auction done. v1 ready

This commit is contained in:
Özgür Kesim 2022-10-30 15:36:27 +01:00
parent 7ba95c6a9f
commit 955ef72612

View File

@ -311,11 +311,12 @@ content of the mentioned website with recommended concepts of youth protection.
GNU Taler is going to be evaluated for the category ``holistic youth protection
concept''. The KJM uses this category only for concepts that are widely
accessible to the public and do not only serve a closed user group
(closed user group means: access to content or goods is granted only after age
verification by presenting an official ID card, driving licenses or the
like---which is endangering privacy, data security, and informational
self-determination).
accessible to the public and \textit{do not} serve a closed user group. Here,
\textit{serving a closed user group} means granting access to content or goods
only after ID-based verification of the membership in a particular group, such
as: proof of belonging to a certain age-group by presenting an official ID
card, driving licenses or the like---a type of verification which is
endangering privacy, data security, and informational self-determination.
\subsection{Future Works}
@ -569,15 +570,143 @@ locations under \url{https://git.taler.net/wallet-core.git/tree/packages/}
\newpage
\section{Brandt-Vickrey Auctions}
\TODO{}
\href{https://pub.dss.in.tum.de/brandt-research/ijis2006.pdf}{In 2006, Felix
Brandt} designed cryptographic Vickrey-style auction protocols that only yield
the winners identities and the selling price. Losing bidders learn no
information at all, except that they lost. This approach does not rely on
trusted third parties, e.g., auctioneers or---in our case---the payment service
provider.
\href{https://grothoff.org/christian/teich2017ms.pdf}{In 2017, Marcus Teich}
updated the cryptographic primitives in the Brandt-Vickrey protocols to use
elliptic curves and provided an implementation in
\url{https://git.gnunet.org/libbrandt.git/}.
Based on that work, we implemented a Proof-of-Concept for \textsc{NGI Pointer}
of conditional payments in GNU Taler in the form of sealed-bid auctions of type
Brandt-Vickrey:
Bidders put coins in escrow with the exchange in order to participate in a
particular auction. The coins are locked and can only be unlocked by timeout
or by winning the auction. After successfully running the Brandt-Vickrey
auction, the seller has to provide the transcript of all (signed) messages
received from all bidders. The exchange then replays the transcript and
determines the winning bidder(s) and price(s) and pays the seller accordingly.
Non-winning coins and rest amounts can be claimed by the bidders.
\subsection{Technical details}
\TODO{}
We designed and implemented a general framework for conditional payments with
GNU Taler---so-called \textit{policies}. Our proof-of-concept of sealed-bid
auction support is implemented as an policy extension to GNU Taler. In
particular, we implemented the following parts:
\begin{description}
\item[Transcript generation:] \texttt{libbrandt} has been extended to
generate a transcript of the auction including all
cryptographically signed messages from all bidders in
JSON-encoding.
\item[Transcript replay:] An external program to replay a transcript
has been implemented as part of \texttt{libbrandt}. It
consumes transcript of an auction in JSON-encoding, generates
an Brandt-Vickrey-auction and replays all provided messages.
On success, it returns the winning bidder(s) and price(s)
according the transcript.
\item[Policy extension for auctions:] A policy extension for GNU Taler
has been implemented that handles deposit requests with set
policy of type \texttt{\small
policy\_brandt\_vickrey\_auction}. It locks the coins and
persists the policy details under a hash-code, that it
generates by calculating the hash $H(h_a || p_b)$, where $h_a$
is the hash of the auction meta data and $p_b$ is the public
key of the bidder. Both parameters are part of the policy
structure provided during a deposit.
\item[POST handler for auction transcripts:] A POST handler for the
policy extension of that type has been implemented that expects
a valid transcript of a Brandt-Vickrey-auction. It uses the
external program to perform a replay of the auction and
determine the winning bidder(s) and price(s). Based on the
outcome information, the exchange unlocks the corresponding
winning coins' value for transfer to the seller---minus an
auction fee---and the rest value of all coins for refresh.
\end{description}
\subsection{Future Works}
\TODO{}
For a fully functional and maintainable solution, further development is needed
in the following areas:
\begin{description}
\item[libbrandt upgrade:] The code base of this library is from 2017 and doesn't
compile with the latest version of
\href{https://git.gnunet.org/gnunet.git}{GNUnet}. It also
uses \href{https://gnupg.org/software/libgcrypt/index.html}%
{\ttfamily libgcrypt} as cryptographic library, which is quite
slow compared to its modern alternative
\href{https://doc.libsodium.org/}{\ttfamily libsodium}, at
least with respect to the primitives used in libbrandt.
For future work we plan to refactor libbrandt to use libsodium
and the current version of GNUnet.
\item[Brandt-Vickrey-auction continuation:] The current code is a
proof-of-concept. The following known problem exist:
\begin{itemize}
\item Signature verification of the transcript and its messages
is missing
\item Unit- and integration-tests with the exchange are missing
\item A fully featured auction(er) system, including billboard
and client software, is missing.
\end{itemize}
We will address at least the first two issues and plan to
address the lack of an auction system once we find volunteers
and funding for it.
\item[Policy framework continuation:] Based on the current design of policy
extensions for deposit---aka conditional payments---we plan to add
following policy extensions to the GNU Taler exchange:
\begin{itemize}
\item{\itshape Merchant refunds:} Merchant can grant customers refundable
payments. Right now, this policy is implicit and optional in
the usual deposit-flow. Future work on Taler will lift
this into a policy-extension.
\item{\itshape Escrowed payments:} A trustor puts coins into escrow
with the exchange. It can be claimed by a beneficiary until a
certain deadline, when the claim is signed by
both, the beneficiarys and the trustors keys.
\end{itemize}
\end{description}
\subsection{Links}
\TODO{}
\begin{description}
\item[Changes to libbrandt:]
\href{https://git.kesim.org/oec/libbrandt/src/branch/transcript/test\_brandt.c}{\ttfamily test\_brandt.c}
has been extended to generate and print a transcript in JSON
encoding for each auction. The new file
\href{https://git.kesim.org/oec/libbrandt/src/branch/transcript/replay.c}{\ttfamily
replay.c} implements a standalone program to replay an auction.
\item[Changes to the Exchange:]
The changes to the exchange can be found at\\
\url{https://git.kesim.org/taler/exchange/src/branch/auction\_brandt/},\\
in particular:
\begin{description}
\item[\href{https://git.kesim.org/taler/exchange/src/branch/auction\_brandt/src/extensions/policy\_brandt\_vickrey\_auction/policy\_brandt\_vickrey\_auction.c\#L767-L821}{\ttfamily auction\_create\_policy\_details}]
This implements the {\ttfamily create\_policy\_details}
function of the policy extension interface.
\item[\href{https://git.kesim.org/taler/exchange/src/branch/auction\_brandt/src/extensions/policy\_brandt\_vickrey\_auction/policy\_brandt\_vickrey\_auction.c\#L694-L764}{\ttfamily auction\_policy\_post\_handler}]
This implements the {\ttfamily policy\_post\_handler} function
of the policy extension interface.
\end{description}
\end{description}
\newpage