-start on AML work (incomplete)

16 files changed, 228 insertions, 481 deletions

diff --git a/src/auditor/generate-auditor-basedb.conf b/src/auditor/generate-auditor-basedb.conf
index 71e76297e..4c34ad052 100644
--- a/src/auditor/generate-auditor-basedb.conf
+++ b/src/auditor/generate-auditor-basedb.conf
@@ -141,6 +141,7 @@ CONFIG = /research/taler/exchange/src/auditor/auditor-basedb.conf
 [taler]
 CURRENCY_ROUND_UNIT = TESTKUDOS:0.01
 CURRENCY = TESTKUDOS
+AML_THRESHOLD = TESTKUDOS:1000000
 
 [merchantdb-postgres]
 CONFIG = postgres:///auditor-basedb
diff --git a/src/exchange/taler-exchange-aggregator.c b/src/exchange/taler-exchange-aggregator.c
index 823326d07..af3e111dd 100644
--- a/src/exchange/taler-exchange-aggregator.c
+++ b/src/exchange/taler-exchange-aggregator.c
@@ -149,6 +149,12 @@ struct Shard
 static struct TALER_Amount currency_round_unit;
 
 /**
+ * What is the largest amount we transfer before triggering
+ * an AML check?
+ */
+static struct TALER_Amount aml_threshold;
+
+/**
  * What is the base URL of this exchange?  Used in the
  * wire transfer subjects so that merchants and governments
  * can ask for the list of aggregated deposits.
@@ -294,11 +300,20 @@ parse_aggregator_config (void)
                                  "taler",
                                  "CURRENCY_ROUND_UNIT",
                                  &currency_round_unit)) ||
-       ( (0 != currency_round_unit.fraction) &&
-         (0 != currency_round_unit.value) ) )
+       (TALER_amount_is_zero (&currency_round_unit)) )
   {
     GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
-                "Need non-zero value in section `TALER' under `CURRENCY_ROUND_UNIT'\n");
+                "Need non-zero amount in section `TALER' under `CURRENCY_ROUND_UNIT'\n");
+    return GNUNET_SYSERR;
+  }
+  if (GNUNET_OK !=
+      TALER_config_get_amount (cfg,
+                               "taler",
+                               "AML_THRESHOLD",
+                               &aml_threshold))
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Need amount in section `TALER' under `AML_THRESHOLD'\n");
     return GNUNET_SYSERR;
   }
 
@@ -525,6 +540,81 @@ kyc_satisfied (struct AggregationUnit *au_active)
 
 
 /**
+ * Function called on each @a amount that was found to
+ * be relevant for an AML check.
+ *
+ * @param cls closure with the `struct TALER_Amount *` where we store the sum
+ * @param amount encountered transaction amount
+ * @param date when was the amount encountered
+ * @return #GNUNET_OK to continue to iterate,
+ *         #GNUNET_NO to abort iteration
+ *         #GNUNET_SYSERR on internal error (also abort itaration)
+ */
+static enum GNUNET_GenericReturnValue
+sum_for_aml (
+  void *cls,
+  const struct TALER_Amount *amount,
+  struct GNUNET_TIME_Absolute date)
+{
+  struct TALER_Amount *sum = cls;
+
+  (void) date;
+  if (0 >
+      TALER_amount_add (sum,
+                        sum,
+                        amount))
+  {
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
+  }
+  return GNUNET_OK;
+}
+
+
+/**
+ * Test if AML is required for a transfer to @a h_payto.
+ *
+ * @param[in,out] au_active aggregation unit to check for
+ * @return true if AML checks are satisfied
+ */
+static bool
+aml_satisfied (struct AggregationUnit *au_active)
+{
+  enum GNUNET_DB_QueryStatus qs;
+  struct TALER_Amount total;
+
+  total = au_active->final_amount;
+  qs = db_plugin->select_aggregation_amounts_for_kyc_check (
+    db_plugin->cls,
+    &au_active->h_payto,
+    GNUNET_TIME_absolute_subtract (GNUNET_TIME_absolute_get (),
+                                   GNUNET_TIME_UNIT_MONTHS),
+    &sum_for_aml,
+    &total);
+  if (qs < 0)
+  {
+    GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
+    return false;
+  }
+  if (0 >= TALER_amount_cmp (&total,
+                             &aml_threshold))
+  {
+    /* total <= aml_threshold, do nothing */
+    return true;
+  }
+  qs = db_plugin->trigger_aml_process (db_plugin->cls,
+                                       &au_active->h_payto,
+                                       &total);
+  if (qs < 0)
+  {
+    GNUNET_break (GNUNET_DB_STATUS_SOFT_ERROR == qs);
+    return false;
+  }
+  return false;
+}
+
+
+/**
  * Perform the main aggregation work for @a au.  Expects to be in
  * a working transaction, which the caller must also ultimately commit
  * (or rollback) depending on our return value.
@@ -649,7 +739,8 @@ do_aggregate (struct AggregationUnit *au)
         TALER_amount_round_down (&au->final_amount,
                                  &currency_round_unit)) ||
        (TALER_amount_is_zero (&au->final_amount)) ||
-       (! kyc_satisfied (au)) )
+       (! kyc_satisfied (au)) ||
+       (! aml_satisfied (au)) )
   {
     GNUNET_log (GNUNET_ERROR_TYPE_INFO,
                 "Not ready for wire transfer (%d/%s)\n",
diff --git a/src/exchange/taler-exchange-httpd_batch-deposit.c b/src/exchange/taler-exchange-httpd_batch-deposit.c
index 0545c393b..d000c454f 100644
--- a/src/exchange/taler-exchange-httpd_batch-deposit.c
+++ b/src/exchange/taler-exchange-httpd_batch-deposit.c
@@ -233,9 +233,8 @@ again:
     MHD_HTTP_OK,
     GNUNET_JSON_pack_timestamp ("exchange_timestamp",
                                 bdc->exchange_timestamp),
-    GNUNET_JSON_pack_data_auto (
-      "exchange_pub",
-      &pub),
+    GNUNET_JSON_pack_data_auto ("exchange_pub",
+                                &pub),
     GNUNET_JSON_pack_array_steal ("exchange_sigs",
                                   arr));
 }
@@ -268,13 +267,12 @@ batch_deposit_transaction (void *cls,
    * insert or update the record. */
   if (dc->has_policy)
   {
-    qs = TEH_plugin->persist_policy_details (TEH_plugin->cls,
-                                             &dc->policy_details,
-                                             &dc->policy_details_serial_id,
-                                             &dc->policy_details.
-                                             accumulated_total,
-                                             &dc->policy_details.
-                                             fulfillment_state);
+    qs = TEH_plugin->persist_policy_details (
+      TEH_plugin->cls,
+      &dc->policy_details,
+      &dc->policy_details_serial_id,
+      &dc->policy_details.accumulated_total,
+      &dc->policy_details.fulfillment_state);
     if (qs < 0)
       return qs;
   }
@@ -295,9 +293,9 @@ batch_deposit_transaction (void *cls,
       deposit,
       known_coin_id,
       &dc->h_payto,
-      (dc->has_policy)
-         ?  &dc->policy_details_serial_id
-         : NULL,
+      dc->has_policy
+      ?  &dc->policy_details_serial_id
+      : NULL,
       &dc->exchange_timestamp,
       &balance_ok,
       &in_conflict);
diff --git a/src/testing/Makefile.am b/src/testing/Makefile.am
index 38a3d549f..f0dcecc9e 100644
--- a/src/testing/Makefile.am
+++ b/src/testing/Makefile.am
@@ -556,8 +556,10 @@ EXTRA_DIST = \
   test_exchange_api.conf \
   test_exchange_api-cs.conf \
   test_exchange_api-rsa.conf \
+  test_exchange_api_twisted.conf \
   test_exchange_api_twisted-cs.conf \
   test_exchange_api_twisted-rsa.conf \
+  test_exchange_api_keys_cherry_picking.conf \
   test_exchange_api_keys_cherry_picking-cs.conf \
   test_exchange_api_keys_cherry_picking-rsa.conf \
   test_exchange_api_expire_reserve_now-cs.conf \
diff --git a/src/testing/test-taler-exchange-aggregator-postgres.conf b/src/testing/test-taler-exchange-aggregator-postgres.conf
index d3c6c4f2f..eb641a265 100644
--- a/src/testing/test-taler-exchange-aggregator-postgres.conf
+++ b/src/testing/test-taler-exchange-aggregator-postgres.conf
@@ -17,6 +17,7 @@ DURATION = 14 days
 # Currency supported by the exchange (can only be one)
 CURRENCY = EUR
 CURRENCY_ROUND_UNIT = EUR:0.01
+AML_THRESHOLD = EUR:1000000
 
 [exchange]
 # The DB plugin to use
diff --git a/src/testing/test-taler-exchange-wirewatch-postgres.conf b/src/testing/test-taler-exchange-wirewatch-postgres.conf
index ae8ba2329..079de5ab9 100644
--- a/src/testing/test-taler-exchange-wirewatch-postgres.conf
+++ b/src/testing/test-taler-exchange-wirewatch-postgres.conf
@@ -17,6 +17,7 @@ DURATION = 14 days
 # Currency supported by the exchange (can only be one)
 CURRENCY = EUR
 CURRENCY_ROUND_UNIT = EUR:0.01
+AML_THRESHOLD = EUR:1000000
 
 [exchange]
 # The DB plugin to use
diff --git a/src/testing/test_auditor_api-cs.conf b/src/testing/test_auditor_api-cs.conf
index cfd1fa6cc..6c9a1e648 100644
--- a/src/testing/test_auditor_api-cs.conf
+++ b/src/testing/test_auditor_api-cs.conf
@@ -21,6 +21,7 @@ DURATION = 14 days
 # Currency supported by the exchange (can only be one)
 CURRENCY = EUR
 CURRENCY_ROUND_UNIT = EUR:0.01
+AML_THRESHOLD = EUR:1000000
 
 [auditor]
 BASE_URL = "http://localhost:8083/"
diff --git a/src/testing/test_auditor_api-rsa.conf b/src/testing/test_auditor_api-rsa.conf
index 577d9057a..f3e66763b 100644
--- a/src/testing/test_auditor_api-rsa.conf
+++ b/src/testing/test_auditor_api-rsa.conf
@@ -21,6 +21,7 @@ DURATION = 14 days
 # Currency supported by the exchange (can only be one)
 CURRENCY = EUR
 CURRENCY_ROUND_UNIT = EUR:0.01
+AML_THRESHOLD = EUR:1000000
 
 [auditor]
 BASE_URL = "http://localhost:8083/"
diff --git a/src/testing/test_exchange_api.conf b/src/testing/test_exchange_api.conf
index 74782d0a6..2224afd91 100644
--- a/src/testing/test_exchange_api.conf
+++ b/src/testing/test_exchange_api.conf
@@ -20,6 +20,7 @@ DURATION = 14 days
 # Currency supported by the exchange (can only be one)
 CURRENCY = EUR
 CURRENCY_ROUND_UNIT = EUR:0.01
+AML_THRESHOLD = EUR:1000000
 
 [auditor]
 BASE_URL = "http://localhost:8083/"
diff --git a/src/testing/test_exchange_api_keys_cherry_picking-cs.conf b/src/testing/test_exchange_api_keys_cherry_picking-cs.conf
index 751850cb2..d25ef3c00 100644
--- a/src/testing/test_exchange_api_keys_cherry_picking-cs.conf
+++ b/src/testing/test_exchange_api_keys_cherry_picking-cs.conf
@@ -1,89 +1,9 @@
 # This file is in the public domain.
 #
-[PATHS]
-# Persistent data storage for the testcase
-TALER_TEST_HOME = test_exchange_api_keys_cherry_picking_home/
-TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/${USER:-}/taler-system-runtime/
-
-# Persistent data storage
-TALER_DATA_HOME = $TALER_HOME/.local/share/taler/
-
-# Configuration files
-TALER_CONFIG_HOME = $TALER_HOME/.config/taler/
-
-# Cached data, no big deal if lost
-TALER_CACHE_HOME = $TALER_HOME/.cache/taler/
-
-[taler]
-# Currency supported by the exchange (can only be one)
-CURRENCY = EUR
+@INLINE@ test_exchange_api_keys_cherry_picking.conf
 
 [taler-exchange-secmod-cs]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-
-[taler-exchange-secmod-eddsa]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-# Reduce from 12 weeks to ensure we have multiple
-DURATION = 14 days
-
-[auditor]
-BASE_URL = "http://localhost:8083/"
-
-# HTTP port the auditor listens to
-PORT = 8083
-
-[exchange]
-# HTTP port the exchange listens to
-PORT = 8081
-
-# Master public key used to sign the exchange's various keys
-MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG
-
-# How to access our database
-DB = postgres
-
-# Base URL of the exchange. Must be set to a URL where the
-# exchange (or the twister) is actually listening.
-BASE_URL = "http://localhost:8081/"
-
-
-[exchangedb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[auditordb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[exchange-account-1]
-PAYTO_URI = "payto://x-taler-bank/localhost/42?receiver-name=42"
-
-[exchange-accountcredentials-1]
-WIRE_GATEWAY_URL = "http://localhost:9082/42/"
-
-[exchange-account-2]
-PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
-ENABLE_DEBIT = YES
-ENABLE_CREDIT = YES
-
-[exchange-accountcredentials-2]
-WIRE_GATEWAY_URL = "http://localhost:9082/2/"
-
-# Authentication information for basic authentication
-TALER_BANK_AUTH_METHOD = "basic"
-USERNAME = user
-PASSWORD = pass
-
-[bank]
-HTTP_PORT=8082
-
-[taler-exchange-secmod-cs]
-OVERLAP_DURATION = 1 s
-LOOKAHEAD_SIGN = 20 s
-
-[taler-exchange-secmod-eddsa]
 OVERLAP_DURATION = 1 s
-DURATION = 30 s
 LOOKAHEAD_SIGN = 20 s
 
 [coin_eur_1]
diff --git a/src/testing/test_exchange_api_keys_cherry_picking-rsa.conf b/src/testing/test_exchange_api_keys_cherry_picking-rsa.conf
index b9ad30549..672639b3f 100644
--- a/src/testing/test_exchange_api_keys_cherry_picking-rsa.conf
+++ b/src/testing/test_exchange_api_keys_cherry_picking-rsa.conf
@@ -1,89 +1,9 @@
 # This file is in the public domain.
 #
-[PATHS]
-# Persistent data storage for the testcase
-TALER_TEST_HOME = test_exchange_api_keys_cherry_picking_home/
-TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/${USER:-}/taler-system-runtime/
-
-# Persistent data storage
-TALER_DATA_HOME = $TALER_HOME/.local/share/taler/
-
-# Configuration files
-TALER_CONFIG_HOME = $TALER_HOME/.config/taler/
-
-# Cached data, no big deal if lost
-TALER_CACHE_HOME = $TALER_HOME/.cache/taler/
-
-[taler]
-# Currency supported by the exchange (can only be one)
-CURRENCY = EUR
+@INLINE@ test_exchange_api_keys_cherry_picking.conf
 
 [taler-exchange-secmod-rsa]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-
-[taler-exchange-secmod-eddsa]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-# Reduce from 12 weeks to ensure we have multiple
-DURATION = 14 days
-
-[auditor]
-BASE_URL = "http://localhost:8083/"
-
-# HTTP port the auditor listens to
-PORT = 8083
-
-[exchange]
-# HTTP port the exchange listens to
-PORT = 8081
-
-# Master public key used to sign the exchange's various keys
-MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG
-
-# How to access our database
-DB = postgres
-
-# Base URL of the exchange. Must be set to a URL where the
-# exchange (or the twister) is actually listening.
-BASE_URL = "http://localhost:8081/"
-
-
-[exchangedb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[auditordb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[exchange-account-1]
-PAYTO_URI = "payto://x-taler-bank/localhost/42?receiver-name=42"
-
-[exchange-accountcredentials-1]
-WIRE_GATEWAY_URL = "http://localhost:9082/42/"
-
-[exchange-account-2]
-PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
-ENABLE_DEBIT = YES
-ENABLE_CREDIT = YES
-
-[exchange-accountcredentials-2]
-WIRE_GATEWAY_URL = "http://localhost:9082/2/"
-
-# Authentication information for basic authentication
-TALER_BANK_AUTH_METHOD = "basic"
-USERNAME = user
-PASSWORD = pass
-
-[bank]
-HTTP_PORT=8082
-
-[taler-exchange-secmod-rsa]
-OVERLAP_DURATION = 1 s
-LOOKAHEAD_SIGN = 20 s
-
-[taler-exchange-secmod-eddsa]
 OVERLAP_DURATION = 1 s
-DURATION = 30 s
 LOOKAHEAD_SIGN = 20 s
 
 [coin_eur_1]
diff --git a/src/testing/test_exchange_api_keys_cherry_picking.conf b/src/testing/test_exchange_api_keys_cherry_picking.conf
new file mode 100644
index 000000000..47475ea7a
--- /dev/null
+++ b/src/testing/test_exchange_api_keys_cherry_picking.conf
@@ -0,0 +1,74 @@
+# This file is in the public domain.
+#
+[PATHS]
+# Persistent data storage for the testcase
+TALER_TEST_HOME = test_exchange_api_keys_cherry_picking_home/
+TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/${USER:-}/taler-system-runtime/
+
+# Persistent data storage
+TALER_DATA_HOME = $TALER_HOME/.local/share/taler/
+
+# Configuration files
+TALER_CONFIG_HOME = $TALER_HOME/.config/taler/
+
+# Cached data, no big deal if lost
+TALER_CACHE_HOME = $TALER_HOME/.cache/taler/
+
+[taler]
+# Currency supported by the exchange (can only be one)
+CURRENCY = EUR
+
+[taler-exchange-secmod-eddsa]
+OVERLAP_DURATION = 1 s
+DURATION = 30 s
+LOOKAHEAD_SIGN = 20 s
+
+
+[auditor]
+BASE_URL = "http://localhost:8083/"
+
+# HTTP port the auditor listens to
+PORT = 8083
+
+[exchange]
+# HTTP port the exchange listens to
+PORT = 8081
+
+# Master public key used to sign the exchange's various keys
+MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG
+
+# How to access our database
+DB = postgres
+
+# Base URL of the exchange. Must be set to a URL where the
+# exchange (or the twister) is actually listening.
+BASE_URL = "http://localhost:8081/"
+
+[exchangedb-postgres]
+CONFIG = "postgres:///talercheck"
+
+[auditordb-postgres]
+CONFIG = "postgres:///talercheck"
+
+[exchange-account-1]
+PAYTO_URI = "payto://x-taler-bank/localhost/42?receiver-name=42"
+
+[exchange-accountcredentials-1]
+WIRE_GATEWAY_URL = "http://localhost:9082/42/"
+
+[exchange-account-2]
+PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
+ENABLE_DEBIT = YES
+ENABLE_CREDIT = YES
+
+[exchange-accountcredentials-2]
+WIRE_GATEWAY_URL = "http://localhost:9082/2/"
+
+# Authentication information for basic authentication
+TALER_BANK_AUTH_METHOD = "basic"
+USERNAME = user
+PASSWORD = pass
+
+[bank]
+HTTP_PORT=8082
+
diff --git a/src/testing/test_exchange_api_twisted-cs.conf b/src/testing/test_exchange_api_twisted-cs.conf
index abb88a742..ae953e732 100644
--- a/src/testing/test_exchange_api_twisted-cs.conf
+++ b/src/testing/test_exchange_api_twisted-cs.conf
@@ -1,150 +1,4 @@
 # This file is in the public domain.
-[PATHS]
-# Persistent data storage for the testcase
-TALER_TEST_HOME = test_exchange_api_home/
-TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/${USER:-}/taler-system-runtime/
+@INLINE@ test_exchange_api-cs.conf
+@INLINE@ test_exchange_api-twisted.conf
 
-[taler-exchange-secmod-rsa]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-
-[taler-exchange-secmod-eddsa]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-# Reduce from 12 weeks to ensure we have multiple
-DURATION = 14 days
-
-[taler]
-# Currency supported by the exchange (can only be one)
-CURRENCY = EUR
-CURRENCY_ROUND_UNIT = EUR:0.01
-
-[exchange]
-# HTTP port the exchange listens to
-PORT = 8081
-
-# Master public key used to sign the exchange's various keys
-MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG
-
-# How to access our database
-DB = postgres
-
-# Base URL of the exchange ('S PROXY).  This URL is where the
-# twister listens at, so that it will be able to get all the
-# connection addressed to the exchange.  In fact, the presence
-# of the twister is 100% transparent to the test case, as it
-# only seeks the exchange/BASE_URL URL to connect to the exchange.
-BASE_URL = "http://localhost:8888/"
-
-[exchangedb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[auditor]
-BASE_URL = "http://localhost:8083/"
-PORT = 8083
-
-[auditordb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[exchange-account-1]
-# What is the URL of our account?
-PAYTO_URI = "payto://x-taler-bank/localhost/42?receiver-name=42"
-
-[exchange-accountcredentials-1]
-WIRE_GATEWAY_URL = "http://localhost:9081/42/"
-WIRE_GATEWAY_AUTH_METHOD = NONE
-
-[exchange-account-2]
-PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
-ENABLE_DEBIT = YES
-ENABLE_CREDIT = YES
-
-[exchange-accountcredentials-2]
-WIRE_GATEWAY_URL = "http://localhost:8082/2/"
-WIRE_GATEWAY_AUTH_METHOD = BASIC
-USERNAME = user
-PASSWORD = pass
-
-[bank]
-HTTP_PORT = 8082
-
-[twister]
-# HTTP listen port for twister
-HTTP_PORT = 8888
-SERVE = tcp
-
-# HTTP Destination for twister.  The test-Webserver needs
-# to listen on the port used here.  Note: no trailing '/'!
-DESTINATION_BASE_URL = "http://localhost:8081"
-
-# Control port for TCP
-# PORT = 8889
-HOSTNAME = localhost
-ACCEPT_FROM = 127.0.0.1;
-ACCEPT_FROM6 = ::1;
-
-# Control port for UNIX
-UNIXPATH = /tmp/taler-service-twister.sock
-UNIX_MATCH_UID = NO
-UNIX_MATCH_GID = YES
-
-# Launching of twister by ARM
-# BINARY = taler-service-twister
-# AUTOSTART = NO
-# FORCESTART = NO
-
-
-[coin_eur_ct_1]
-value = EUR:0.01
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.00
-fee_deposit = EUR:0.00
-fee_refresh = EUR:0.01
-fee_refund = EUR:0.01
-CIPHER = CS
-
-[coin_eur_ct_10]
-value = EUR:0.10
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-CIPHER = CS
-
-[coin_eur_1]
-value = EUR:1
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-CIPHER = CS
-
-[coin_eur_5]
-value = EUR:5
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-CIPHER = CS
-
-[coin_eur_10]
-value = EUR:10
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-CIPHER = CS
diff --git a/src/testing/test_exchange_api_twisted-rsa.conf b/src/testing/test_exchange_api_twisted-rsa.conf
index 847d9e1ce..3fd8f4ff1 100644
--- a/src/testing/test_exchange_api_twisted-rsa.conf
+++ b/src/testing/test_exchange_api_twisted-rsa.conf
@@ -1,156 +1,4 @@
 # This file is in the public domain.
-[PATHS]
-# Persistent data storage for the testcase
-TALER_TEST_HOME = test_exchange_api_home/
-TALER_RUNTIME_DIR = ${TMPDIR:-${TMP:-/tmp}}/${USER:-}/taler-system-runtime/
+@INLINE@ test_exchange_api-rsa.conf
+@INLINE@ test_exchange_api-twisted.conf
 
-[taler-exchange-secmod-rsa]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-
-[taler-exchange-secmod-eddsa]
-# Reduce from 1 year to speed up test
-LOOKAHEAD_SIGN = 24 days
-# Reduce from 12 weeks to ensure we have multiple
-DURATION = 14 days
-
-[taler]
-# Currency supported by the exchange (can only be one)
-CURRENCY = EUR
-CURRENCY_ROUND_UNIT = EUR:0.01
-
-[exchange]
-# HTTP port the exchange listens to
-PORT = 8081
-
-# Master public key used to sign the exchange's various keys
-MASTER_PUBLIC_KEY = 98NJW3CQHZQGQXTY3K85K531XKPAPAVV4Q5V8PYYRR00NJGZWNVG
-
-# How to access our database
-DB = postgres
-
-# Base URL of the exchange ('S PROXY).  This URL is where the
-# twister listens at, so that it will be able to get all the
-# connection addressed to the exchange.  In fact, the presence
-# of the twister is 100% transparent to the test case, as it
-# only seeks the exchange/BASE_URL URL to connect to the exchange.
-BASE_URL = "http://localhost:8888/"
-
-[exchangedb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[auditor]
-BASE_URL = "http://localhost:8083/"
-PORT = 8083
-
-[auditordb-postgres]
-CONFIG = "postgres:///talercheck"
-
-[exchange-account-1]
-# What is the URL of our account?
-PAYTO_URI = "payto://x-taler-bank/localhost/42?receiver-name=42"
-
-[exchange-accountcredentials-1]
-WIRE_GATEWAY_URL = "http://localhost:9081/42/"
-WIRE_GATEWAY_AUTH_METHOD = NONE
-
-[exchange-account-2]
-PAYTO_URI = "payto://x-taler-bank/localhost/2?receiver-name=2"
-ENABLE_DEBIT = YES
-ENABLE_CREDIT = YES
-
-[exchange-accountcredentials-2]
-WIRE_GATEWAY_URL = "http://localhost:8082/2/"
-WIRE_GATEWAY_AUTH_METHOD = BASIC
-USERNAME = user
-PASSWORD = pass
-
-[bank]
-HTTP_PORT = 8082
-
-[twister]
-# HTTP listen port for twister
-HTTP_PORT = 8888
-SERVE = tcp
-
-# HTTP Destination for twister.  The test-Webserver needs
-# to listen on the port used here.  Note: no trailing '/'!
-DESTINATION_BASE_URL = "http://localhost:8081"
-
-# Control port for TCP
-# PORT = 8889
-HOSTNAME = localhost
-ACCEPT_FROM = 127.0.0.1;
-ACCEPT_FROM6 = ::1;
-
-# Control port for UNIX
-UNIXPATH = /tmp/taler-service-twister.sock
-UNIX_MATCH_UID = NO
-UNIX_MATCH_GID = YES
-
-# Launching of twister by ARM
-# BINARY = taler-service-twister
-# AUTOSTART = NO
-# FORCESTART = NO
-
-
-[coin_eur_ct_1]
-value = EUR:0.01
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.00
-fee_deposit = EUR:0.00
-fee_refresh = EUR:0.01
-fee_refund = EUR:0.01
-rsa_keysize = 1024
-CIPHER = RSA
-
-
-[coin_eur_ct_10]
-value = EUR:0.10
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-rsa_keysize = 1024
-CIPHER = RSA
-
-[coin_eur_1]
-value = EUR:1
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-rsa_keysize = 1024
-CIPHER = RSA
-
-[coin_eur_5]
-value = EUR:5
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-rsa_keysize = 1024
-CIPHER = RSA
-
-[coin_eur_10]
-value = EUR:10
-duration_withdraw = 7 days
-duration_spend = 2 years
-duration_legal = 3 years
-fee_withdraw = EUR:0.01
-fee_deposit = EUR:0.01
-fee_refresh = EUR:0.03
-fee_refund = EUR:0.01
-rsa_keysize = 1024
-CIPHER = RSA
diff --git a/src/testing/test_exchange_api_twisted.conf b/src/testing/test_exchange_api_twisted.conf
new file mode 100644
index 000000000..17f8833e7
--- /dev/null
+++ b/src/testing/test_exchange_api_twisted.conf
@@ -0,0 +1,33 @@
+# This file is in the public domain.
+
+[exchange]
+# Base URL of the exchange ('S PROXY).  This URL is where the
+# twister listens at, so that it will be able to get all the
+# connection addressed to the exchange.  In fact, the presence
+# of the twister is 100% transparent to the test case, as it
+# only seeks the exchange/BASE_URL URL to connect to the exchange.
+BASE_URL = "http://localhost:8888/"
+
+[bank]
+HTTP_PORT = 8082
+
+[twister]
+# HTTP listen port for twister
+HTTP_PORT = 8888
+SERVE = tcp
+
+# HTTP Destination for twister.  The test-Webserver needs
+# to listen on the port used here.  Note: no trailing '/'!
+DESTINATION_BASE_URL = "http://localhost:8081"
+
+# Control port for TCP
+# PORT = 8889
+HOSTNAME = localhost
+ACCEPT_FROM = 127.0.0.1;
+ACCEPT_FROM6 = ::1;
+
+# Control port for UNIX
+UNIXPATH = /tmp/taler-service-twister.sock
+UNIX_MATCH_UID = NO
+UNIX_MATCH_GID = YES
+
diff --git a/src/testing/test_kyc_api.conf b/src/testing/test_kyc_api.conf
index 43f3acda4..9c0b43635 100644
--- a/src/testing/test_kyc_api.conf
+++ b/src/testing/test_kyc_api.conf
@@ -21,6 +21,7 @@ DURATION = 14 days
 # Currency supported by the exchange (can only be one)
 CURRENCY = EUR
 CURRENCY_ROUND_UNIT = EUR:0.01
+AML_THRESHOLD = EUR:1000000
 
 [auditor]
 BASE_URL = "http://localhost:8083/"