[doc] thesis adapt overview

3 files changed, 116 insertions, 10 deletions

diff --git a/doc/thesis/chapters/crypto/crypto.tex b/doc/thesis/chapters/crypto/crypto.tex
index e69de29..c6a305d 100644
--- a/doc/thesis/chapters/crypto/crypto.tex
+++ b/doc/thesis/chapters/crypto/crypto.tex
@@ -0,0 +1 @@
+\section{blinded signatures}
diff --git a/doc/thesis/chapters/overview/overview.tex b/doc/thesis/chapters/overview/overview.tex
index 7eede74..c7dfe1d 100644
--- a/doc/thesis/chapters/overview/overview.tex
+++ b/doc/thesis/chapters/overview/overview.tex
@@ -1,13 +1,5 @@
 \section{The Concept}
-For the Donau to work there needs to be one or more charities and donors. The Donau is operated by the tax authority while maintaining a list of verified charites the donor can donate money to. Each charity maintains a backend solution that allows it to communicate with the Donau and donor. When donating to a charity the donor sends the payment together with a signing request (done automatically with the payment) to the charity. The charity must verify that the payment was successful and the amount written in the signing request is lower or equal the amount donated. Next, the charity signs this request and forwards it to the Donau which issues the actual donation receipts. This is different from the current model where the charity issues these receipts. By shifting this task to the Donau the receipts can easily be verified and unlinking the donor from the charity which in turn provides anonymity for the donor.
-
-Upon receiving the signed signing request from the charity, the Donau must verify the charity signature and check for any legal restrictions imposed by law, such as a yearly donation limit. After successful verification the Donau creates a donation receipt which is sent to the Donor. The receipt gets saved on the donors device for later. This process repeats for every donation. At the end of the year the donor may have accumulated a bunch of these donation receipts.
-
-When it is time for the tax declaration (usually at the end of the year) the donor has to request a final statement from the Donau, summarizing all the donation receipts in a single donation statement in the form of a QR-Code. This step not only protects the privacy of the donor by combining the amounts of the donation receipts in a single total amount but also makes it easier for the tax authority to then verify the donation by checking a single QR-Code which is seperate. The donation statement can be requested multiple times during the year for save keeping (e.g by printing out the QR-Code). The latest donation statements will contain both the old receipts (from a previous statement) and the new donation receipts. All the donor has to do is to send the donation statement or multiple (only the latest one counts though) to the tax authority (e.g. together with the other tax documents needed for the tax declaration). The final check is made by the tax authority, by checking the QR-Code (the donation statement). If valid this is proof that the donor indeed has donated the amount claimed.
-
-The tax authority will not have any information to what charity the donor has donated money. All that the tax authority knows is that the donation was made to one of the approved charites and the total amount of all donations made throughout the year. This way the donor could make an anonymous donation and still have enough proof to deduct the amount form taxes. By keeping track of how much money a charity has received in donations per year and how much a donor has donated throughout the year, tax fraud is essentially eliminated.
-
-% TODO: explain figure, more details like blind signatures?
+The Donau\footnote{short for donation authority} environment includes three stakeholders. Donors, charities and the tax authority. The Donau server itself is operated by the tax authority while maintaining a list of verified charities. Each charity maintains a backend solution that allows it to communicate with the Donau and the donors. See Figure \ref{fig:stakeholders} \pageref{fig:stakeholders}
 
 \begin{figure}[ht]
 \begin{center}
@@ -32,7 +24,120 @@ The tax authority will not have any information to what charity the donor has do
 \caption{stakeholders} \label{fig:stakeholders}
 \end{figure}
 
+\subsection{Issuing Donation Receipts}
+When donating to a charity the donor sends the payment together with a receipt request to the charity. In order to link the donation to the donor so that the donation receipt cannot be used by someone else, the donor's unique tax identification number is part of the receipt request. The tax id number does not cause a problem for anonymity as the hole receipt with the id number is blinded (see section 2.x). In the picture \ref{fig:issue receipt request} \pageref{fig:issue receipt request} the blinded receipt is illustrated as envelope. The charity must verify if the payment was successful and if the amount written in the receipt request is lower or equal the amount donated. Next, if the charity approves the receipt request, it signs the untouched request and forwards the request to the Donau. The Donau accepts only issue requests from verified charities. If this is the case, the Donau issues the actual donation receipt by signing the request. This is different from the current model where the charity issues the receipt. By shifting this task to the Donau the receipts can easily be verified and unlinks the donor from the charity which in turn provides anonymity for the donor opposite the Donau in this first step of issuing receipts.
+
+\begin{figure}[ht]
+\begin{center}
+  \begin{tikzpicture}
+    \node (image) at (0,0) {\includegraphics[width=0.1\textwidth]{stickman}};
+    \draw [-latex] (1,0) -- (4,0);
+    \node (image) at (2,0.5) {\includegraphics[width=0.08\textwidth]{letter}};
+    \node at (2,0.5) {\Large{5}};
+    \node (image) at (3.2,0.4) {\includegraphics[width=0.05\textwidth]{coins}};
+    \node (image) at (5.3,0) {\includegraphics[width=0.15\textwidth]{charity}};
+    \draw [-latex] (6.5,0) -- (9.5,0);
+    \node (image) at (8,0.5) {\includegraphics[width=0.08\textwidth]{letter}};
+    \node (image) at (8,0.5) {\includegraphics[width=0.05\textwidth]{blue_wax}};
+    \node at (8,0.5) {\Large{5}};
+    \node (image) at (11,0) {
+    \includegraphics[width=0.12\textwidth]{servers}};
+    \node at (11,-1.2) {Donau};
+  \end{tikzpicture} \vspace{0.4cm}
+\end{center}
+\caption{issue receipt request} \label{fig:issue receipt request}
+\end{figure}
+
+Upon receiving the signed issue request from the charity, the Donau must verify the charity signature and check for any legal restrictions, such as a yearly donation limit \textbf{source!}. After successful verification the Donau creates a blinded donation receipt which is sent via charity to the Donor (see figure: \ref{fig:issue receipt response} \pageref{fig:issue receipt response}). The donor now unblinds the signature from the Donau to make it valid for the unblinded receipt (see section 2.x). The unblinded receipt gets saved on the donors device for later. This process repeats for every donation. At the end of the year the donor may have accumulated a bunch of these donation receipts.
+
+\begin{figure}[ht]
+\begin{center}
+  \begin{tikzpicture}
+    \node (image) at (0,0) {\includegraphics[width=0.1\textwidth]{stickman}};
+    \draw [-latex] (4,0) -- (1,0);
+    \node (image) at (2.5,-0.5) {\includegraphics[width=0.08\textwidth]{letter}};
+    \node (image) at (2.5,-0.5) {\includegraphics[width=0.05\textwidth]{red_wax}};
+    \node at (2.5,-0.5) {\large{5}};
+    \node (image) at (5.3,0) {\includegraphics[width=0.15\textwidth]{charity}};
+    \draw [-latex] (9.5,0) -- (6.5,0);
+    \node (image) at (8,-0.5) {\includegraphics[width=0.08\textwidth]{letter}};
+    \node (image) at (8,-0.5) {\includegraphics[width=0.05\textwidth]{red_wax}};
+    \node at (8,-0.5) {\large{5}};
+    \node (image) at (11,0) {
+    \includegraphics[width=0.12\textwidth]{servers}};
+    \node at (11,-1.2) {Donau};
+  \end{tikzpicture} \vspace{0.4cm}
+\end{center}
+\caption{issue receipt response} \label{fig:issue receipt response}
+\end{figure}
+
+\subsection{Summarize the Receipts}
+When it is time for the tax declaration (usually at the beginning of the next year) the donor has to request a final donation statement signature from the Donau, summarizing all the donation receipts of a year (see figure: \ref{fig:summarize receipts} \pageref{fig:summarize receipts}). This step combines the amounts of the donation receipts in a single total amount. This protects the privacy of the donor because the individual donation amounts could be enough information to link with specific donations. The combination of the donation receipts makes it also easier for the manual verification besides the tax auditors. The statement signature is made besides the total amount, over the year and the tax id. The donation statement can be requested multiple times during the year for save keeping the donation receipts. The latest donation statement will always contain all the receipts of a year - the old receipts (from a previous statement) and the new donation receipts.
+
+\begin{figure}[ht]
+\begin{center}
+  \begin{tikzpicture}
+    \node (image) at (0,0) {\includegraphics[width=0.1\textwidth]{stickman}};
+    %receipt
+    \node[rectangle, text width=1.5cm, align=center,font=\tiny, draw=black!80, thick, inner sep=2pt, fill=white] at (3,0.9) {AHVN13: 7560001010000};
+    \node (image) at (3,0.9) {\includegraphics[width=0.04\textwidth]{red_wax}};
+    \node at (3,0.9) {\small{9}};
+    %receipt
+    \node[rectangle, text width=1.5cm, align=center,font=\tiny, draw=black!80, thick, inner
+    sep=2pt, fill=white] at (4,0.8) {AHVN13: 7560001010000};
+    \node (image) at (4,0.8) {\includegraphics[width=0.04\textwidth]{red_wax}};
+    \node at (4,0.8) {\small{1}};
+    %receipt
+    \node[rectangle, text width=1.5cm, align=center,font=\tiny, draw=black!80, thick, inner
+    sep=2pt, fill=white] at (5,0.7) {AHVN13: 7560001010000};
+    \node (image) at (5,0.7) {\includegraphics[width=0.04\textwidth]{red_wax}};
+    \node at (5,0.7) {\small{5}};
+    %arrows
+    \draw [-latex] (1,0.2) -- (7,0.2);
+    \draw [-latex] (7,-0.2) -- (1,-0.2);
+    %server
+    \node (image) at (8.5,0) {
+    \includegraphics[width=0.12\textwidth]{servers}};
+    \node at (8.5,-1.2) {Donau};
+    %donation statement
+    \node (image) at (4,-1) {\includegraphics[width=0.1\textwidth]{gold_wax}};
+    \node at (4,-1) {\large{15}};
+  \end{tikzpicture}\vspace{0.4cm}
+\end{center}
+\caption{summarize receipts} \label{fig:summarize receipts}
+\end{figure}
+
+\subsection{Validation}
+Once the donor has received the values, he can summarize them in a QR code. The donor must submit the QR-Code with their tax return in order to claim the donation reduction (see figure:\ref{fig:validation} \pageref{fig:validation}). The final check is made by the tax auditors, by checking the donation statement signature. If the signature is valid, this is the proof that the specified donor indeed has donated the claimed amount in the indicated year.
+
+\begin{figure}[ht]
+\begin{center}
+  \begin{tikzpicture}
+    \node (image) at (0,0) {\includegraphics[width=0.1\textwidth]{stickman}};
+    \node at (0,-1.8) {Donor};
+    %arrow
+    \draw [-latex] (1,-0.5) -- (7,-0.5);
+    %QR-Code
+    \draw (2.7,2.5) -- (3.4,0.9);
+    \draw (4.9,2.5) -- (4.2,0.9);
+    \node (image) at (3.8,2) {\includegraphics[width=0.05\textwidth]{gold_wax}};
+    \node at (3.8,2) {\small{15}};
+    \node at (3.8,2.5) {\tiny{7560001010000}};
+    \node at (3.8,1.3) {\small{2024}};
+    \node (image) at (3.8,0.2) {\includegraphics[width=0.1\textwidth]{qr-donau}};
+    %server
+    \node (image) at (8.5,0) {
+    \includegraphics[width=0.1\textwidth]{stickman}};
+    \node at (8.5,-1.8) {Tax Auditor};
+  \end{tikzpicture}\vspace{0.4cm}
+\end{center}
+\caption{validation} \label{fig:validation}
+\end{figure}
+
+The tax auditors will not have any information to what charity the donor has donated money. Everything the tax auditors know is that every donation was made to one of the approved charites in the specified year and the total amount. This way the donor could make an anonymous donation and still have enough proof to deduct the amount from taxes. By keeping track of how much money a charity has received in donations per year and how much a donor has donated throughout the year, tax fraud is essentially eliminated.
+
+
 \subsection{Incorporating the Donau}
-Each country may have different organizations recoglized as charitable, thus these countries would need to operate at least one Donau that maintains this list of recoglized charities. Ideally charities recoglized in one country are also recoglized by other countries, but this is not always the case. Charities that are not in this list need to apply to the Donau in order to become registed there as a charitable organizations. The Donau is run by the local tax authorities, accepting local currencies and the only place where donors from that region can submit their donation receipts.
+Every donor is related to only one specific Donau of his location where he is able to issue and submit donation receipts for deducting taxes. If a charity wants to be accepted in the multiple tax areas, it has to be registered by all the corresponding Donaus. To do so, the charities has to apply to the tax authority. The region for which a Donau responsible depends on the tax area of the tax authority and their reglementation of what is charitable. A Donau is maybe responsible for a geographical area like a canton, a country or even a confederation of states. Different Donaus must also be kept for different currencies, but this should not be a problem as most countries have a single currency.
 
 
diff --git a/doc/thesis/thesis.pdf b/doc/thesis/thesis.pdf
index 4561aeb..590a3c2 100644
--- a/doc/thesis/thesis.pdf
+++ b/doc/thesis/thesis.pdf