diff options
author | Christian Grothoff <christian@grothoff.org> | 2024-04-22 21:16:17 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2024-04-22 21:20:53 +0200 |
commit | 8076c1f79719d2eac5c28afd165deb9ccd988c90 (patch) | |
tree | f6929966bae3bd79d49ddea71694a19c13abcbd5 /design-documents | |
parent | eb28baea1c5b8f19b0086c9fcb7eff6ae2f5b388 (diff) | |
download | docs-8076c1f79719d2eac5c28afd165deb9ccd988c90.tar.gz docs-8076c1f79719d2eac5c28afd165deb9ccd988c90.tar.bz2 docs-8076c1f79719d2eac5c28afd165deb9ccd988c90.zip |
more DD23 updates
Diffstat (limited to 'design-documents')
-rw-r--r-- | design-documents/023-taler-kyc.rst | 79 |
1 files changed, 39 insertions, 40 deletions
diff --git a/design-documents/023-taler-kyc.rst b/design-documents/023-taler-kyc.rst index 6b2629c4..8b9b6054 100644 --- a/design-documents/023-taler-kyc.rst +++ b/design-documents/023-taler-kyc.rst @@ -1713,20 +1713,19 @@ on GET ``/deposits/`` with the respective legitimization requirement row. CREATE TABLE wire_targets (wire_target_serial_id BIGSERIAL UNIQUE - ,h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=64), - ,target_token BYTEA UNIQUE CHECK (LENGTH(target_token)=32) - ,target_pub BYTEA CHECK (LENGTH(target_pub)=32) + ,wire_target_h_payto BYTEA PRIMARY KEY CHECK (LENGTH(wire_target_h_payto)=32), + ,target_token BYTEA UNIQUE CHECK (LENGTH(target_token)=32) DEFAULT gen_random_bytes(32) + ,target_pub BYTEA CHECK (LENGTH(target_pub)=32) DEFAULT NULL ,payto_uri STRING NOT NULL - ,PRIMARY KEY (h_payto,target_pub) ) - PARTITION BY HASH (h_payto); + PARTITION BY HASH (wire_target_h_payto); COMMENT ON TABLE wire_targets IS 'All recipients of money via the exchange'; COMMENT ON COLUMN wire_targets.h_payto IS 'Unsalted hash of payto_uri'; COMMENT ON COLUMN wire_targets.target_token - IS 'high-entropy random value that is used as a token to authorize access to the KYC process (without requiring a signature by target_priv); NULL if KYC is not allowed for the account (legacy)'; + IS 'high-entropy random value that is used as a token to authorize access to the KYC process (without requiring a signature by target_priv)'; COMMENT ON COLUMN wire_targets.target_pub IS 'Public key (reserve_pub or merchant_pub) associated with the account; NULL if KYC is not allowed for the account (if there was no incoming KYC wire transfer yet); updated, thus NOT available to the auditor'; COMMENT ON COLUMN wire_targets.payto_uri @@ -1737,36 +1736,36 @@ on GET ``/deposits/`` with the respective legitimization requirement row. ,target_token BYTEA NOT NULL UNIQUE CHECK (LENGTH(target_token)=32) REFERENCES wire_targets (target_token) ,start_time INT8 NOT NULL - ,jmeasures VARCHAR[] NOT NULL + ,jmeasures TEXT NOT NULL ,display_priority INT4 NOT NULL ,is_finished BOOL NOT NULL DEFAULT(FALSE) ) - PARTITION BY HASH (h_payto); + PARTITION BY HASH (target_token); - COMMENT ON COLUMN legitimization_requirements.target_token + COMMENT ON COLUMN legitimization_measures.target_token IS 'Used to uniquely identify the account and as a symmetric access control mechanism for the SPA'; - COMMENT ON COLUMN legitimization_requirements.start_time + COMMENT ON COLUMN legitimization_measures.start_time IS 'Time when the measure was triggered (by decision or rule)'; - COMMENT ON COLUMN legitimization_requirements.jmeasures + COMMENT ON COLUMN legitimization_measures.jmeasures IS 'JSON object of type LegitimizationMeasures with KYC/AML measures for the account encoded'; - COMMENT ON COLUMN legitimization_requirements.display_priority + COMMENT ON COLUMN legitimization_measures.display_priority IS 'Display priority of the rule that triggered this measure; if in the meantime another rule also triggers, the measure is only replaced if the new rule has a higher display priority'; - COMMENT ON COLUMN legitimization_requirements.is_finished + COMMENT ON COLUMN legitimization_measures.is_finished IS 'Set to TRUE if this set of measures was processed; used to avoid indexing measures that are done'; CREATE INDEX ON legitimization_measures (target_token) - WHERE NOT finished; + WHERE NOT is_finished; CREATE TABLE legitimization_outcomes (outcome_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY ,h_payto BYTEA CHECK (LENGTH(h_payto)=32) - REFERENCES wire_targets (h_payto) + REFERENCES wire_targets (wire_target_h_payto) ,decision_time INT8 NOT NULL DEFAULT(0) ,expiration_time INT8 NOT NULL DEFAULT(0) ,jproperties TEXT, ,to_investigate BOOL NOT NULL ,is_active BOOL NOT NULL DEFAULT(TRUE) - ,jnew_rules NOT NULL TEXT + ,jnew_rules TEXT NOT NULL ) PARTITION BY HASH (h_payto); @@ -1777,7 +1776,7 @@ on GET ``/deposits/`` with the respective legitimization requirement row. COMMENT ON COLUMN legitimization_outcomes.decision_time IS 'when was this outcome decided'; COMMENT ON COLUMN legitimization_outcomes.expiration_time - IS 'time when the decision expires and the expiration new_rules should be applied'; + IS 'time when the decision expires and the expiration jnew_rules should be applied'; COMMENT ON COLUMN legitimization_outcomes.jproperties IS 'JSON object of type AccountProperties, such as PEP status, business domain, risk assessment, etc.'; COMMENT ON COLUMN legitimization_outcomes.to_investigate @@ -1791,15 +1790,15 @@ on GET ``/deposits/`` with the respective legitimization requirement row. ON legitimization_outcomes(h_payto) WHERE is_active; - CREATE TABLE kyc_setups - (kyc_setup_serial_id BIGSERIAL UNIQUE + CREATE TABLE legitimization_processes + (legitimization_process_serial_id BIGSERIAL UNIQUE ,h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=64) - REFERENCES wire_targets (h_payto) + REFERENCES wire_targets (wire_target_h_payto) ,start_time INT8 NOT NULL ,expiration_time INT8 NOT NULL DEFAULT (0) ,legitimization_measure_serial_id BIGINT REFERENCES legitimization_measures (legitimization_measure_serial_id) - ,measure_index INT8 + ,measure_index INT4 ,provider_section VARCHAR NOT NULL ,provider_user_id VARCHAR DEFAULT NULL ,provider_legitimization_id VARCHAR DEFAULT NULL @@ -1808,35 +1807,35 @@ on GET ``/deposits/`` with the respective legitimization requirement row. ) PARTITION BY HASH (h_payto); - COMMENT ON TABLE kyc_setups + COMMENT ON TABLE legitimization_processes IS 'here we track KYC processes we initiated with external providers; the main reason is so that we do not initiate a second process when an equivalent one is still active; note that h_payto, provider_section, jcontext must match and the process must not be finished or expired for an existing redirect_url to be re-used; given that clients may voluntarily initiate KYC processes, there may not always be a legitimization_measure that triggered the setup'; - COMMENT ON COLUMN kyc_setups.h_payto + COMMENT ON COLUMN legitimization_processes.h_payto IS 'foreign key linking the entry to the wire_targets table, NOT a primary key (multiple KYC setups are possible per wire target)'; - COMMENT ON COLUMN kyc_setups.start_time + COMMENT ON COLUMN legitimization_processes.start_time IS 'when was the legitimization process initiated'; - COMMENT ON COLUMN kyc_setups.expiration_time + COMMENT ON COLUMN legitimization_processes.expiration_time IS 'when does the process expire (and needs to be manually set up again)'; - COMMENT ON COLUMN kyc_setups.measure_index + COMMENT ON COLUMN legitimization_processes.measure_index IS 'index of the measure in legitimization_measures that was selected for this KYC setup; NULL if legitimization_measure_serial_id is NULL; enables determination of the context data provided to the external process'; - COMMENT ON COLUMN kyc_setups.provider_section + COMMENT ON COLUMN legitimization_processes.provider_section IS 'Configuration file section with details about this provider'; - COMMENT ON COLUMN kyc_setups.provider_user_id + COMMENT ON COLUMN legitimization_processes.provider_user_id IS 'Identifier for the user at the provider that was used for the legitimization. NULL if provider is unaware.'; - COMMENT ON COLUMN kyc_setups.provider_legitimization_id + COMMENT ON COLUMN legitimization_processes.provider_legitimization_id IS 'Identifier for the specific legitimization process at the provider. NULL if legitimization was not started.'; - COMMENT ON COLUMN kyc_setups.legitimization_measure_serial_id + COMMENT ON COLUMN legitimization_processes.legitimization_measure_serial_id IS 'measure that enabled this setup, NULL if client voluntarily initiated the process'; - COMMENT ON COLUMN kyc_setups.redirect_url + COMMENT ON COLUMN legitimization_processes.redirect_url IS 'Where the user should be redirected for this external KYC process'; - COMMENT ON COLUMN kyc_setups.finished + COMMENT ON COLUMN legitimization_processes.finished IS 'set to TRUE when the specific legitimization process is finished'; CREATE TABLE kyc_attributes (kyc_attributes_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY ,h_payto BYTEA PRIMARY KEY CHECK (LENGTH(h_payto)=32) - REFERENCES wire_targets (h_payto) - ,kyc_setup_serial_id INT8 - REFERENCES kyc_setups (kyc_setup_serial_id) + REFERENCES wire_targets (wire_target_h_payto) + ,legitimization_process_serial_id INT8 + REFERENCES legitimization_processes (legitimization_process_serial_id) DEFAULT NULL ,collection_time INT8 NOT NULL ,expiration_time INT8 NOT NULL @@ -1847,8 +1846,8 @@ on GET ``/deposits/`` with the respective legitimization requirement row. COMMENT ON COLUMN kyc_attributes.h_payto IS 'identifies the account this is about'; - COMMENT ON COLUMN kyc_attributes.kyc_setup_serial_id - IS 'serial ID of the KYC setup that resulted in these attributes, NULL if the attributes are from a form directly supplied by the account owner'; + COMMENT ON COLUMN kyc_attributes.legitimization_process_serial_id + IS 'serial ID of the legitimization process that resulted in these attributes, NULL if the attributes are from a form directly supplied by the account owner via a form'; COMMENT ON COLUMN kyc_attributes.collection_time IS 'when were these attributes collected'; COMMENT ON COLUMN kyc_attributes.expiration_time @@ -1862,7 +1861,7 @@ on GET ``/deposits/`` with the respective legitimization requirement row. (aml_history_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY ,h_payto BYTEA CHECK (LENGTH(h_payto)=32) REFERENCES wire_targets (h_payto) - ,legitimization_outcome INT8 NOT NULL + ,outcome_serial_id INT8 NOT NULL REFERENCES legitimization_outcomes (outcome_serial_id) ,justification TEXT NOT NULL ,decider_pub BYTEA CHECK (LENGTH(decider_pub)=32) @@ -1870,13 +1869,13 @@ on GET ``/deposits/`` with the respective legitimization requirement row. COMMENT ON TABLE aml_history IS 'Records decisions by AML staff with the respective signature and free-form justification.'; - COMMENT ON COLUMN aml_history.legitimization_outcome + COMMENT ON COLUMN aml_history.outcome_serial_id IS 'Actual outcome for the account (included in what decider_sig signs over)'; COMMENT ON COLUMN aml_history.decider_sig IS 'Signature key of the staff member affirming the AML decision; of type AML_DECISION'; CREATE TABLE kyc_events - (event_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY + (kyc_event_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY ,event_timestamp INT8 NOT NULL ,event_type TEXT NOT NULL); |