6 files changed, 593 insertions, 142 deletions
diff --git a/src/include/taler_amount_lib.h b/src/include/taler_amount_lib.h
index 8bea0256c..e64ff4d92 100644
--- a/src/include/taler_amount_lib.h
+++ b/src/include/taler_amount_lib.h
@@ -25,10 +25,27 @@
 /**
  * Number of characters (plus 1 for 0-termination) we use to
  * represent currency names (i.e. EUR, USD, etc.).  We use
- * 8 for alignment (!).
+ * 4 for alignment as 3 characters are typical and we need a
+ * 0-terminator. So do not change this.
  */
 #define TALER_CURRENCY_LEN 4
 
+/**
+ * The "fraction" value in a `struct TALER_Amount` represents which
+ * fraction of the "main" value?
+ *
+ * Note that we need sub-cent precision here as transaction fees might
+ * be that low, and as we want to support microdonations.
+ */
+#define TALER_AMOUNT_FRAC_BASE 1000000
+
+/**
+ * How many digits behind the comma are required to represent the
+ * fractional value in human readable decimal format?  Must match
+ * lg(#TALER_AMOUNT_FRAC_BASE).
+ */
+#define TALER_AMOUNT_FRAC_LEN 6
+
 
 GNUNET_NETWORK_STRUCT_BEGIN
 
@@ -41,12 +58,12 @@ struct TALER_AmountNBO
   /**
    * Value in the main currency, in NBO.
    */
-  uint32_t value;
+  uint64_t value GNUNET_PACKED;
 
   /**
    * Additinal fractional value, in NBO.
    */
-  uint32_t fraction;
+  uint32_t fraction GNUNET_PACKED;
 
   /**
    * Type of the currency being represented.
@@ -65,7 +82,7 @@ struct TALER_Amount
   /**
    * Value (numerator of fraction)
    */
-  uint32_t value;
+  uint64_t value;
 
   /**
    * Fraction (denominator of fraction)
@@ -73,7 +90,8 @@ struct TALER_Amount
   uint32_t fraction;
 
   /**
-   * Currency string, left adjusted and padded with zeros.
+   * Currency string, left adjusted and padded with zeros.  All zeros
+   * for "invalid" values.
    */
   char currency[TALER_CURRENCY_LEN];
 };
@@ -93,81 +111,122 @@ TALER_string_to_amount (const char *str,
 
 
 /**
+ * Get the value of "zero" in a particular currency.
+ *
+ * @param cur currency description
+ * @param denom denomination to write the result to
+ * @return #GNUNET_OK if @a cur is a valid currency specification,
+ *         #GNUNET_SYSERR if it is invalid.
+ */
+int
+TALER_amount_get_zero (const char *cur,
+                       struct TALER_Amount *denom);
+
+
+/**
  * Convert amount from host to network representation.
  *
+ * @param res where to store amount in network representation
  * @param d amount in host representation
- * @return amount in network representation
  */
-struct TALER_AmountNBO
-TALER_amount_hton (const struct TALER_Amount d);
+void
+TALER_amount_hton (struct TALER_AmountNBO *res,
+                   const struct TALER_Amount *d);
 
 
 /**
  * Convert amount from network to host representation.
  *
+ * @param res where to store amount in host representation
  * @param d amount in network representation
- * @return amount in host representation
  */
-struct TALER_Amount
-TALER_amount_ntoh (const struct TALER_AmountNBO dn);
+void
+TALER_amount_ntoh (struct TALER_Amount *res,
+                   const struct TALER_AmountNBO *dn);
 
 
 /**
- * Compare the value/fraction of two amounts.  Does not compare the currency,
- * i.e. comparing amounts with the same value and fraction but different
- * currency would return 0.
+ * Compare the value/fraction of two amounts.  Does not compare the currency.
+ * Comparing amounts of different currencies will cause the program to abort().
+ * If unsure, check with #TALER_amount_cmp_currency() first to be sure that
+ * the currencies of the two amounts are identical.
  *
  * @param a1 first amount
  * @param a2 second amount
  * @return result of the comparison
  */
 int
-TALER_amount_cmp (struct TALER_Amount a1,
-                  struct TALER_Amount a2);
+TALER_amount_cmp (const struct TALER_Amount *a1,
+                  const struct TALER_Amount *a2);
+
+
+/**
+ * Test if @a a1 and @a a2 are the same currency.
+ *
+ * @param a1 amount to test
+ * @param a2 amount to test
+ * @return #GNUNET_YES if @a a1 and @a a2 are the same currency
+ *         #GNUNET_NO if the currencies are different
+ *         #GNUNET_SYSERR if either amount is invalid
+ */
+int
+TALER_amount_cmp_currency (const struct TALER_Amount *a1,
+                           const struct TALER_Amount *a2);
 
 
 /**
  * Perform saturating subtraction of amounts.
  *
+ * @param diff where to store (@a a1 - @a a2), or invalid if @a a2 > @a a1
  * @param a1 amount to subtract from
  * @param a2 amount to subtract
- * @return (a1-a2) or 0 if a2>=a1
+ * @return #GNUNET_OK if the subtraction worked,
+ *         #GNUNET_NO if @a a1 = @a a2
+ *         #GNUNET_SYSERR if @a a2 > @a a1 or currencies are incompatible;
+ *                        @a diff is set to invalid
  */
-struct TALER_Amount
-TALER_amount_subtract (struct TALER_Amount a1,
-                       struct TALER_Amount a2);
+int
+TALER_amount_subtract (struct TALER_Amount *diff,
+                       const struct TALER_Amount *a1,
+                       const struct TALER_Amount *a2);
 
 
 /**
- * Perform saturating addition of amounts
+ * Perform addition of amounts.
  *
+ * @param sum where to store @a a1 + @a a2, set to "invalid" on overflow
  * @param a1 first amount to add
  * @param a2 second amount to add
- * @return sum of a1 and a2
+ * @return #GNUNET_OK if the addition worked,
+ *         #GNUNET_SYSERR on overflow
  */
-struct TALER_Amount
-TALER_amount_add (struct TALER_Amount a1,
-                  struct TALER_Amount a2);
+int
+TALER_amount_add (struct TALER_Amount *sum,
+                  const struct TALER_Amount *a1,
+                  const struct TALER_Amount *a2);
 
 
 /**
  * Normalize the given amount.
  *
- * @param amout amount to normalize
- * @return normalized amount
+ * @param amount amount to normalize
+ * @return #GNUNET_OK if normalization worked
+ *         #GNUNET_NO if value was already normalized
+ *         #GNUNET_SYSERR if value was invalid or could not be normalized
  */
-struct TALER_Amount
-TALER_amount_normalize (struct TALER_Amount amount);
+int
+TALER_amount_normalize (struct TALER_Amount *amount);
 
 
 /**
  * Convert amount to string.
  *
  * @param amount amount to convert to string
- * @return freshly allocated string representation
+ * @return freshly allocated string representation,
+ *         NULL if the @a amount was invalid
  */
 char *
-TALER_amount_to_string (struct TALER_Amount amount);
+TALER_amount_to_string (const struct TALER_Amount *amount);
 
 
 #endif
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index db663612c..3156e63ed 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -27,6 +27,263 @@
 
 /* ****************** Coin crypto primitives ************* */
 
+GNUNET_NETWORK_STRUCT_BEGIN
+
+/**
+ * Type of public keys for Taler reserves.
+ */
+struct TALER_ReservePublicKey
+{
+  /**
+   * Taler uses EdDSA for reserves.
+   */
+  struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * Type of private keys for Taler reserves.
+ */
+struct TALER_ReservePrivateKey
+{
+  /**
+   * Taler uses EdDSA for reserves.
+   */
+  struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * Type of signatures used with Taler reserves.
+ */
+struct TALER_ReserveSignature
+{
+  /**
+   * Taler uses EdDSA for reserves.
+   */
+  struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * Type of public keys to for merchant authorizations.
+ * Merchants can issue refunds using the corresponding
+ * private key.
+ */
+struct TALER_MerchantPublicKey
+{
+  /**
+   * Taler uses EdDSA for merchants.
+   */
+  struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * Type of private keys for merchant authorizations.
+ * Merchants can issue refunds using the corresponding
+ * private key.
+ */
+struct TALER_MerchantPrivateKey
+{
+  /**
+   * Taler uses EdDSA for merchants.
+   */
+  struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * Type of transfer public keys used during refresh
+ * operations.
+ */
+struct TALER_TransferPublicKey
+{
+  /**
+   * Taler uses ECDSA for transfer keys.
+   * FIXME: should this not be ECDHE?
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub;
+};
+
+
+/**
+ * Type of transfer public keys used during refresh
+ * operations.
+ */
+struct TALER_TransferPrivateKey
+{
+  /**
+   * Taler uses ECDSA for melting session keys.
+   * FIXME: should this not be ECDHE?
+   */
+  struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv;
+};
+
+
+/**
+ * Type of online public keys used by the mint to sign
+ * messages.
+ */
+struct TALER_MintPublicKey
+{
+  /**
+   * Taler uses EdDSA for online mint message signing.
+   */
+  struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * Type of online public keys used by the mint to
+ * sign messages.
+ */
+struct TALER_MintPrivateKey
+{
+  /**
+   * Taler uses EdDSA for online signatures sessions.
+   */
+  struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * Type of signatures used by the mint to sign messages online.
+ */
+struct TALER_MintSignature
+{
+  /**
+   * Taler uses EdDSA for online signatures sessions.
+   */
+  struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+/**
+ * Type of the offline master public key used by the mint.
+ */
+struct TALER_MasterPublicKey
+{
+  /**
+   * Taler uses EdDSA for the long-term offline master key.
+   */
+  struct GNUNET_CRYPTO_EddsaPublicKey eddsa_pub;
+};
+
+
+/**
+ * Type of the offline master public keys used by the mint.
+ */
+struct TALER_MasterPrivateKey
+{
+  /**
+   * Taler uses EdDSA for the long-term offline master key.
+   */
+  struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_priv;
+};
+
+
+/**
+ * Type of signatures by the offline master public key used by the mint.
+ */
+struct TALER_MasterSignature
+{
+  /**
+   * Taler uses EdDSA for the long-term offline master key.
+   */
+  struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
+};
+
+
+
+/**
+ * Type of public keys for Taler coins.
+ */
+struct TALER_CoinSpendPublicKey
+{
+  /**
+   * Taler uses ECDSA for coins.
+   */
+  struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_pub;
+};
+
+
+/**
+ * Type of private keys for Taler coins.
+ */
+struct TALER_CoinSpendPrivateKey
+{
+  /**
+   * Taler uses ECDSA for coins.
+   */
+  struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_priv;
+};
+
+
+/**
+ * Type of signatures made with Taler coins.
+ */
+struct TALER_CoinSpendSignature
+{
+  /**
+   * Taler uses ECDSA for coins.
+   */
+  struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature;
+};
+
+
+GNUNET_NETWORK_STRUCT_END
+
+
+
+/**
+ * Type of blinding keys for Taler.
+ */
+struct TALER_DenominationBlindingKey
+{
+  /**
+   * Taler uses RSA for blinding.
+   */
+  struct GNUNET_CRYPTO_rsa_BlindingKey *rsa_blinding_key;
+};
+
+
+/**
+ * Type of (unblinded) coin signatures for Taler.
+ */
+struct TALER_DenominationSignature
+{
+  /**
+   * Taler uses RSA for blinding.
+   */
+  struct GNUNET_CRYPTO_rsa_Signature *rsa_signature;
+};
+
+
+/**
+ * Type of public signing keys for verifying blindly signed coins.
+ */
+struct TALER_DenominationPublicKey
+{
+  /**
+   * Taler uses RSA for signing coins.
+   */
+  struct GNUNET_CRYPTO_rsa_PublicKey *rsa_public_key;
+};
+
+
+/**
+ * Type of private signing keys for blind signing of coins.
+ */
+struct TALER_DenominationPrivateKey
+{
+  /**
+   * Taler uses RSA for signing coins.
+   */
+  struct GNUNET_CRYPTO_rsa_PrivateKey *rsa_private_key;
+};
+
+
 /**
  * Public information about a coin (including the public key
  * of the coin, the denomination key and the signature with
@@ -37,19 +294,19 @@ struct TALER_CoinPublicInfo
   /**
    * The coin's public key.
    */
-  struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
+  struct TALER_CoinSpendPublicKey coin_pub;
 
   /**
    * Public key representing the denomination of the coin
    * that is being deposited.
    */
-  struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub;
+  struct TALER_DenominationPublicKey denom_pub;
 
   /**
    * (Unblinded) signature over @e coin_pub with @e denom_pub,
    * which demonstrates that the coin is valid.
    */
-  struct GNUNET_CRYPTO_rsa_Signature *denom_sig;
+  struct TALER_DenominationSignature denom_sig;
 };
 
 
@@ -68,6 +325,9 @@ TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info);
 
 /* ****************** Refresh crypto primitives ************* */
 
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
 /**
  * Secret used to decrypt the key to decrypt link secrets.
  */
@@ -107,45 +367,48 @@ struct TALER_EncryptedLinkSecret
 
 
 /**
- * Representation of an encrypted refresh link.
+ * Representation of an refresh link in cleartext.
  */
-struct TALER_RefreshLinkEncrypted
+struct TALER_RefreshLinkDecrypted
 {
 
   /**
-   * Encrypted blinding key with @e blinding_key_enc_size bytes,
-   * must be allocated at the end of this struct.
-   */
-  const char *blinding_key_enc;
-
-  /**
-   * Number of bytes in @e blinding_key_enc.
+   * Private key of the coin.
    */
-  size_t blinding_key_enc_size;
+  struct TALER_CoinSpendPrivateKey coin_priv;
 
   /**
-   * Encrypted private key of the coin.
+   * Blinding key.
    */
-  char coin_priv_enc[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)];
+  struct TALER_DenominationBlindingKey blinding_key;
 
 };
 
 
+GNUNET_NETWORK_STRUCT_END
+
+
 /**
- * Representation of an refresh link in cleartext.
+ * Representation of an encrypted refresh link.
  */
-struct TALER_RefreshLinkDecrypted
+struct TALER_RefreshLinkEncrypted
 {
 
   /**
-   * Private key of the coin.
+   * Encrypted blinding key with @e blinding_key_enc_size bytes,
+   * must be allocated at the end of this struct.
+   */
+  const char *blinding_key_enc;
+
+  /**
+   * Number of bytes in @e blinding_key_enc.
    */
-  struct GNUNET_CRYPTO_EcdsaPrivateKey coin_priv;
+  size_t blinding_key_enc_size;
 
   /**
-   * Blinding key with @e blinding_key_enc_size bytes.
+   * Encrypted private key of the coin.
    */
-  struct GNUNET_CRYPTO_rsa_BlindingKey *blinding_key;
+  char coin_priv_enc[sizeof (struct TALER_CoinSpendPrivateKey)];
 
 };
 
diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h
index ffa440d56..c5515966f 100644
--- a/src/include/taler_json_lib.h
+++ b/src/include/taler_json_lib.h
@@ -39,7 +39,7 @@
  * @return a json object describing the amount
  */
 json_t *
-TALER_JSON_from_amount (struct TALER_Amount amount);
+TALER_JSON_from_amount (const struct TALER_Amount *amount);
 
 
 /**
@@ -77,6 +77,26 @@ TALER_JSON_from_ecdsa_sig (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpo
 
 
 /**
+ * Convert RSA public key to JSON.
+ *
+ * @param pk public key to convert
+ * @return corresponding JSON encoding
+ */
+json_t *
+TALER_JSON_from_rsa_public_key (struct GNUNET_CRYPTO_rsa_PublicKey *pk);
+
+
+/**
+ * Convert RSA signature to JSON.
+ *
+ * @param sig signature to convert
+ * @return corresponding JSON encoding
+ */
+json_t *
+TALER_JSON_from_rsa_signature (struct GNUNET_CRYPTO_rsa_Signature *sig);
+
+
+/**
  * Convert binary data to a JSON string
  * with the base32crockford encoding.
  *
diff --git a/src/include/taler_mint_service.h b/src/include/taler_mint_service.h
index f300a5cfb..30aaad38e 100644
--- a/src/include/taler_mint_service.h
+++ b/src/include/taler_mint_service.h
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2014 Christian Grothoff (and other contributing authors)
+  Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors)
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU Affero General Public License as published by the Free Software
@@ -42,7 +42,7 @@ struct TALER_MINT_SigningPublicKey
   /**
    * The signing public key
    */
-  struct GNUNET_CRYPTO_EddsaPublicKey key;
+  struct TALER_MintPublicKey key;
 
   /**
    * Validity start time
@@ -64,7 +64,7 @@ struct TALER_MINT_DenomPublicKey
   /**
    * The public key
    */
-  struct GNUNET_CRYPTO_rsa_PublicKey *key;
+  struct TALER_DenominationPublicKey key;
 
   /**
    * Timestamp indicating when the denomination key becomes valid
@@ -132,7 +132,7 @@ TALER_MINT_cleanup (struct TALER_MINT_Context *ctx);
  * @param hostname the hostname of the mint
  * @param port the point where the mint's HTTP service is running.  If port is
  *             given as 0, ports 80 or 443 are chosen depending on @a url.
- * @param mint_key the public key of the mint.  This is used to verify the
+ * @param master_key the public master key of the mint.  This is used to verify the
  *                 responses of the mint.
  * @return the mint handle; NULL upon error
  */
@@ -140,7 +140,7 @@ struct TALER_MINT_Handle *
 TALER_MINT_connect (struct TALER_MINT_Context *ctx,
                     const char *hostname,
                     uint16_t port,
-                    struct GNUNET_CRYPTO_EddsaPublicKey *mint_key);
+                    const struct TALER_MasterPublicKey *master_key);
 
 /**
  * Disconnect from the mint
@@ -282,15 +282,15 @@ struct TALER_MINT_DepositHandle *
 TALER_MINT_deposit_submit_json_ (struct TALER_MINT_Handle *mint,
                                  TALER_MINT_DepositResultCallback *cb,
                                  void *cls,
-                                 struct GNUNET_CRYPTO_EddsaPublicKey *coin_pub,
-                                 struct TALER_BLIND_SigningPublicKey *denom_pub,
+                                 const struct TALER_CoinPublicKey *coin_pub,
+                                 const struct TALER_BLIND_SigningPublicKey *denom_pub,
                                  struct TALER_BLIND_Signature *ubsig,
                                  uint64_t transaction_id,
                                  struct TALER_Amount *amount,
-                                 struct GNUNET_CRYPTO_EddsaPublicKey *merchant_pub,
-                                 struct GNUNET_HashCode *h_contract,
-                                 struct GNUNET_HashCode *h_wire,
-                                 struct GNUNET_CRYPTO_EddsaSignature *csig,
+                                 const struct TALER_MerchantPublicKey *merchant_pub,
+                                 const struct GNUNET_HashCode *h_contract,
+                                 const struct GNUNET_HashCode *h_wire,
+                                 const struct TALER_CoinSignature *csig,
                                  json_t *wire_obj);
 #endif
 
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index b1b578236..007a309f3 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  Copyright (C) 2014 Christian Grothoff (and other contributing authors)
+  Copyright (C) 2014, 2015 Christian Grothoff (and other contributing authors)
 
   TALER is free software; you can redistribute it and/or modify it under the
   terms of the GNU General Public License as published by the Free Software
@@ -28,10 +28,20 @@
 #ifndef TALER_SIGNATURES_H
 #define TALER_SIGNATURES_H
 
-#include <gnunet/gnunet_util_lib.h>
 #include "taler_util.h"
 
 /**
+ * Cut-and-choose size for refreshing.  Client looses the gamble (of
+ * unaccountable transfers) with probability 1/KAPPA.  Refresh cost
+ * increases linearly with KAPPA, and 3 is sufficient up to a
+ * income/sales tax of 66% of total transaction value.  As there is
+ * no good reason to change this security parameter, we declare it
+ * fixed and part of the protocol.
+ */
+#define KAPPA 3
+
+
+/**
  * Purpose for signing public keys signed
  * by the mint master key.
  */
@@ -62,28 +72,21 @@
 #define TALER_SIGNATURE_REFRESH_MELT_COIN 5
 
 /**
- * Signature where the refresh session confirms
- * the commits.
- */
-#define TALER_SIGNATURE_REFRESH_MELT_SESSION 6
-
-/**
  * Signature where the mint (current signing key)
  * confirms the no-reveal index for cut-and-choose and
  * the validity of the melted coins.
  */
-#define TALER_SIGNATURE_REFRESH_MELT_RESPONSE 7
+#define TALER_SIGNATURE_REFRESH_MELT_RESPONSE 6
 
 /**
- * Signature where coins confirm that they want
- * to be melted into a certain session.
+ * Signature where the Mint confirms a deposit request.
  */
-#define TALER_SIGNATURE_REFRESH_MELT_CONFIRM 9
+#define TALER_SIGNATURE_MINT_DEPOSIT 7
 
 /**
- * Signature where the Mint confirms a deposit request.
+ * Signature where the Mint confirms the full /keys response set.
  */
-#define TALER_SIGNATURE_MINT_DEPOSIT 10
+#define TALER_SIGNATURE_KEYS_SET 8
 
 
 /***********************/
@@ -129,7 +132,16 @@ struct TALER_WithdrawRequest
    * Reserve public key (which reserve to withdraw from).  This is
    * the public key which must match the signature.
    */
-  struct GNUNET_CRYPTO_EddsaPublicKey reserve_pub;
+  struct TALER_ReservePublicKey reserve_pub;
+
+  /**
+   * Value of the coin being minted (matching the denomination key)
+   * plus the transaction fee.  We include this in what is being
+   * signed so that we can verify a reserve's remaining total balance
+   * without needing to access the respective denomination key
+   * information each time.
+   */
+  struct TALER_AmountNBO amount_with_fee;
 
   /**
    * Hash of the denomination public key for the coin that is withdrawn.
@@ -171,14 +183,16 @@ struct TALER_DepositRequest
   uint64_t transaction_id GNUNET_PACKED;
 
   /**
-   * Amount to be deposited.
+   * Amount to be deposited, including fee.
    */
-  struct TALER_AmountNBO amount;
+  struct TALER_AmountNBO amount_with_fee;
+  /* FIXME: we should probably also include the value of
+     the depositing fee here as well! */
 
   /**
    * The coin's public key.
    */
-  struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
+  struct TALER_CoinSpendPublicKey coin_pub;
 
 };
 
@@ -211,19 +225,22 @@ struct TALER_DepositConfirmation
   uint64_t transaction_id GNUNET_PACKED;
 
   /**
-   * Amount to be deposited.
+   * Amount to be deposited, including fee.
    */
-  struct TALER_AmountNBO amount;
+  struct TALER_AmountNBO amount_with_fee;
+
+  /* FIXME: we should probably also include the value of
+     the depositing fee here as well! */
 
   /**
    * The coin's public key.
    */
-  struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
+  struct TALER_CoinSpendPublicKey coin_pub;
 
   /**
    * The Merchant's public key.
    */
-  struct GNUNET_CRYPTO_EddsaPublicKey merchant;
+  struct TALER_MerchantPublicKey merchant;
 
 };
 
@@ -240,51 +257,27 @@ struct RefreshMeltCoinSignature
   struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
 
   /**
-   * Which melting operation should the coin become a part of.
-   */
-  struct GNUNET_HashCode melt_hash;
-
-  /**
-   * How much of the value of the coin should be melted?
-   * This amount includes the fees, so the final amount contributed
-   * to the melt is this value minus the fee for melting the coin.
-   */
-  struct TALER_AmountNBO amount;
-
-  /**
-   * The coin's public key.
-   */
-  struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub;
-};
-
-
-/**
- * Message signed by a coin to indicate that the coin should
- * be melted.
- */
-struct RefreshMeltSessionSignature
-{
-  /**
-   * Purpose is #TALER_SIGNATURE_REFRESH_MELT_SESSION
+   * Which melting session should the coin become a part of.
    */
-  struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
+  struct GNUNET_HashCode session_hash;
 
   /**
-   * Which melting operation should the coin become a part of.
+   * How much of the value of the coin should be melted?  This amount
+   * includes the fees, so the final amount contributed to the melt is
+   * this value minus the fee for melting the coin.  We include the
+   * fee in what is being signed so that we can verify a reserve's
+   * remaining total balance without needing to access the respective
+   * denomination key information each time.
    */
-  struct GNUNET_HashCode melt_hash;
+  struct TALER_AmountNBO amount_with_fee;
 
-  /**
-   * Public key of the refresh session for which
-   * @e melt_client_signature must be a valid signature.
-   */
-  struct GNUNET_CRYPTO_EddsaPublicKey session_key;
+  /* FIXME: we should probably also include the value of
+     the melting fee here as well! */
 
   /**
-   * What is the total value of the coins created during the
-   * refresh, excluding fees?
+   * The coin's public key.
    */
-  struct TALER_AmountNBO amount;
+  struct TALER_CoinSpendPublicKey coin_pub;
 };
 
 
@@ -314,57 +307,147 @@ struct RefreshMeltResponseSignatureBody
 
 
 /**
- * Message signed by the client requesting the final
- * result of the melting operation.
+ * Information about a signing key of the mint.  Signing keys are used
+ * to sign mint messages other than coins, i.e. to confirm that a
+ * deposit was successful or that a refresh was accepted.
  */
-struct RefreshMeltConfirmSignRequestBody
+struct TALER_MINT_SignKeyIssue
 {
   /**
-   * Purpose is #TALER_SIGNATURE_REFRESH_MELT_CONFIRM.
+   * Signature over the signing key (by the master key of the mint).
+   */
+  struct TALER_MasterSignature signature;
+
+  /**
+   * Purpose is #TALER_SIGNATURE_MASTER_SIGNKEY.
    */
   struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
 
   /**
-   * FIXME.
+   * Master public key of the mint corresponding to @e signature.
+   * This is the long-term offline master key of the mint.
+   */
+  struct TALER_MasterPublicKey master_pub;
+
+  /**
+   * When does this signing key begin to be valid?
    */
-  struct GNUNET_CRYPTO_EddsaPublicKey session_pub;
+  struct GNUNET_TIME_AbsoluteNBO start;
+
+  /**
+   * When does this signing key expire? Note: This is
+   * currently when the Mint will definitively stop using it.
+   * This does not mean that all signatures with tkey key are
+   * afterwards invalid.
+   */
+  struct GNUNET_TIME_AbsoluteNBO expire;
+
+  /**
+   * The public online signing key that the mint will use
+   * between @e start and @e expire.
+   */
+  struct TALER_MintPublicKey signkey_pub;
 };
 
 
 /**
- * FIXME
+ * Signature made by the mint over the full set of keys, used
+ * to detect cheating mints that give out different sets to
+ * different users.
  */
-struct TALER_MINT_SignKeyIssue
+struct TALER_MINT_KeySetSignature
 {
-  struct GNUNET_CRYPTO_EddsaSignature signature;
+
+  /**
+   * Purpose is #TALER_SIGNATURE_KEYS_SET
+   */
   struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-  struct GNUNET_CRYPTO_EddsaPublicKey master_pub;
-  struct GNUNET_TIME_AbsoluteNBO start;
-  struct GNUNET_TIME_AbsoluteNBO expire;
-  struct GNUNET_CRYPTO_EddsaPublicKey signkey_pub;
+
+  /**
+   * Time of the key set issue.
+   */
+  struct GNUNET_TIME_AbsoluteNBO list_issue_date;
+
+  /**
+   * Hash over the "inner" JSON with the key set.
+   */
+  struct GNUNET_HashCode hc;
 };
 
 
 /**
- * FIXME
+ * Information about a denomination key. Denomination keys
+ * are used to sign coins of a certain value into existence.
  */
 struct TALER_MINT_DenomKeyIssue
 {
-  struct GNUNET_CRYPTO_EddsaSignature signature;
+  /**
+   * Signature over this struct to affirm the validity
+   * of the key.
+   */
+  struct TALER_MasterSignature signature;
+
+  /**
+   * Purpose is #TALER_SIGNATURE_MASTER_DENOM.
+   */
   struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
-  struct GNUNET_CRYPTO_EddsaPublicKey master;
+
+  /**
+   * The long-term offline master key of the mint that was
+   * used to create @e signature.
+   */
+  struct TALER_MasterPublicKey master;
+
+  /**
+   * Start time of the validity period for this key.
+   */
   struct GNUNET_TIME_AbsoluteNBO start;
+
+  /**
+   * The mint will sign fresh coins between @e start and
+   * this time.
+   */
   struct GNUNET_TIME_AbsoluteNBO expire_withdraw;
+
+  /**
+   * Coins signed with the denomination key must be spent or refreshed
+   * between @e start and this expiration time.  After this time, the
+   * mint will refuse transactions involving this key as it will
+   * "drop" the table with double-spending information (shortly after)
+   * this time.  Note that wallets should refresh coins significantly
+   * before this time to be on the safe side.
+   */
   struct GNUNET_TIME_AbsoluteNBO expire_spend;
-  // FIXME: does not work like this:
-  struct GNUNET_CRYPTO_rsa_PublicKey * denom_pub;
+
+  /**
+   * The value of the coins signed with this denomination key.
+   */
   struct TALER_AmountNBO value;
+
+  /**
+   * The fee the mint charges when a coin of this type is withdrawn.
+   * (can be zero).
+   */
   struct TALER_AmountNBO fee_withdraw;
+
+  /**
+   * The fee the mint charges when a coin of this type is deposited.
+   * (can be zero).
+   */
   struct TALER_AmountNBO fee_deposit;
+
+  /**
+   * The fee the mint charges when a coin of this type is refreshed.
+   * (can be zero).
+   */
   struct TALER_AmountNBO fee_refresh;
-};
 
+  /**
+   * Hash code of the denomination public key.
+   */
+  struct GNUNET_HashCode denom_hash;
 
+};
 
 GNUNET_NETWORK_STRUCT_END
 
diff --git a/src/include/taler_util.h b/src/include/taler_util.h
index 74feb037a..e46583989 100644
--- a/src/include/taler_util.h
+++ b/src/include/taler_util.h
@@ -84,5 +84,31 @@ struct GNUNET_CONFIGURATION_Handle *
 TALER_config_load (const char *base_dir);
 
 
+/**
+ * Obtain denomination amount from configuration file.
+ *
+ * @param section section of the configuration to access
+ * @param option option of the configuration to access
+ * @param denom[OUT] set to the amount found in configuration
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR on error
+ */
+int
+TALER_config_get_denom (struct GNUNET_CONFIGURATION_Handle *cfg,
+                        const char *section,
+                        const char *option,
+                        struct TALER_Amount *denom);
+
+
+/**
+ * Get the path to a specific Taler installation directory or, with
+ * #GNUNET_OS_IPK_SELF_PREFIX, the current running apps installation
+ * directory.
+ *
+ * @param dirkind what kind of directory is desired?
+ * @return a pointer to the dir path (to be freed by the caller)
+ */
+char *
+TALER_OS_installation_get_path (enum GNUNET_OS_InstallationPathKind dirkind);
+
 
 #endif