diff options
author | Christian Grothoff <christian@grothoff.org> | 2021-10-16 19:23:59 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2021-10-16 19:23:59 +0200 |
commit | c603e6d873a95d7545bf7addb565b465ab1afcec (patch) | |
tree | 264a65e4f5e68c3370221b863c4331d9b626acd2 /design-documents | |
parent | b156b9f069babf4860943dd54541120b8cf3e455 (diff) | |
download | docs-c603e6d873a95d7545bf7addb565b465ab1afcec.tar.gz docs-c603e6d873a95d7545bf7addb565b465ab1afcec.tar.bz2 docs-c603e6d873a95d7545bf7addb565b465ab1afcec.zip |
new configuration option: wallet balance threshold
Diffstat (limited to 'design-documents')
-rw-r--r-- | design-documents/023-taler-kyc.rst | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/design-documents/023-taler-kyc.rst b/design-documents/023-taler-kyc.rst index 3e67bff2..a2fc3c75 100644 --- a/design-documents/023-taler-kyc.rst +++ b/design-documents/023-taler-kyc.rst @@ -87,6 +87,27 @@ The aggregator is modified to only SELECT deposits where the ``wire_target`` has the KYC status set to positive (unless KYC is disabled in the exchange configuration). +To allow the wallet to do the KYC check if it is about to exceed a set balance +threshold, we modify the ``/keys`` response to add a optional field +``wallet_balance_limit_without_kyc`` the wallet is allowed to hold in coins +from this exchange without KYC. If this field is absent, there is no limit. +If the field is provided, a correct wallet must create a long-term +account-reserve key pair. This should be the same key that is also used to +receive wallet-to-wallet payments. Then, before a wallet performs an operation +that would cause it to exceed the balance threshold in terms of funds held +from a particular exchange, it must first request the user to complete the KYC +process. + +For that, it should POST to the new ``/wallet-kyc`` endpoint, providing its +long-term reserve-account public key and a signature requesting permission to +exceed the account limit. The exchange will respond with a wire target +UUID. The wallet can then use this UUID to being the KYC process at +``/kyc-check/``. The wallet must only proceed to obtain funds exceeding the +threshold after the KYC process has concluded. While wallets could be "hacked" +to bypass this measure (we cannot cryptographically enforce this), such +modifications are a terms of service violation which may have legal +consequences for the user. + ..note:: |