Commit Graph

4121 Commits

Author SHA1 Message Date
Jeffrey Burdges
ec3604261d
Actualy this part has nothing to do with BOLT being fragile 2017-08-29 14:19:52 +02:00
Jeffrey Burdges
c3752e8c96
Rephrase BOLT fix 2017-08-29 13:44:31 +02:00
Jeffrey Burdges
541256ca99
Merge branch 'master' of ssh://taler.net/wallet-webex 2017-08-29 13:41:58 +02:00
Jeffrey Burdges
33edef30ac
Errata: Statement about BOLT corrected
Discussion :

Christian & Florian,

This is about the UI paper in SPACE, not the protocol paper with real
crypto discussions.  And the text in question never existed in the
protocol paper.

Ian,

I'm the member of our team who looked into BOLT the most, mostly looking
to see if any of the ideas helped us.  I might manage to reconstruct
more details later, but right now my description there sounds bizarre
and wrong.

In Taler, our denomination key expirations limit the exchange's
liability to double its deposits, even in the case that its private keys
are all compromised and used to create unbacked coins.  In practice,
offline ecash schemes lack this limit due to their decreased ability to
rotate denomination keys.

I do not see why I wrote that BOLT lacked this property:  If I recall,
both BOLT payment channel types are created with fixed initial value
commitments.  In particular, intermediaries have already committed the
maximum funds they could transfer to each merchant.

That would prevent unbacked transfers in the payment channel, and thus
limit liability, even when the intermediary gets compromised.  There is
an anonymity cost if BOLT's approach limits the number of users in
payment channels with each intermediary of course.

I do not know if a compromised BOLT intermediary could complete payments
to merchants while refunding customers, but even if so that's still not
the sort of "unlimited" liability you get in offline ecash schemes.
It's just the sort of 2x limit on liability that Taler provides.

In BOLT, the x would be value committed to outgoing channels, while in
Taler x is value deposited by customers, so I suppose the intermediary
could technically be robbed of their money without seeing any incoming
money.  That's not "unlimited" though.  It's limited by the
intermediary's commitments to the network.

I doubt I even thought about it this deeply though when I wrote that.  I
think once-upon-a-time I wanted to express some vague concern around
intermediaries and anonymity sets in BOLT, but never thought about it
clearly, and later managed to confuse myself with conventional ecash
issues when discussing related work with Christian while we were writing
this usability paper.

Sorry for writing what appears to be nonsense!
Jeff

On Mon, 2017-08-28 at 21:10 +0200, Christian Grothoff wrote:
>
> -------- Forwarded Message --------
> Subject:      bolt attack?
> Date:         Mon, 28 Aug 2017 18:49:43 +0000
> From:         Ian Miers <imiers@cs.jhu.edu>
> To:   christian@grothoff.org <christian@grothoff.org>
>
>
>
> Hi,
> Someone pointed me at a copy of your  Taler paper from 2016 and pointed
> out  that  it  describes Bolt  saying there  "are numerous seemingly
> fragile aspects of the BOLT protocol, including aborts deanonymizing
> customers, *intermediaries risking unlimited losses,* and theft if a
> party fails to post a refute message in a timely fashion."
>
> The unlimited loss to intermediaries  comment  surprised both them and
> me.  Are you referring to some specific attack or an issue involving
> timeouts and  delays?
>
> Thanks,
> Ian
2017-08-29 13:41:16 +02:00
Florian Dold
52ebba90d6
version bump: 0.4.0-pre1 2017-08-27 23:10:15 +02:00
Florian Dold
43575b5919
show error in create reserve dialog 2017-08-27 06:47:13 +02:00
Florian Dold
b47522c11b
proper rounding for amount operations 2017-08-27 05:57:39 +02:00
Florian Dold
63914ab53b
make sure that refreshing works after refund 2017-08-27 05:42:46 +02:00
Florian Dold
ccc6d82242
canonicalize account info JSON when collecting them 2017-08-27 04:35:24 +02:00
Florian Dold
665e88c72b
node_modules 2017-08-27 04:19:34 +02:00
Florian Dold
24181bdf20
better error report / retry prompt for failed payments 2017-08-27 04:19:11 +02:00
Florian Dold
8697efd2c8
implement refunds 2017-08-27 03:56:19 +02:00
Florian Dold
21c176a69e
add rudimentary error reporting in a new tab 2017-08-25 18:08:37 +02:00
Florian Dold
bf70e752b6
remove file 2017-08-14 05:05:35 +02:00
Florian Dold
363723fc84
node_modules 2017-08-14 05:02:09 +02:00
Florian Dold
5634e77ad9
fix build system / types 2017-08-14 04:59:43 +02:00
Florian Dold
d5bba630a3
implement returning coins to user's account 2017-08-14 04:16:12 +02:00
Florian Dold
419a05e801
fix errors in injection
Sometimes chrome reports a different URL for a tab than what it is
internally displaying (e.g. for error pages).  Previously this lead to a
"scary" error message being logged.
2017-08-09 16:51:25 +02:00
Florian Dold
1f8c3af5f9
do not swallow errors 2017-07-20 04:16:50 +02:00
Florian Dold
a8bd05298e
Store bank account information for reserve.
Fixes #4852.
2017-07-20 02:17:55 +02:00
Marcello Stanisci
8d5b1e539b
fix #5112 2017-07-19 22:05:45 +02:00
Marcello Stanisci
f31c6d0190
Option to show the browser in selenium test; useful to debug. 2017-07-19 14:36:29 +02:00
Christian Grothoff
76d2def563
consider client age in commpatibility check 2017-07-01 14:08:16 +02:00
Marcello Stanisci
fc02e229d9
Fix #5095. 2017-06-28 20:58:22 +02:00
Marcello Stanisci
8fc959c3fa
Adapt screen scraped withdrawing to new bank interface. 2017-06-27 22:54:22 +02:00
Marcello Stanisci
9911335d43
README 2017-06-27 13:59:06 +02:00
Florian Dold
c5cab3af6f
fix 'make dist', add changelog, version numbers for 0.3 2017-06-06 14:20:41 +02:00
Florian Dold
21ea13250f
fix timer typo 2017-06-06 13:12:24 +02:00
Florian Dold
d283331285
wallet db version belongs with wallet, not webex 2017-06-05 03:36:33 +02:00
Florian Dold
2904591332
pretty reset page 2017-06-05 03:20:28 +02:00
Florian Dold
e95027f377
properly implement db resetting 2017-06-05 02:00:03 +02:00
Florian Dold
49949de808
don't also open history links in popup 2017-06-05 00:52:22 +02:00
Florian Dold
d18d220557
fix db dump page 2017-06-05 00:24:00 +02:00
Florian Dold
49e8833818
v0.2.8 2017-06-04 20:25:35 +02:00
Florian Dold
00b25fa66a
check trust by key, not by URL 2017-06-04 20:25:28 +02:00
Florian Dold
2cf33705c8
warn about incompatible versions on withdraw 2017-06-04 20:16:09 +02:00
Florian Dold
2b1e88737f
v0.2.7 2017-06-04 19:41:43 +02:00
Florian Dold
55a1b25ea2
Add libtool version comparison module and tests 2017-06-04 19:27:50 +02:00
Florian Dold
4d70795c98
v0.2.6 2017-06-04 18:46:48 +02:00
Florian Dold
8edbf426f7
nicer auditor display on withdraw 2017-06-04 18:46:32 +02:00
Florian Dold
c88bcce998
some UI fixes 2017-06-04 17:56:55 +02:00
Florian Dold
e0e496b878
memidb work in progress 2017-06-04 17:42:30 +02:00
Florian Dold
84c2a0ee93
missing property 2017-06-03 21:06:23 +02:00
Florian Dold
8c215a19d7
remove unnecessary/broken flatmap 2017-06-03 21:00:15 +02:00
Florian Dold
73bcf22ebf
don't uglify, since it makes source maps too big 2017-06-03 20:48:26 +02:00
Florian Dold
07a84844db
remove obsolete header 2017-06-03 20:33:22 +02:00
Florian Dold
eaa1c7b2f8
v0.2.5 2017-06-02 02:51:40 +02:00
Florian Dold
a425f289a4
fix display of contract terms rendering when already paid 2017-06-02 02:51:17 +02:00
Florian Dold
a6035dd4c7
do presence announcement only after complete page load 2017-06-02 02:14:40 +02:00
Florian Dold
29b107f937
fix terminology, better types 2017-06-01 18:46:07 +02:00