summaryrefslogtreecommitdiff
path: root/design-documents/036-currency-conversion-service.rst
diff options
context:
space:
mode:
Diffstat (limited to 'design-documents/036-currency-conversion-service.rst')
-rw-r--r--design-documents/036-currency-conversion-service.rst97
1 files changed, 97 insertions, 0 deletions
diff --git a/design-documents/036-currency-conversion-service.rst b/design-documents/036-currency-conversion-service.rst
new file mode 100644
index 00000000..92d88499
--- /dev/null
+++ b/design-documents/036-currency-conversion-service.rst
@@ -0,0 +1,97 @@
+DD 36: Currency conversion service
+##################################
+
+Summary
+=======
+
+This document explains the design of the currency conversion
+service. Such service enables customers to spend their fiat
+currency to buy Taler coins in a regional currency, and enables
+merchants to cash-out from the regional currency to fiat.
+
+Motivation
+==========
+
+The conversion service (CCS) is fundamental for a regional
+currency and is missing in the Taler/Libeufin ecosystem.
+
+Definitions
+===========
+
+*Fiat-issuer* is the fiat bank account that belongs to the regional currency
+issuer; typically, such bank account belongs to one association that runs the
+infrastructure. This bank account is hosted at the "fiat bank". *Regio-issuer*
+is the bank account that belongs to the local
+currency issuer but hosted at the bank that generates the regional currency.
+Such bank is also called "circuit bank". *Regio-exchange* is the bank account
+that belongs to the Taler exchange and that is hosted at the circuit bank.
+*Fiat-target* is a bank account hosted in the same currency of fiat-issuer
+and that belongs to a customer who initiated a cash-out operation. *Regio-user*
+is a bank account hosted at the circuit bank that is different from regio-issuer.
+*Fiat-customer* is a bank account hosted in the same currency of fiat-issuer,
+typically owned by customers that want to withdraw Taler coins in the regional
+currency.
+
+Requirements
+============
+
+* CCS must not impact the libeufin-nexus structure.
+* CCS must trigger Taler withdrawls every time a customer buys the
+ regional currency ('cash-in' operation).
+* CCS must offer cash-out operations.
+* CCS should react as soon as possible to cash-in and cash-out operations.
+* CCS must show its state to administrators and offer management tools.
+* CCS must link every fiat-side of a cash-out to its regional currency
+ counterpart. In particular, because every cash-out starts with a
+ payment *P* from regio-user to regio-issuer and ends with another
+ payment *Q* from fiat-issuer to fiat-target, CCS must link P and Q.
+
+Proposed Solution
+=================
+
+The following design assumes that CCS is coded in libeufin-bank and that
+libeufin-bank and libeufin-nexus share the same database with separate
+schemas. The solution relies on SQL triggers to atomically synchronise
+cash-in and cash-out operations between the two schemas.
+
+SQL triggers and conversion operations
+--------------------------------------
+
+Libeufin-bank controls the conversion support and sets up or removes
+conversion SQL triggers when necessary. In order for the SQL triggers to
+perform the conversion operations, the configurable rates/fees are stored
+in the database and the conversion operations are performed using stored
+SQL procedures. The SQL triggers and conversion procedures are stored in
+the libeufin-bank schema.
+
+Cash-out operation
+------------------
+
+Libeufin-bank learns instantly about a cash-out operation, because it's
+*the* service offering such feature. Therefore, as soon as a cash-out
+operation gets TAN-confirmed, libeufin-bank performs a wire transfer from
+regio-user to regio-issuer by specifying the amount without any rates/fees
+applied. Along the same database transaction, a SQL trigger store the
+*instructions* of another payment *P* from fiat-issuer to fiat-target,
+but this time **with** the cash-out rates/fees.
+
+Asynchronously, a libeufin-nexus background task picks P and sends it to
+the fiat bank. Finally, fiat bank conducts P and fiat-target receives the
+wanted amount. The same libeufin-nexus background task should also retry
+previous payments like P that failed to be submitted to fiat bank.
+
+Cash-in operation
+-----------------
+
+A cashin-in operation starts as soon as the customer sends a fiat
+payment from fiat-customer to fiat-issuer.
+
+The libeufin-nexus component is responsible to query the fiat bank
+via EBICS every X seconds. X should match the tightest interval allowed
+by the bank.
+
+When libeufin-nexus registers an incoming payment on fiat-issuer in the
+database, a SQL trigger applies the **current** cash-in rates/fees and
+performs a wire transfer from regio-issuer to regio-exchange. Libeufin-bank
+makes the exchange aware via the Taler Wire Gateway API and from now on,
+the system proceeds like it always did in Taler.
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-30 08:25:57 +0000