misc edits based on Neal's comments
This commit is contained in:
Christian Grothoff
parent
adb08692f5
commit
35acc3dcf9
@ -1022,19 +1022,19 @@ similar risks of losing cash in a physical wallet. Unlike physical
|
|||||||
wallets, Taler's wallet could be backed up to secure against loss of a
|
wallets, Taler's wallet could be backed up to secure against loss of a
|
||||||
device.
|
device.
|
||||||
|
|
||||||
Taler's contracts do provide a degree of protection for customers
|
Taler's contracts provide a degree of protection for customers,
|
||||||
because they are signed by the merchant and retained by the wallet:
|
because they are signed by the merchant and retained by the wallet.
|
||||||
while they mirror the paper receipts that customers may receive in
|
While they mirror the paper receipts that customers receive in
|
||||||
physical stores, Taler's cryptographically signed contracts ought to
|
physical stores, Taler's cryptographically signed contracts ought to
|
||||||
carry more weight in courts than typical paper receipts.
|
carry more weight in courts than typical paper receipts.
|
||||||
|
|
||||||
Point-of-sale systems providing printed receipts have been compromised
|
Point-of-sale systems providing printed receipts have been compromised
|
||||||
in the past by merchants to embezzle sales
|
in the past by merchants to embezzle sales
|
||||||
taxes.~\cite{munichicecream} With Taler, the merchant still generates
|
taxes.~\cite{munichicecream} With Taler, the merchant still generates
|
||||||
a receipt for the customer; however, the record for the tax
|
a receipt for the customer, however, the record for the tax
|
||||||
authorities ultimately is anchored with the exchange's wire transfer
|
authorities ultimately is anchored with the exchange's wire transfer
|
||||||
to the merchant. Using the subject of the wire transfer, the state
|
to the merchant. Using the subject of the wire transfer, the state
|
||||||
can trace the payments and request the merchant to provide
|
can trace the payments and request the merchant provide
|
||||||
cryptographically matching contracts. Thus, this type of tax
|
cryptographically matching contracts. Thus, this type of tax
|
||||||
fraud is no longer possible, which is why we call Taler {\em
|
fraud is no longer possible, which is why we call Taler {\em
|
||||||
taxable}. The mere threat of the state sometimes tracing transactions
|
taxable}. The mere threat of the state sometimes tracing transactions
|
||||||
@ -1051,7 +1051,7 @@ real money on their bank accounts}. To ensure that the exchange operator
|
|||||||
does not embezzle these funds, Taler expects exchange operators to be
|
does not embezzle these funds, Taler expects exchange operators to be
|
||||||
regularly audited by an independent auditor\footnote{Auditors are typically
|
regularly audited by an independent auditor\footnote{Auditors are typically
|
||||||
run by financial regulatory bodies of states}. The auditor can then verify that the incoming and outgoing
|
run by financial regulatory bodies of states}. The auditor can then verify that the incoming and outgoing
|
||||||
transactions and the current balance of the exchange match the logs
|
transactions, and the current balance of the exchange matches the logs
|
||||||
with the cryptographically secured transaction records.
|
with the cryptographically secured transaction records.
|
||||||
|
|
||||||
|
|
||||||
@ -1069,16 +1069,16 @@ coins from. We mitigate this problem by allowing merchants to
|
|||||||
support all exchanges audited by a particular auditor. We believe
|
support all exchanges audited by a particular auditor. We believe
|
||||||
this a reasonable approach, because auditors and merchants must
|
this a reasonable approach, because auditors and merchants must
|
||||||
operate with a particular legal and financial framework anyways. We
|
operate with a particular legal and financial framework anyways. We
|
||||||
note that a similar failure mode exists with credit cards, where not
|
note that a similar failure mode exists with credit cards where not
|
||||||
all merchants accept all issuers, especially internationally.
|
all merchants accept all issuers, which is often the case internationally.
|
||||||
|
|
||||||
\item
|
\item
|
||||||
Restoring the Taler wallet state from previous backups, or copying the
|
Restoring the Taler wallet state from previous backups, or copying the
|
||||||
wallet state to a new machine, may cause honest users to attempt to
|
wallet state to a new machine may cause honest users to attempt to
|
||||||
double spend coins, as the wallet does not know when coins are spent
|
double spend coins, as the wallet does not know when coins are spent
|
||||||
between backup and recovery. In this case, the exchange provides
|
between backup and recovery. In this case, the exchange provides
|
||||||
cryptographic proof that the coins were previously spent, so the
|
cryptographic proof to the wallet that the coins were previously spent so the
|
||||||
wallet can verify that the exchange and merchant are behaving honestly.
|
wallet can verify that the exchange and the merchant are behaving honestly.
|
||||||
|
|
||||||
% FIXME FIXME: the following paragraph seems to describe a scenario where the
|
% FIXME FIXME: the following paragraph seems to describe a scenario where the
|
||||||
% wallet lost coins due to a restore from backup and then ask for refresh
|
% wallet lost coins due to a restore from backup and then ask for refresh
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user