor libbrandt to use libsodium + and the current version of GNUnet. + +\item[Brandt-Vickrey-auction continuation:] The current code is a + proof-of-concept. The following known problem exist: + \begin{itemize} + \item Signature verification of the transcript and its messages + is missing + \item Unit- and integration-tests with the exchange are missing + \item A fully featured auction(er) system, including billboard + and client software, is missing. + \end{itemize} + + We will address at least the first two issues and plan to + address the lack of an auction system once we find volunteers + and funding for it. + +\item[Policy framework continuation:] Based on the current design of policy + extensions for deposit---aka conditional payments---we plan to add + following policy extensions to the GNU Taler exchange: + \begin{itemize} + \item{\itshape Merchant refunds:} Merchant can grant customers refundable + payments. Right now, this policy is implicit and optional in + the usual deposit-flow. Future work on Taler will lift + this into a policy-extension. + + \item{\itshape Escrowed payments:} A trustor puts coins into escrow + with the exchange. It can be claimed by a beneficiary until a + certain deadline, when the claim is signed by + both, the beneficiary’s and the trustor’s keys. + \end{itemize} + +\end{description} + \subsection{Links} -\TODO{} +\begin{description} + \item[Changes to libbrandt:] + \href{https://git.kesim.org/oec/libbrandt/src/branch/transcript/test\_brandt.c}{\ttfamily test\_brandt.c} + has been extended to generate and print a transcript in JSON + encoding for each auction. The new file + \href{https://git.kesim.org/oec/libbrandt/src/branch/transcript/replay.c}{\ttfamily + replay.c} implements a standalone program to replay an auction. + \item[Changes to the Exchange:] + The changes to the exchange can be found at\\ + \url{https://git.kesim.org/taler/exchange/src/branch/auction\_brandt/},\\ + in particular: + \begin{description} + \item[\href{https://git.kesim.org/taler/exchange/src/branch/auction\_brandt/src/extensions/policy\_brandt\_vickrey\_auction/policy\_brandt\_vickrey\_auction.c\#L767-L821}{\ttfamily auction\_create\_policy\_details}] + This implements the {\ttfamily create\_policy\_details} + function of the policy extension interface. + \item[\href{https://git.kesim.org/taler/exchange/src/branch/auction\_brandt/src/extensions/policy\_brandt\_vickrey\_auction/policy\_brandt\_vickrey\_auction.c\#L694-L764}{\ttfamily auction\_policy\_post\_handler}] + This implements the {\ttfamily policy\_post\_handler} function + of the policy extension interface. + \end{description} +\end{description} \newpage