1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
|
..
This file is part of GNU TALER.
Copyright (C) 2018 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free Software
Foundation; either version 2.1, or (at your option) any later version.
TALER is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with
TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/>
@author Christian Grothoff
============================
The Auditor RESTful JSON API
============================
The API specified here follows the :ref:`general conventions <http-common>`
for all details not specified in the individual requests.
The `glossary <https://docs.taler.net/glossary.html#glossary>`_
defines all specific terms used in this section.
.. contents:: Table of Contents
:local:
.. _authentication:
--------------
Authentication
--------------
Each auditor instance has separate authentication settings for the private API resources
of that instance.
Currently, the API supports two main authentication methods:
* ``external``: With this method, no checks are done by the auditor backend.
Instead, a reverse proxy / API gateway must do all authentication/authorization checks.
* ``token``: With this method, the client must provide a ``Authorization: Bearer $TOKEN``
header, where ``$TOKEN`` is a secret authentication token configured for the instance which must begin with the RFC 8959 prefix.
.. _auditor-version:
-------------------------
Obtaining Auditor Version
-------------------------
This API is used by merchants to obtain a list of all exchanges audited by
this auditor. This may be required for the merchant to perform the required
know-your-customer (KYC) registration before issuing contracts.
.. http:get:: /config
Get the protocol version and some meta data about the auditor.
This specification corresponds to ``current`` protocol being version **1**.
**Response:**
:http:statuscode:`200 OK`:
The auditor responds with an `AuditorVersion`_ object. This request should
virtually always be successful.
**Details:**
.. _AuditorVersion:
.. code-block:: tsref
interface AuditorVersion {
// libtool-style representation of the Taler protocol version, see
// https://www.gnu.org/software/libtool/manual/html_node/Versioning.html#Versioning
// The format is "current:revision:age". Note that the auditor
// protocol is versioned independently of the exchange's protocol.
version: string;
// URN of the implementation (needed to interpret 'revision' in version).
// @since v0, may become mandatory in the future.
implementation?: string;
// Return which currency this auditor is auditing for.
currency: string;
// EdDSA master public key of the auditor.
auditor_public_key: EddsaPublicKey;
// EdDSA master public key of the exchange.
// Added in protocol v1.
exchange_master_public_key: EddsaPublicKey;
}
.. note::
This API is still experimental (and is not yet implemented at the
time of this writing).
.. _exchange_signkeys-list:
------------------------------------
Obtaining Exchange Signing Keys List
------------------------------------
This API is used by auditor to obtain a list of all exchanges signing keys to be audited.
.. http:get:: /exchange-sign-keys
Get a list of all exchange signing keys to be audited by the auditor.
**Response:**
:http:statuscode:`200 OK`:
The auditor responds with a :ts:type:`ExchangeSignKeysList` object. This request should
virtually always be successful.
**Details:**
.. ts:def:: ExchangeSignKeysList
interface ExchangeSignKeysList {
// Exchange signing keys to be audited by the auditor.
exchange-sign-key: ExchangeSignKeyEntry[];
}
.. ts:def:: ExchangeSignKeyEntry
interface ExchangeSignKeyEntry {
// Public online signing key of the exchange.
exchange_pub: EddsaPublicKey;
// Base URL of the exchange.
master_sig: EddsaSignature;
// Time when online signing key will first be use.
ep_valid_from: Timestamp;
// Time when this online signing key will no longer be used.
ep_expire_sign: Timestamp;
// Time when this online signing key legally expires.
ep_expire_legal: Timestamp;
}
.. note::
This API is still experimental (and is not yet implemented at the
time of this writing).
.. _deposit-confirmation:
---------------------
Deposit Confirmations
---------------------
Merchants should probabilistically submit some of the deposit
confirmations they receive from the exchange to auditors to ensure
that the exchange does not lie about recording deposit confirmations
with the exchange. Participating in this scheme ensures that in case
an exchange runs into financial trouble to pay its obligations, the
merchants that did participate in detecting the bad behavior can be
paid out first.
.. http:put:: /deposit-confirmation
Submits a `DepositConfirmation` to the exchange. Should succeed
unless the signature provided is invalid or the exchange is not
audited by this auditor.
**Response:**
:http:statuscode:`200 Ok`:
The auditor responds with a `DepositAudited` object.
This request should virtually always be successful.
:http:statuscode:`403 Forbidden`:
The signature on the deposit confirmation is invalid.
:http:statuscode:`410 Gone`:
The public key used to sign the deposit confirmation
was revoked.
**Details:**
.. ts:def:: DepositAudited
interface DepositAudited {
// TODO: maybe change to ``204 No content`` instead?
}
.. ts:def:: DepositConfirmation
interface DepositConfirmation {
// Hash over the contract for which this deposit is made.
h_contract_terms: HashCode;
// Hash over the extensions.
h_extensions: HashCode;
// Hash over the wiring information of the merchant.
h_wire: HashCode;
// Time when the deposit confirmation confirmation was generated.
timestamp: Timestamp;
// How much time does the merchant have to issue a refund
// request? Zero if refunds are not allowed.
refund_deadline: Timestamp;
// By what time does the exchange have to wire the funds?
wire_deadline: Timestamp;
// Amount to be deposited, excluding fee. Calculated from the
// amount with fee and the fee from the deposit request.
amount_without_fee: Amount;
// Array of public keys of the deposited coins.
coin_pubs: EddsaPublicKey[];
// Array of deposit signatures of the deposited coins.
// Must have the same length as ``coin_pubs``.
coin_sigs: EddsaSignature[];
// The Merchant's public key. Allows the merchant to later refund
// the transaction or to inquire about the wire transfer identifier.
merchant_pub: EddsaPublicKey;
// Signature from the exchange of type
// ``TALER_SIGNATURE_EXCHANGE_CONFIRM_DEPOSIT``.
exchange_sig: EddsaSignature;
// Public signing key from the exchange matching ``exchange_sig``.
exchange_pub: EddsaPublicKey;
// Master public key of the exchange corresponding to ``master_sig``.
// Identifies the exchange this is about.
// @deprecated since v1 (now ignored, global per auditor)
master_pub: EddsaPublicKey;
// When does the validity of the exchange_pub end?
ep_start: Timestamp;
// When will the exchange stop using the signing key?
ep_expire: Timestamp;
// When does the validity of the exchange_pub end?
ep_end: Timestamp;
// Exchange master signature over ``exchange_sig``.
master_sig: EddsaSignature;
}
.. note::
This API is still experimental (and is not yet implemented at the
time of this writing). A key open question is whether the auditor
should sign the response information.
This API is used by the auditor to obtain a list of all deposit confirmations that the auditor
did not receive by the exchange, only by the merchant.
.. http:get:: /deposit-confirmation
Get a list of all deposit confirmations that were not received by the auditor from the exchange to be manually audited.
**Response:**
:http:statuscode:`200 OK`:
The auditor responds with a :ts:type:`DepositConfirmationList` object.
:http:statuscode:`204 No Content`:
No missing deposit confirmations found.
**Details:**
.. ts:def:: DepositConfirmationList
interface DepositConfirmationList {
// Deposit confirmations to be audited.
deposit-confirmations: DepositConfirmation[];
}
.. ts:def:: DepositConfirmation
interface DepositConfirmation {
// Database row id of entry
row_id: Integer;
// Time when the deposit confirmation confirmation was generated.
timestamp: Timestamp;
// How much time does the merchant have to issue a refund
// request? Zero if refunds are not allowed.
refund_deadline: Timestamp;
// By what time does the exchange have to wire the funds?
wire_deadline: Timestamp;
// Amount to be deposited, excluding fee. Calculated from the
// amount with fee and the fee from the deposit request.
amount_without_fee: Amount;
}
.. note::
This API is still experimental (and is not yet implemented at the
time of this writing).
This API is used by the auditor to delete an audited deposit confirmation.
.. http:delete:: /deposit-confirmation/$SERIAL_ID
Delete deposit confirmation entry with given serial_id.
**Response:**
:http:statuscode:`204 No content`:
The deposit confirmation was deleted.
:http:statuscode:`401 Unauthorized`:
Unauthorized request.
:http:statuscode:`404 Not found`:
The deposit confirmation was unknown.
.. note::
This API is still experimental (and is not yet implemented at the
time of this writing).
.. balances-list:
----------------------------------
Obtaining list of auditor balances
----------------------------------
This API is used to obtain a list of all the balances that are stored by the auditor.
.. http:get:: /balances
Get a list of all balances stored by the auditor.
**Response:**
:http:statuscode:`200 OK`:
The auditor responds with a :ts:type:`BalanceList` object.
:http:statuscode:`409 Conflict`:
Balance missing or other error occured.
**Details:**
.. ts:def:: BalanceList
interface BalanceList {
// Total amount reported
auditor_total_reported_balance: Amount;
// Amount potentially missing
auditor_missing_balance: Amount;
//...
}
.. note::
This API is still experimental (and is not yet implemented at the
time of this writing). The API will be further developed as needed.
.. denominations-pending-list:
---------------------------------------
Obtaining list of pending denominations
---------------------------------------
This API is used by the auditor to obtain a list of pending denominations
.. http:get:: /pending-denominations
Get a list of all pending denominations.
**Response:**
:http:statuscode:`200 OK`:
The auditor responds with a :ts:type:`PendingDenominationList` object.
:http:statuscode:`204 No content`:
No pending demoninations found.
**Details:**
.. ts:def:: PendingDenominationList
interface PendingDenominationList {
// PendingDenominationList of the auditor.
pending_denomination: PendingDenomination[];
}
.. ts:def:: PendingDenomination
interface PendingDenomination {
// Balance of denomination.
denom_balance: Amount;
// Amount that was lost due to failures by the exchange.
denom_loss: Amount;
// Amount at risk of loss due to recoup operations.
denom_risk: Amount;
// Amount actually lost due to recoup operations after a revocation.
recoup_loss: Amount;
}
.. note::
This API is still experimental (and is not yet implemented at the
time of this writing).
----------
Complaints
----------
This API is used by the wallet or merchants to submit proof of
misbehavior of an exchange to the auditor.
.. note::
To be designed and implemented.
.. http:put:: /complain
Complain about misbehavior to the auditor.
|
