path: root/taler-exchange-manual.rst
diff options
authorChristian Grothoff <>2021-01-14 16:14:49 +0100
committerChristian Grothoff <>2021-01-14 16:14:49 +0100
commit007421e881da19eddaaab61484a69e7837d23b0d (patch)
tree0ba034f4c9c7e85633d2b9302609044f7a55e2f3 /taler-exchange-manual.rst
parentcd79340fb48710d2e83a5bbb7e59cce0b1098176 (diff)
update exchange/auditor manuals now that we have taler-auditor-sync
Diffstat (limited to 'taler-exchange-manual.rst')
1 files changed, 32 insertions, 4 deletions
diff --git a/taler-exchange-manual.rst b/taler-exchange-manual.rst
index 879f9ad..c1354d3 100644
--- a/taler-exchange-manual.rst
+++ b/taler-exchange-manual.rst
@@ -902,10 +902,38 @@ of ``taler-exchange-offline``.
-This chapter includes various (very unpolished) sections on specific
-topics that might be helpful to understand how the exchange operates,
-which files should be backed up. The information may also be helpful for
+This chapter includes various sections on specific topics that might be
+helpful to understand how the exchange operates. The information may also be
+helpful for diagnostics.
+.. _Internal-audit:
+Internal audits
+While an exchange should use an external auditor to attest to regulators that
+it is operating correctly, an exchange operator can also use the auditor's
+logic to perform internal checks. For this, an exchange opeator can generally
+follow the auditor guide. However, instead of using ``taler-auditor-sync``,
+an internal audit can and likely should be performed either directly against
+the production exchange database or against a synchronous copy created using
+standard database replication techniques. After all, the exchange operator
+runs this for diagnostics and can generally trust its own database to maintain
+the database invariants.
+Running the auditor against a the original the production database (without
+using ``taler-auditor-sync``) enables the auditing logic to perform a few
+additional checks that can detect inconsistencies. These checks are enabled
+by passing the **-i** option to the ``taler-auditor`` command. As always,
+the resulting report should be read carefully to see if there are any problems
+with the setup.
+Reports are generally created incrementally, with ``taler-auditor`` reporting
+only incidents and balance changes that were not covered in previous reports.
+While it is possible to reset the auditor database and to restart the audit
+from the very beginning, this is generally not recommended as this may be too
.. _Database-Scheme: