Merge branch 'dd13'

2 files changed, 509 insertions, 48 deletions

diff --git a/design-documents/013-peer-to-peer-payments.rst b/design-documents/013-peer-to-peer-payments.rst
index 914d87fe..68c75643 100644
--- a/design-documents/013-peer-to-peer-payments.rst
+++ b/design-documents/013-peer-to-peer-payments.rst
@@ -19,28 +19,25 @@ This will be used for payments via e-mail and other messaging apps, as well as
 possibly for transfers via NFC/QR code between mobile phones.
 
 Invoice Flow User Experience
-----------------------------------
+----------------------------
 
 .. graphviz::
 
    digraph invoice {
-     settings [
-           label = "Invoice flow";
-     ];
      ranksep="0.5"
      { rank = same; "inbox"; "begin"; }
      { rank = same; "sending"; "receiving2"; }
      { rank = same; "receiving"; "paying"; }
      { rank = same; "mid"; "midbox"; }
      { rank = same; "body"; "amount"; }
-     begin [label="Seller Inbox",shape=box];
+     begin [label="Payer Inbox",shape=box];
      body [label="compose\nE-mail message"];
      amount [label="specify\ninvoice details"];
      receiving [label="receiving...",shape=diamond];
      sending [label="transmitting...",shape=diamond];
-     mid [label="Seller Inbox",shape=box];
+     mid [label="Payee Inbox",shape=box];
      notified [label="Notification:\npayment received"];
-     end [label="Seller Inbox",shape=box];
+     end [label="Payee Inbox",shape=box];
      begin -> body [label="(1) new"];
      body -> amount [label="(2) attach invoice"];
      amount -> body [label="(3) Ok"];
@@ -49,14 +46,14 @@ Invoice Flow User Experience
      mid -> receiving [style=dashed];
      receiving -> notified [style=dashed];
      notified -> end [label="(9) Acknowledge"];
-     inbox [label="Buyer Inbox",shape=box];
+     inbox [label="Payer Inbox",shape=box];
      receiving2 [label="receiving...",shape=diamond];
-     midbox [label="Buyer Inbox",shape=box];
+     midbox [label="Payer Inbox",shape=box];
      open [label="message with\nattached invoice"];
      confirm [label="review invoice"];
      paying [label="paying...", shape=diamond];
      paid [label="message with\npaid invoice"];
-     finbox [label="Buyer Inbox",shape=box];
+     finbox [label="Payer Inbox",shape=box];
      inbox -> receiving2 [style=dashed];
      receiving2 -> sending [label="Internet\n(pEp)",style=dashed,dir=back];
      receiving2 -> midbox [style=dashed];
@@ -69,15 +66,12 @@ Invoice Flow User Experience
    }
 
 Donation Flow User Experience
--------------------------------------
+-----------------------------
 
 .. graphviz::
 
    digraph donation {
      ranksep="0.5"
-     settings [
-           label = "Donation flow";
-     ];
      { rank = same; "inbox"; "begin"; }
      { rank = same; "sending"; "receiving2"; }
      { rank = same; "body"; "amount"; }
@@ -278,29 +272,44 @@ Contract metadata for W2W payments can be exchanged in three ways:
 Account creation
 ----------------
 
-1. The payee generates an account key, which also yields a
-   ``payto://taler/$EXCHANGE_BASE_URL/$ACCOUNT_PUB``
+An account is simply a reserve that has been subjected to
+KYC. A reserve that has seen a purse merged into it must
+be upgraded to an account before further withdraw (or close)
+operations are allowed.  The usual closure deadline for a
+reserve is extended to the KYC deadline.
+
+1. The payee generates a reserve key, which also yields a
+   ``payto://taler/$EXCHANGE_BASE_URL/$RESERVE_PUB``
    target address (for which the payee knows the corresponding
-   account private key).
-2. When withdrawing from an account, the exchange first checks if the
-   customer has satisfied the KYC requirements. If not, the customer
-   is redirected to a Web page where they can perform the necessary
-   KYC operation.
+   reserve private key).
+2. When withdrawing from a reserve that has experienced
+   merge operations and thus must be an account, the exchange
+   first checks if the customer has satisfied the KYC requirements.
+   If not, the customer is redirected to a Web page where they
+   can perform the necessary KYC operation.
 3. For this, the exchange wire gateway is extended with a request to
-   check the KYC status of a customer based on an ``ACCOUNT_PUB``.
-   Possible replies are ``in-progress`` and ``succeeded``. An ``in-progress``
-   status should be accompanied with
+   check the KYC status of a customer based on an ``RESERVE_PUB``.
+   Possible replies are ``in-progress`` and ``succeeded``.
+   An ``in-progress`` status should be accompanied with
    information how the customer may complete the KYC check.
-4. A new exchange endpoint ``/account/$ACCOUNT_PUB/kyc``
-   allows wallets to request a KYC for an
-   ``$ACCOUNT_PUB``.  Such a request may include the requirement to pay
-   a **KYC fee**.  The KYC fee may be charged to that account (if it exists),
-   or could be waved if the account was established via a wire transfer
-   from a partner bank.
-5. If the account owner fails to perform the KYC check, the funds
-   in an account remain inaccessible.  After a configurable duration,
+4. A new exchange endpoint ``/reserves/$RESERVE_PUB/kyc``
+   allows wallets to request a KYC for a
+   ``$RESERVE_PUB``.  Such a request may include the requirement to pay
+   a **KYC fee**.
+   The KYC fee may be charged to the reserve (a sufficient
+   balance can be provided by the wallet by creating a purse
+   and merging the purse with the reserve, if needed),
+   or could be waved if the reserve was established via a wire transfer
+   from a partner bank where KYC is free.  For this, the Wire
+   gateway API is extended with a flag that informs the exchange
+   that the incoming wire transfer implies a free KYC check.
+5. If the account owner fails to perform the KYC check, all funds
+   in an reserve remain inaccessible.  After a configurable duration,
    the funds may be considered forfeit and become the property of
-   the exchange where the account is located.
+   the exchange where the reserve is located.
+6. The exchange may charge an annual **account fee**, and can
+   close accounts where the account balance is insufficient to
+   cover the account fee.
 
 
 Withdrawing from accounts
@@ -328,21 +337,27 @@ Withdrawing from accounts
 Account deletion
 ----------------
 
-1. The account owner can delete an account by signing a deletion message
-   with the account private key.
-2. This basically resets the KYC data at the exchange, preventing further use of
-   the account. This is helpful in case a user is concerned about having
-   accidentally disclosed the account private key to a third party.
-3. If funds remain in the account, an error message is generated instead.  The
-   user can pass an extra override parameter to delete accounts even if
-   they still contain funds.
+1. A reserve owner can delete a reserve by signing a deletion message
+   with the reserve private key.
+2. This basically resets the KYC data at the exchange, preventing
+   further use of the account. This is helpful in case a user is
+   concerned about having
+   accidentally disclosed the reserve private key to a third party.
+3. If funds remain in the reserve, the exchange will close the
+   reserve and wire the funds to the associated bank account.
+   If no bank account is associated with the reserve,
+   an error message is generated instead.  The
+   user can pass an extra override parameter to delete reserves
+   even if they still contain funds.
 4. A related endpoint should exist for the exchange operator, possibly
-   using messages signed with the exchange offline key. This could be
-   useful in case customers die or are otherwise in need for manual
-   intervention that requires an account to be deleted. In this case,
+   using messages signed with a new exchange management key.
+   This could be useful in case customers die or are otherwise
+   in need for manual intervention that requires an account to
+   be deleted. In this case,
    remaining funds in the account should be wired to a bank account
-   designated in the message with the offline signature. The audit
-   report should contain a special note for all of these account deletions.
+   designated in the message with the management signature. The audit
+   report should contain a special note for all of these types of
+   account deletions.
 
 
 
@@ -597,6 +612,409 @@ Additional considerations
   Taler's "one-hop withdrawal loohole".
 
 
+Exchange database schema changes
+--------------------------------
+
+We need to exchange the existing reserves table to include bits for KYC-needed
+and KYC-passed. Also, we need to store the payto://-URI of the bank account.
+
+Finally, we may need to keep some link to the KYC data, even though the
+exchange technically does not need it, but likely there might be regulatory
+reasons to have that association for legal inquiries. (However, it would
+also be possible to keep that link only in the external KYC service's
+database.)
+
+.. sourcecode:: sql
+
+  -- Everything in one big transaction
+  BEGIN;
+  -- Check patch versioning is in place.
+  SELECT _v.register_patch('exchange-TBD', NULL, NULL);
+  --
+  CREATE TABLE IF NOT EXISTS partners
+  (partner_serial_id BIGSERIAL UNIQUE
+  ,partner_master_pub BYTEA NOT NULL CHECK(LENGTH(reserve_pub)=32)
+  ,start_date INT8 NOT NULL
+  ,end_date INT8 NOT NULL
+  ,wad_frequency INT8 NOT NULL
+  ,wad_fee_val INT8 NOT NULL
+  ,wad_fee_frac INT4 NOT NULL
+  ,master_sig BYTEA NOT NULL CHECK (LENGTH(master_sig)=64))
+  ,partner_base_url TEXT NOT NULL
+  );
+  COMMENT ON TABLE partners
+    IS 'exchanges we do wad transfers to';
+  COMMENT ON COLUMN partners.partner_master_pub
+    IS 'offline master public key of the partner';
+  COMMENT ON COLUMN partners.start_date
+    IS 'starting date of the partnership';
+  COMMENT ON COLUMN partners.end_date
+    IS 'end date of the partnership';
+  COMMENT ON COLUMN partners.wad_frequency
+    IS 'how often do we promise to do wad transfers';
+  COMMENT ON COLUMN partners.wad_fee_val
+    IS 'how high is the fee for a wallet to be added to a wad to this partner';
+  COMMENT ON COLUMN partners.partner_base_url
+    IS 'base URL of the REST API for this partner';
+  COMMENT ON COLUMN partners.master_sig
+    IS 'signature of our master public key affirming the partnership, of purpose TALER_SIGNATURE_MASTER_PARTNER_DETAILS';
+  --
+  ALTER TABLE reserves
+    ADD COLUMN kyc_needed BOOLEAN NOT NULL DEFAULT (false)
+    ADD COLUMN kyc_passed BOOLEAN NOT NULL DEFAULT (false)
+    ADD COLUMN payto_uri TEXT DEFAULT (NULL)
+    ADD COLUMN kyc_link TEXT DEFAULT (NULL);
+  COMMENT ON COLUMN reserves.kyc_needed
+    IS 'set to true once a reserve was merged with a purse';
+  COMMENT ON COLUMN reserves.kyc_passed
+    IS 'set to true once the user performed the KYC check';
+  COMMENT ON COLUMN reserves.payto_uri
+    IS 'bank account details to use in case reserve is closed';
+  COMMENT ON COLUMN reserves.kyc_link
+    IS 'optional link to KYC data';
+  --
+  CREATE TABLE IF NOT EXISTS kyc_requests
+  (kyc_request_serial_id BIGSERIAL UNIQUE
+  ,reserve_uuid INT8 NOT NULL REFERENCES reserves (reserve_uuid) ON DELETE CASCADE
+  ,kyc_date INT8 NOT NULL
+  ,kyc_retry INT8 NOT NULL
+  ,kyc_fee_val INT8 NOT NULL
+  ,kyc_fee_frac INT4 NOT NULL
+  ,reserve_sig BYTEA NOT NULL CHECK (LENGTH(reserve_sig)=64))
+  ,kyc_id TEXT NOT NULL
+  ,PRIMARY KEY (reserve_uuid, kyc_date)
+  );
+  COMMENT ON TABLE kyc_requests
+    IS 'KYC processes initiated by the owner of a reserve';
+  COMMENT ON COLUMN kyc_requests.reserve_uuid
+    IS 'Reserve for which the KYC request was triggered.';
+  COMMENT ON COLUMN kyc_requests.reserve_sig
+    IS 'Signature affirming the KYC request';
+  COMMENT ON COLUMN kyc_requests.kyc_fee_val
+    IS 'Amount paid by the reserve for the KYC process.';
+  COMMENT ON COLUMN kyc_requests.kyc_date
+    IS 'When was the KYC process originally initiated.';
+  COMMENT ON COLUMN kyc_requests.kyc_retry
+    IS 'Timestamp when we should next query the KYC backend for the KYC status. The maximum possible numeric value indicates that we do not need to ever check the status of this KYC process again.';
+  COMMENT ON COLUMN kyc_requests.kyc_id
+    IS 'ID of the KYC process, used to compute the URL returned to the client as well as for the exchange to check if the KYC has completed. Format depends on the KYC process of the bank.';
+  --
+  CREATE TABLE IF NOT EXISTS mergers
+  (merge_request_serial_id BIGSERIAL UNIQUE
+  ,reserve_uuid BYTEA NOT NULL REFERENCES reserves (reserve_uuid) ON DELETE CASCADE
+  ,partner_serial_id INT8 REFERENCES partners(partner_serial_id) ON DELETE CASCADE,
+  ,reserve_url TEXT NOT NULL,
+  ,reserve_pub BYTEA NOT NULL CHECK (LENGTH(reserve_pub)=32),
+  ,purse_pub BYTEA NOT NULL CHECK (LENGTH(purse_pub)=32),
+  ,reserve_sig BYTEA NOT NULL CHECK (LENGTH(reserve_sig)=64))
+  ,purse_sig BYTEA NOT NULL CHECK (LENGTH(purse_sig)=64))
+  ,merge_timestamp INT8 NOT NULL
+  ,purse_expiration INT8 NOT NULL
+  ,h_contract_terms BYTEA NOT NULL CHECK (LENGTH(h_contract_terms)=64))
+  ,purse_val INT8 NOT NULL
+  ,purse_frac INT4 NOT NULL
+  ,PRIMARY KEY (purse_pub)
+  );
+  COMMENT ON TABLE mergers
+    IS 'Merge requests where a purse- and account-owner requested merging the purse into the account';
+  COMMENT ON COLUMN mergers.reserve_uuid
+    IS 'identifies the reserve';
+  COMMENT ON COLUMN mergers.partner_serial_id
+    IS 'identifies the partner exchange, NULL in case the target reserve lives at this exchange';
+  COMMENT ON COLUMN mergers.reserve_url
+    IS 'payto://-URL of the reserve, identifies the exchange and the reserve';
+  COMMENT ON COLUMN mergers.reserve_pub
+    IS 'public key of the target reserve';
+  COMMENT ON COLUMN mergers.purse_pub
+    IS 'public key of the purse';
+  COMMENT ON COLUMN mergers.reserve_sig
+    IS 'signature by the reserve private key affirming the merge';
+  COMMENT ON COLUMN mergers.purse_sig
+    IS 'signature by the purse private key affirming the merge';
+  COMMENT ON COLUMN mergers.merge_timestamp
+    IS 'when was the merge message signed';
+  COMMENT ON COLUMN mergers.purse_expiration
+    IS 'when is the purse set to expire';
+  COMMENT ON COLUMN mergers.h_contract_terms
+    IS 'hash of the contract terms both sides are to agree upon';
+  COMMENT ON COLUMN mergers.purse_val
+    IS 'amount to be transferred from the purse to the reserve (excludes deposit fees)';
+  CREATE INDEX IF NOT EXISTS mergers_reserve_uuid
+    ON mergers (reserve_uuid);
+  COMMENT ON INDEX mergers_reserve_uuid
+    IS 'needed in reserve history computation';
+  --
+  CREATE TABLE IF NOT EXISTS contracts
+  (contract_serial_id BIGSERIAL UNIQUE
+  ,purse_pub BYTEA NOT NULL CHECK (LENGTH(purse_pub)=32),
+  ,pub_ckey BYTEA NOT NULL CHECK (LENGTH(pub_ckey)=32)),
+  ,e_contract BYTEA NOT NULL,
+  ,PRIMARY KEY (purse_pub)
+  );
+  COMMENT ON TABLE contracts
+    IS 'encrypted contracts associated with purses';
+  COMMENT ON COLUMN contracts.purse_pub
+    IS 'public key of the purse that the contract is associated with';
+  COMMENT ON COLUMN contracts.pub_ckey
+    IS 'Public ECDH key used to encrypt the contract, to be used with the purse private key for decryption';
+  COMMENT ON COLUMN contracts.e_contract
+    IS 'AES-GCM encrypted contract terms (contains gzip compressed JSON after decryption)';
+  --
+  CREATE TABLE IF NOT EXISTS history_requests
+  (reserve_uuid INT8 NOT NULL REFERENCES reserves(reserve_uuid) ON DELETE CASCADE,
+  ,request_timestamp INT8 NOT NULL
+  ,reserve_sig BYTEA NOT NULL CHECK (LENGTH(reserve_sig)=64))
+  ,history_fee_val INT8 NOT NULL
+  ,history_fee_frac INT4 NOT NULL
+  ,PRIMARY KEY (reserve_uuid,request_timestamp)
+  );
+  COMMENT ON TABLE history_requests
+    IS 'Paid history requests issued by a client against a reserve';
+  COMMENT ON COLUMN history_requests.request_timestamp
+    IS 'When was the history request made';
+  COMMENT ON COLUMN history_requests.reserve_sig
+    IS 'Signature approving payment for the history request';
+  COMMENT ON COLUMN history_requests.history_fee_val
+    IS 'History fee approved by the signature';
+  --
+  CREATE TABLE IF NOT EXISTS close_requests
+  (reserve_uuid INT8 NOT NULL REFERENCES reserves(reserve_uuid) ON DELETE CASCADE,
+  ,close_timestamp INT8 NOT NULL
+  ,reserve_sig BYTEA NOT NULL CHECK (LENGTH(reserve_sig)=64))
+  ,close_val INT8 NOT NULL
+  ,close_frac INT4 NOT NULL
+  ,PRIMARY KEY (reserve_uuid,close_timestamp)
+  );
+  COMMENT ON TABLE close_requests
+    IS 'Explicit requests by a reserve owner to close a reserve immediately';
+  COMMENT ON COLUMN close_requests.close_timestamp
+    IS 'When the request was created by the client';
+  COMMENT ON COLUMN close_requests.reserve_sig
+    IS 'Signature affirming that the reserve is to be closed';
+  COMMENT ON COLUMN close_requests.close_val
+    IS 'Balance of the reserve at the time of closing, to be wired to the associated bank account (minus the closing fee)';
+
+  --
+  CREATE TABLE IF NOT EXISTS purse_requests
+  (purse_deposit_serial_id BIGSERIAL UNIQUE
+  ,purse_pub BYTEA NOT NULL CHECK (LENGTH(purse_pub)=32),
+  ,purse_expiration INT8 NOT NULL
+  ,h_contract_terms BYTEA NOT NULL CHECK (LENGTH(h_contract_terms)=64)
+  ,amount_with_fee_val INT8 NOT NULL
+  ,amount_with_fee_frac INT4 NOT NULL
+  ,purse_sig BYTEA NOT NULL CHECK(LENGTH(purse_sig)=64)
+  ,PRIMARY KEY (purse_pub,coin_pub)
+  );
+  COMMENT ON TABLE purse_requests
+    IS 'Requests establishing purses, associating them with a contract but without a target reserve';
+  COMMENT ON COLUMN purse_requests.purse_pub
+    IS 'Public key of the purse';
+  COMMENT ON COLUMN purse_requests.purse_expiration
+    IS 'When the purse is set to expire';
+  COMMENT ON COLUMN purse_requests.h_contract_terms
+    IS 'Hash of the contract the parties are to agree to';
+  COMMENT ON COLUMN purse_requests.amount_with_fee_val
+    IS 'Total amount expected to be in the purse';
+  COMMENT ON COLUMN purse_requests.purse_sig
+    IS 'Signature of the purse affirming the purse parameters, of type TALER_SIGNATURE_PURSE_REQUEST';
+  --
+  CREATE TABLE IF NOT EXISTS purse_deposits
+  (purse_deposit_serial_id BIGSERIAL UNIQUE
+  ,purse_pub BYTEA NOT NULL CHECK (LENGTH(purse_pub)=32),
+  ,purse_expiration INT8 NOT NULL
+  ,coin_pub BYTEA NOT NULL REFERENCES known_coins (coin_pub) ON DELETE CASCADE
+  ,amount_with_fee_val INT8 NOT NULL
+  ,amount_with_fee_frac INT4 NOT NULL
+  ,coin_sig BYTEA NOT NULL CHECK(LENGTH(coin_sig)=64)
+  ,PRIMARY KEY (purse_pub,coin_pub)
+  );
+  COMMENT ON TABLE purse_deposits
+    IS 'Requests depositing coins into a purse';
+  COMMENT ON COLUMN purse_deposits.purse_pub
+    IS 'Public key of the purse';
+  COMMENT ON COLUMN purse_deposits.purse_expiration
+    IS 'When the purse is set to expire';
+  COMMENT ON COLUMN purse_deposits.coin_pub
+    IS 'Public key of the coin being deposited';
+  COMMENT ON COLUMN purse_deposits.amount_with_fee_val
+    IS 'Total amount being deposited';
+  COMMENT ON COLUMN purse_deposits.coin_sig
+    IS 'Signature of the coin affirming the deposit into the purse, of type TALER_SIGNATURE_PURSE_DEPOSIT';
+  --
+  CREATE TABLE IF NOT EXISTS wads_out
+  (wad_out_serial_id BIGSERIAL UNIQUE
+  ,wad_id BYTEA PRIMARY KEY CHECK (LENGTH(wad_id)=24)
+  ,partner_serial_id INT8 NOT NULL REFERENCES partners(partner_serial_id) ON DELETE CASCADE,
+  ,amount_val INT8 NOT NULL
+  ,amount_frac INT4 NOT NULL
+  ,execution_time INT8 NOT NULL
+  ,UNIQUE (exchange_url, execution_time)
+  );
+  COMMENT ON TABLE wads_out
+    IS 'Wire transfers made to another exchange to transfer purse funds';
+  COMMENT ON COLUMN wads_out.wad_id
+    IS 'Unique identifier of the wad, part of the wire transfer subject';
+  COMMENT ON COLUMN wads_out.partner_serial_id
+    IS 'target exchange of the wad';
+  COMMENT ON COLUMN wads_out.amount_val
+    IS 'Amount that was wired';
+  COMMENT ON COLUMN wads_out.execution_time
+    IS 'Time when the wire transfer was scheduled';
+  --
+  CREATE TABLE IF NOT EXISTS wad_out_entries
+  (wad_out_entry_serial_id BIGSERIAL UNIQUE
+  ,wad_out_serial_id INT8 REFERENCES wads_out (wad_out_serial_id) ON DELETE CASCADE
+  ,reserve_pub BYTEA NOT NULL CHECK(LENGTH(reserve_pub)=32)
+  ,purse_pub BYTEA PRIMARY KEY CHECK(LENGTH(purse_pub)=32)
+  ,h_contract BYTEA NOT NULL CHECK(LENGTH(h_contract)=64)
+  ,purse_expiration INT8 NOT NULL
+  ,merge_timestamp INT8 NOT NULL
+  ,amount_with_fee_val INT8 NOT NULL
+  ,amount_with_fee_frac INT4 NOT NULL
+  ,wad_fee_val INT8 NOT NULL
+  ,wad_fee_frac INT4 NOT NULL
+  ,deposit_fees_val INT8 NOT NULL
+  ,deposit_fees_frac INT4 NOT NULL
+  ,reserve_sig BYTEA NOT NULL CHECK (LENGTH(reserve_sig)=64))
+  ,purse_sig BYTEA NOT NULL CHECK (LENGTH(purse_sig)=64))
+  );
+  CREATE INDEX IF NOT EXISTS wad_out_entries_index_by_wad
+    ON wad_out_entries (wad_out_serial_id);
+  COMMENT ON TABLE wad_out_entries
+    IS 'Purses combined into a wad';
+  COMMENT ON COLUMN wad_out_entries.wad_out_serial_id
+    IS 'Wad the purse was part of';
+  COMMENT ON COLUMN wad_out_entries.reserve_pub
+    IS 'Target reserve for the purse';
+  COMMENT ON COLUMN wad_out_entries.purse_pub
+    IS 'Public key of the purse';
+  COMMENT ON COLUMN wad_out_entries.h_contract
+    IS 'Hash of the contract associated with the purse';
+  COMMENT ON COLUMN wad_out_entries.purse_expiration
+    IS 'Time when the purse expires';
+  COMMENT ON COLUMN wad_out_entries.merge_timestamp
+    IS 'Time when the merge was approved';
+  COMMENT ON COLUMN wad_out_entries.amount_with_fee_val
+    IS 'Total amount in the purse';
+  COMMENT ON COLUMN wad_out_entries.wad_fee_val
+    IS 'Wat fee charged to the purse';
+  COMMENT ON COLUMN wad_out_entries.deposit_fees_val
+    IS 'Total deposit fees charged to the purse';
+  COMMENT ON COLUMN wad_out_entries.reserve_sig
+    IS 'Signature by the receiving reserve, of purpose TALER_SIGNATURE_ACCOUNT_MERGE';
+  COMMENT ON COLUMN wad_out_entries.purse_sig
+    IS 'Signature by the purse of purpose TALER_SIGNATURE_PURSE_MERGE';
+  --
+  CREATE TABLE IF NOT EXISTS wads_in
+  (wad_in_serial_id BIGSERIAL UNIQUE
+  ,wad_id BYTEA PRIMARY KEY CHECK (LENGTH(wad_id)=24)
+  ,origin_exchange_url TEXT NOT NULL
+  ,amount_val INT8 NOT NULL
+  ,amount_frac INT4 NOT NULL
+  ,arrival_time INT8 NOT NULL
+  ,UNIQUE (wad_id, origin_exchange_url)
+  );
+  COMMENT ON TABLE wads_in_entries
+    IS 'Incoming exchange-to-exchange wad wire transfers';
+  COMMENT ON COLUMN wads_in.wad_id
+    IS 'Unique identifier of the wad, part of the wire transfer subject';
+  COMMENT ON COLUMN wads_in.origin_exchange_url
+    IS 'Base URL of the originating URL, also part of the wire transfer subject';
+  COMMENT ON COLUMN wads_in.amount_val
+    IS 'Actual amount that was received by our exchange';
+  COMMENT ON COLUMN wads_in.arrival_time
+    IS 'Time when the wad was received';
+  --
+  CREATE TABLE IF NOT EXISTS wad_in_entries
+  (wad_in_entry_serial_id BIGSERIAL UNIQUE
+  ,wad_in_serial_id INT8 REFERENCES wads_in (wad_serial_id) ON DELETE CASCADE
+  ,reserve_pub BYTEA NOT NULL CHECK(LENGTH(reserve_pub)=32)
+  ,purse_pub BYTEA PRIMARY KEY CHECK(LENGTH(purse_pub)=32)
+  ,h_contract BYTEA NOT NULL CHECK(LENGTH(h_contract)=64)
+  ,purse_expiration INT8 NOT NULL
+  ,merge_timestamp INT8 NOT NULL
+  ,amount_with_fee_val INT8 NOT NULL
+  ,amount_with_fee_frac INT4 NOT NULL
+  ,wad_fee_val INT8 NOT NULL
+  ,wad_fee_frac INT4 NOT NULL
+  ,deposit_fees_val INT8 NOT NULL
+  ,deposit_fees_frac INT4 NOT NULL
+  ,reserve_sig BYTEA NOT NULL CHECK (LENGTH(reserve_sig)=64))
+  ,purse_sig BYTEA NOT NULL CHECK (LENGTH(purse_sig)=64))
+  );
+  COMMENT ON TABLE wad_in_entries
+    IS 'list of purses aggregated in a wad according to the sending exchange';
+  COMMENT ON COLUMN wad_in_entries.wad_in_serial_id
+    IS 'wad for which the given purse was included in the aggregation';
+  COMMENT ON COLUMN wad_in_entries.reserve_pub
+    IS 'target account of the purse (must be at the local exchange)';
+  COMMENT ON COLUMN wad_in_entries.purse_pub
+    IS 'public key of the purse that was merged';
+  COMMENT ON COLUMN wad_in_entries.h_contract
+    IS 'hash of the contract terms of the purse';
+  COMMENT ON COLUMN wad_in_entries.purse_expiration
+    IS 'Time when the purse was set to expire';
+  COMMENT ON COLUMN wad_in_entries.merge_timestamp
+    IS 'Time when the merge was approved';
+  COMMENT ON COLUMN wad_in_entries.amount_with_fee_val
+    IS 'Total amount in the purse';
+  COMMENT ON COLUMN wad_in_entries.wad_fee_val
+    IS 'Total wad fees paid by the purse';
+  COMMENT ON COLUMN wad_in_entries.deposit_fees_val
+    IS 'Total deposit fees paid when depositing coins into the purse';
+  COMMENT ON COLUMN wad_in_entries.reserve_sig
+    IS 'Signature by the receiving reserve, of purpose TALER_SIGNATURE_ACCOUNT_MERGE';
+  COMMENT ON COLUMN wad_in_entries.purse_sig
+    IS 'Signature by the purse of purpose TALER_SIGNATURE_PURSE_MERGE';
+  CREATE INDEX IF NOT EXISTS wad_in_entries_wad_in_serial
+    ON wad_in_entries (wad_in_serial_id);
+  CREATE INDEX IF NOT EXISTS wad_in_entries_reserve_pub
+    ON wad_in_entries (reserve_pub);
+  COMMENT ON INDEX wad_in_entries_wad_in_serial
+    IS 'needed to lookup all transfers associated with a wad';
+  COMMENT ON INDEX wad_in_entries_reserve_pub
+    IS 'needed to compute reserve history';
+  --
+  CREATE TABLE IF NOT EXISTS p2pfees
+  (p2pfees_serial_id BIGSERIAL UNIQUE
+  ,start_date INT8 NOT NULL
+  ,end_date INT8 NOT NULL
+  ,kyc_timeout INT8 NOT NULL
+  ,purse_timeout INT8 NOT NULL
+  ,history_retention INT8 NOT NULL
+  ,purse_account_limit INT NOT NULL
+  ,kyc_fee_val INT8 NOT NULL
+  ,kyc_fee_frac INT4 NOT NULL
+  ,history_fee_val INT8 NOT NULL
+  ,history_fee_frac INT4 NOT NULL
+  ,account_fee_val INT8 NOT NULL
+  ,account_fee_frac INT4 NOT NULL
+  ,purse_fee_val INT8 NOT NULL
+  ,purse_fee_frac INT4 NOT NULL
+  ,master_sig BYTEA NOT NULL CHECK (LENGTH(master_sig)=64))
+  );
+  --
+  CREATE TABLE IF NOT EXISTS partner_accounts
+  (payto_uri VARCHAR PRIMARY KEY
+  ,partner_serial_id INT8 REFERENCES partners(partner_serial_id) ON DELETE CASCADE,
+  ,partner_master_sig BYTEA CHECK (LENGTH(partner_master_sig)=64)
+  ,last_seen INT8 NOT NULL
+  );
+  CREATE INDEX IF NOT EXISTS partner_accounts_index_by_partner_and_time
+    ON partner_accounts (partner_serial_id,last_seen);
+  COMMENT ON TABLE partner_accounts
+    IS 'Table with bank accounts of the partner exchange. Entries never expire as we need to remember the signature for the auditor.';
+  COMMENT ON COLUMN wire_accounts.payto_uri
+    IS 'payto URI (RFC 8905) with the bank account of the partner exchange.';
+  COMMENT ON COLUMN wire_accounts.partner_master_sig
+    IS 'Signature of purpose TALER_SIGNATURE_MASTER_WIRE_DETAILS by the partner master public key';
+  COMMENT ON COLUMN wire_accounts.last_seen
+    IS 'Last time we saw this account as being active at the partner exchange. Used to select the most recent entry, and to detect when we should check again.';
+  -- Complete transaction
+  COMMIT;
+
+
+
 Alternatives
 ============
 
@@ -698,8 +1116,17 @@ Q / A
 
 * Q: What determines when a wad transfer can happen between two exchanges?
 
-  * Exchanges should explicitly state which other exchanges they are willing
+  * Exchanges explicitly state which other exchanges they are willing
     to do wad transfers with (and how often, at what cost). This may involve
     abstract policies like sharing an auditor, using the same currency and the
     same (banking) protocol, or other constraints (like a specific list of
     exchanges).
+
+* Q: What happens if the owner of a reserve never drains it?
+
+  * Reserves are eventually closed. If the reserve is associated
+    with a bank account, the remaining funds are sent to that bank
+    account. If the reserve was created via a merge, and the owner
+    failed to associate a bank account with it (say because the
+    KYC step never happened), then the reserve balance is forfeit
+    to the exchange upon expiration.
diff --git a/design-documents/018-contract-json.rst b/design-documents/018-contract-json.rst
index 4208febc..2162d6ed 100644
--- a/design-documents/018-contract-json.rst
+++ b/design-documents/018-contract-json.rst
@@ -102,7 +102,7 @@ member of the parent object.
     },
    }
 
-   => 
+   =>
 
    {
     ...props,
@@ -146,6 +146,40 @@ resulting bytes are terminated with a single 0-byte and then hashed with
 SHA512.
 
 
+Test vector
+-----------
+
+The follwing input contains top-level and nested forgettable
+fields, as well as booleans, integers, strings and objects
+as well as non-forgettable fields.  It is thus suitable as
+a minimal interoperability test:
+
+.. code-block:: json
+
+  {
+    "k1": 1,
+    "_forgettable": {
+      "k1": "SALT"
+    },
+    "k2": {
+      "n1": true,
+      "_forgettable": {
+        "n1": "salt"
+      }
+    },
+    "k3": {
+      "n1": "string"
+    }
+  }
+
+Hashing the above contract results in the following Crockford base32 encoded
+hash
+``287VXK8T6PXKD05W8Y94QJNEFCMRXBC9S7KNKTWGH2G2J2D7RYKPSHNH1HG9NT1K2HRHGC67W6QM6GEC4BSN1DPNEBCS0AVDT2DBP5G''.
+
+Note that typically the salt values must be chosen at random, only for this test we use static salt values.
+
+
+
 Discussion / Q&A
 ================