path: root/doc/system/taler/design.tex
diff options
authorJonathan Buchanan <>2020-07-13 17:32:34 -0400
committerJonathan Buchanan <>2020-07-13 17:37:24 -0400
commitc673caba121d5e0c51fc844536d9996dfb939d05 (patch)
tree51107297632668175f5c07eeb64bf56c1f7a5e87 /doc/system/taler/design.tex
parent8147661f94b31710393e4695b78fe54864a2c3e7 (diff)
parent8533efdcd7d86e8e6eec1251bbd252996c64b393 (diff)
Merge branch 'master' of ssh:// into HEAD
Diffstat (limited to 'doc/system/taler/design.tex')
1 files changed, 8 insertions, 4 deletions
diff --git a/doc/system/taler/design.tex b/doc/system/taler/design.tex
index d78acac1..3590b8fb 100644
--- a/doc/system/taler/design.tex
+++ b/doc/system/taler/design.tex
@@ -155,7 +155,7 @@ state is in a double-circle. A reserve is first {\em filled} by a wire
transfer. The amount in it is reduced by withdraw operations. If the balance
reaches zero, the reserve is {\em drained}. If a reserve is not drained after
a certain amount of time, it is automatically closed. A reserve can also be
-filled via a recoup action (see Section~\ref{sec:revocation-recoup}) in case
+{\em refilled} via a recoup action (see Section~\ref{sec:revocation-recoup}) in case
that the denomination of an unspent coin that was withdrawn from the reserve
is revoked.
@@ -446,8 +446,10 @@ these additional mitigations might not even be justified considering their addit
The auditor is a component of GNU Taler which would typically be deployed by a
financial regulator, fulfilling the following functionality:
\item It regularly examines the exchange's database and
bank transaction history to detect discrepancies.
@@ -662,6 +664,7 @@ in~\cite{fc2014murdoch}. In particular, in providing the cryptographic proofs
as evidence none of the participants have to disclose their core secrets.
\subsection{Perfect Crime Scenarios}\label{sec:design:blackmailing}
GNU Taler can be slightly modified to thwart blackmailing or kidnapping
attempts by criminals who intend to use the anonymity properties of the system
and demand to be paid ransom in anonymous e-cash.
@@ -727,8 +730,9 @@ the {\em withdraw} protocol or the refresh protocol. The most common scenario
is that the {\em fresh coin} is {\em deposited}. This payment creates a
deposit (see Figure~\ref{fig:deposit:states}) and either a {\em dirty coin}
(if the payment was for a fraction of the coin's value) or a {\em spent coin}.
-A spent coin can be {\em refunded} by the merchant (until the deposit is due),
-creating a {\em dirty coin}.
+A spent coin can be {\em refunded} by the merchant, creating a {\em dirty
+ coin}. Once the exchange has aggregated a coin and wired the amount to the
+merchant, a coin can no longer be refunded.
A {\em fresh coin} may also be subject to key {\em revocation}, at which point
the wallet ends up with a {\em revoked coin}. At this point, the wallet can
@@ -754,7 +758,7 @@ when the committment made for the {\em refresh session} is checked during the
- \includegraphics[scale=0.75]{taler/coin.pdf}
+ \includegraphics[scale=0.65]{taler/coin.pdf}
\caption{State machine of a coin.}