|author||Christian Grothoff <email@example.com>||2021-01-14 16:14:49 +0100|
|committer||Christian Grothoff <firstname.lastname@example.org>||2021-01-14 16:14:49 +0100|
update exchange/auditor manuals now that we have taler-auditor-sync
Diffstat (limited to 'taler-exchange-manual.rst')
1 files changed, 32 insertions, 4 deletions
diff --git a/taler-exchange-manual.rst b/taler-exchange-manual.rst
index 879f9ad..c1354d3 100644
@@ -902,10 +902,38 @@ of ``taler-exchange-offline``.
-This chapter includes various (very unpolished) sections on specific
-topics that might be helpful to understand how the exchange operates,
-which files should be backed up. The information may also be helpful for
+This chapter includes various sections on specific topics that might be
+helpful to understand how the exchange operates. The information may also be
+helpful for diagnostics.
+While an exchange should use an external auditor to attest to regulators that
+it is operating correctly, an exchange operator can also use the auditor's
+logic to perform internal checks. For this, an exchange opeator can generally
+follow the auditor guide. However, instead of using ``taler-auditor-sync``,
+an internal audit can and likely should be performed either directly against
+the production exchange database or against a synchronous copy created using
+standard database replication techniques. After all, the exchange operator
+runs this for diagnostics and can generally trust its own database to maintain
+the database invariants.
+Running the auditor against a the original the production database (without
+using ``taler-auditor-sync``) enables the auditing logic to perform a few
+additional checks that can detect inconsistencies. These checks are enabled
+by passing the **-i** option to the ``taler-auditor`` command. As always,
+the resulting report should be read carefully to see if there are any problems
+with the setup.
+Reports are generally created incrementally, with ``taler-auditor`` reporting
+only incidents and balance changes that were not covered in previous reports.
+While it is possible to reset the auditor database and to restart the audit
+from the very beginning, this is generally not recommended as this may be too