4 files changed, 153 insertions, 25 deletions
diff --git a/packages/taler-util/src/MerchantApiClient.ts b/packages/taler-util/src/MerchantApiClient.ts
index cbdcb9fdf..ccbbf79b3 100644
--- a/packages/taler-util/src/MerchantApiClient.ts
+++ b/packages/taler-util/src/MerchantApiClient.ts
@@ -14,6 +14,7 @@
  GNU Taler; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
  */
 
+import { codecForAny } from "./codec.js";
 import {
   createPlatformHttpLib,
   expectSuccessResponseOrThrow,
@@ -221,7 +222,7 @@ export class MerchantApiClient {
     const resp = await this.httpClient.fetch(url.href, {
       headers: this.makeAuthHeader(),
     });
-    return resp.json();
+    return readSuccessResponseJsonOrThrow(resp, codecForAny());
   }
 
   async getInstanceFullDetails(instanceId: string): Promise<any> {
diff --git a/packages/taler-util/src/taler-crypto.ts b/packages/taler-util/src/taler-crypto.ts
index cc9c706ba..de5be71a1 100644
--- a/packages/taler-util/src/taler-crypto.ts
+++ b/packages/taler-util/src/taler-crypto.ts
@@ -392,7 +392,7 @@ function csKdfMod(
 // Newer versions of node have TextEncoder and TextDecoder as a global,
 // just like modern browsers.
 // In older versions of node or environments that do not have these
-// globals, they must be polyfilled (by adding them to globa/globalThis)
+// globals, they must be polyfilled (by adding them to global/globalThis)
 // before stringToBytes or bytesToString is called the first time.
 
 let encoder: any;
@@ -693,7 +693,7 @@ export async function csBlind(
  * Unblind operation to unblind the signature
  * @param bseed seed to derive secrets
  * @param rPub public R received from /csr
- * @param csPub denomination publick key
+ * @param csPub denomination public key
  * @param b returned from exchange to select c
  * @param csSig blinded signature
  * @returns unblinded signature
@@ -721,7 +721,7 @@ export async function csUnblind(
  * Verification algorithm for CS signatures
  * @param hm message signed
  * @param csSig unblinded signature
- * @param csPub denomination publick key
+ * @param csPub denomination public key
  * @returns true if valid, false if invalid
  */
 export async function csVerify(
@@ -844,8 +844,7 @@ export function hashDenomPub(pub: DenominationPubKey): Uint8Array {
     return hash(uint8ArrayBuf);
   } else {
     throw Error(
-      `unsupported cipher (${
-        (pub as DenominationPubKey).cipher
+      `unsupported cipher (${(pub as DenominationPubKey).cipher
       }), unable to hash`,
     );
   }
@@ -1023,7 +1022,7 @@ export enum WalletAccountMergeFlags {
 export class SignaturePurposeBuilder {
   private chunks: Uint8Array[] = [];
 
-  constructor(private purposeNum: number) {}
+  constructor(private purposeNum: number) { }
 
   put(bytes: Uint8Array): SignaturePurposeBuilder {
     this.chunks.push(Uint8Array.from(bytes));
diff --git a/packages/taler-util/src/taler-types.ts b/packages/taler-util/src/taler-types.ts
index 17900129c..8a0608008 100644
--- a/packages/taler-util/src/taler-types.ts
+++ b/packages/taler-util/src/taler-types.ts
@@ -1972,42 +1972,58 @@ export interface ExchangeAgeWithdrawRevealResponse {
   ev_sigs : BlindedDenominationSignature[];
 }
 
-export interface DepositSuccess {
+interface DepositConfirmationSignature {
+  // The EdDSA signature of `TALER_DepositConfirmationPS` using a current
+  // `signing key of the exchange <sign-key-priv>` affirming the successful
+  // deposit and that the exchange will transfer the funds after the refund
+  // deadline, or as soon as possible if the refund deadline is zero.
+  exchange_sig: EddsaSignatureString;
+}
+
+export interface BatchDepositSuccess {
   // Optional base URL of the exchange for looking up wire transfers
   // associated with this transaction.  If not given,
   // the base URL is the same as the one used for this request.
-  // Can be used if the base URL for /transactions/ differs from that
-  // for /coins/, i.e. for load balancing.  Clients SHOULD
-  // respect the transaction_base_url if provided.  Any HTTP server
+  // Can be used if the base URL for ``/transactions/`` differs from that
+  // for ``/coins/``, i.e. for load balancing.  Clients SHOULD
+  // respect the ``transaction_base_url`` if provided.  Any HTTP server
   // belonging to an exchange MUST generate a 307 or 308 redirection
   // to the correct base URL should a client uses the wrong base
   // URL, or if the base URL has changed since the deposit.
   transaction_base_url?: string;
 
-  // timestamp when the deposit was received by the exchange.
+  // Timestamp when the deposit was received by the exchange.
   exchange_timestamp: TalerProtocolTimestamp;
 
-  // the EdDSA signature of TALER_DepositConfirmationPS using a current
-  // signing key of the exchange affirming the successful
-  // deposit and that the exchange will transfer the funds after the refund
-  // deadline, or as soon as possible if the refund deadline is zero.
-  exchange_sig: string;
-
-  // public EdDSA key of the exchange that was used to
+  // `Public EdDSA key of the exchange <sign-key-pub>` that was used to
   // generate the signature.
-  // Should match one of the exchange's signing keys from /keys.  It is given
+  // Should match one of the exchange's signing keys from ``/keys``.  It is given
   // explicitly as the client might otherwise be confused by clock skew as to
   // which signing key was used.
-  exchange_pub: string;
+  exchange_pub: EddsaPublicKeyString;
+
+  // Array of deposit confirmation signatures from the exchange
+  // Entries must be in the same order the coins were given
+  // in the batch deposit request.
+  exchange_sigs: DepositConfirmationSignature[];
 }
 
-export const codecForDepositSuccess = (): Codec<DepositSuccess> =>
-  buildCodecForObject<DepositSuccess>()
+export const codecForDepositConfirmationSignature =
+  (): Codec<DepositConfirmationSignature> =>
+    buildCodecForObject<DepositConfirmationSignature>()
+      .property("exchange_sig", codecForString())
+      .build("DepositConfirmationSignature");
+
+export const codecForBatchDepositSuccess = (): Codec<BatchDepositSuccess> =>
+  buildCodecForObject<BatchDepositSuccess>()
     .property("exchange_pub", codecForString())
-    .property("exchange_sig", codecForString())
+    .property(
+      "exchange_sigs",
+      codecForList(codecForDepositConfirmationSignature()),
+    )
     .property("exchange_timestamp", codecForTimestamp)
     .property("transaction_base_url", codecOptional(codecForString()))
-    .build("DepositSuccess");
+    .build("BatchDepositSuccess");
 
 export interface TrackTransactionWired {
   // Raw wire transfer identifier of the deposit.
@@ -2231,6 +2247,9 @@ export interface ExchangePurseDeposits {
   deposits: PurseDeposit[];
 }
 
+/**
+ * @deprecated batch deposit should be used.
+ */
 export interface ExchangeDepositRequest {
   // Amount to be deposited, can be a fraction of the
   // coin's total value.
@@ -2293,6 +2312,67 @@ export interface ExchangeDepositRequest {
   h_age_commitment?: string;
 }
 
+export type WireSalt = string;
+
+export interface ExchangeBatchDepositRequest {
+  // The merchant's account details.
+  merchant_payto_uri: string;
+
+  // The salt is used to hide the ``payto_uri`` from customers
+  // when computing the ``h_wire`` of the merchant.
+  wire_salt: WireSalt;
+
+  // SHA-512 hash of the contract of the merchant with the customer.  Further
+  // details are never disclosed to the exchange.
+  h_contract_terms: HashCodeString;
+
+  // The list of coins that are going to be deposited with this Request.
+  coins: BatchDepositRequestCoin[];
+
+  // Timestamp when the contract was finalized.
+  timestamp: TalerProtocolTimestamp;
+
+  // Indicative time by which the exchange undertakes to transfer the funds to
+  // the merchant, in case of successful payment. A wire transfer deadline of 'never'
+  // is not allowed.
+  wire_transfer_deadline: TalerProtocolTimestamp;
+
+  // EdDSA `public key of the merchant <merchant-pub>`, so that the client can identify the
+  // merchant for refund requests.
+  merchant_pub: EddsaPublicKeyString;
+
+  // Date until which the merchant can issue a refund to the customer via the
+  // exchange, to be omitted if refunds are not allowed.
+  //
+  // THIS FIELD WILL BE DEPRICATED, once the refund mechanism becomes a
+  // policy via extension.
+  refund_deadline?: TalerProtocolTimestamp;
+
+  // CAVEAT: THIS IS WORK IN PROGRESS
+  // (Optional) policy for the batch-deposit.
+  // This might be a refund, auction or escrow policy.
+  policy?: any;
+}
+
+export interface BatchDepositRequestCoin {
+  // EdDSA public key of the coin being deposited.
+  coin_pub: EddsaPublicKeyString;
+
+  // Hash of denomination RSA key with which the coin is signed.
+  denom_pub_hash: HashCodeString;
+
+  // Exchange's unblinded RSA signature of the coin.
+  ub_sig: UnblindedSignature;
+
+  // Amount to be deposited, can be a fraction of the
+  // coin's total value.
+  contribution: Amounts;
+
+  // Signature over `TALER_DepositRequestPS`, made by the customer with the
+  // `coin's private key <coin-priv>`.
+  coin_sig: EddsaSignatureString;
+}
+
 export interface WalletKycUuid {
   // UUID that the wallet should use when initiating
   // the KYC check.
diff --git a/packages/taler-util/src/wallet-types.ts b/packages/taler-util/src/wallet-types.ts
index c6f19c73f..f7bd3d120 100644
--- a/packages/taler-util/src/wallet-types.ts
+++ b/packages/taler-util/src/wallet-types.ts
@@ -57,7 +57,9 @@ import {
   DenomKeyType,
   DenominationPubKey,
   ExchangeAuditor,
+  InternationalizedString,
   MerchantContractTerms,
+  MerchantInfo,
   PeerContractTerms,
   UnblindedSignature,
   codecForMerchantContractTerms,
@@ -2667,3 +2669,49 @@ export const codecForTestingSetTimetravelRequest =
     buildCodecForObject<TestingSetTimetravelRequest>()
       .property("offsetMs", codecForNumber())
       .build("TestingSetTimetravelRequest");
+
+export interface AllowedAuditorInfo {
+  auditorBaseUrl: string;
+  auditorPub: string;
+}
+
+export interface AllowedExchangeInfo {
+  exchangeBaseUrl: string;
+  exchangePub: string;
+}
+
+/**
+ * Data extracted from the contract terms that is relevant for payment
+ * processing in the wallet.
+ */
+export interface WalletContractData {
+  /**
+   * Fulfillment URL, or the empty string if the order has no fulfillment URL.
+   *
+   * Stored as a non-nullable string as we use this field for IndexedDB indexing.
+   */
+  fulfillmentUrl: string;
+
+  contractTermsHash: string;
+  fulfillmentMessage?: string;
+  fulfillmentMessageI18n?: InternationalizedString;
+  merchantSig: string;
+  merchantPub: string;
+  merchant: MerchantInfo;
+  amount: AmountString;
+  orderId: string;
+  merchantBaseUrl: string;
+  summary: string;
+  summaryI18n: { [lang_tag: string]: string } | undefined;
+  autoRefund: TalerProtocolDuration | undefined;
+  maxWireFee: AmountString;
+  wireFeeAmortization: number;
+  payDeadline: TalerProtocolTimestamp;
+  refundDeadline: TalerProtocolTimestamp;
+  allowedExchanges: AllowedExchangeInfo[];
+  timestamp: TalerProtocolTimestamp;
+  wireMethod: string;
+  wireInfoHash: string;
+  maxDepositFee: AmountString;
+  minimumAge?: number;
+}