Age | Commit message (Collapse) | Author | |
---|---|---|---|
2023-10-25 | new blind signing code builds | Christian Grothoff | |
2022-06-26 | -fix misc doxygen warnings, code clean up | Christian Grothoff | |
2022-06-05 | complete P2P/W2W conflict handling, deduplicate code across handlers | Christian Grothoff | |
2022-04-05 | adapt to latest GNUnet API: GNUNET_JSON_spec_mark_optional() changed | Christian Grothoff | |
2022-03-17 | more explicit cipher usage counters | Marco Boss | |
2022-03-14 | add metrics for number of crypto operations | Marco Boss | |
2022-02-21 | -big renaming of structs for consistent naming with P suffix | Christian Grothoff | |
2022-02-18 | [age restriction] progress 15/n - melt/refresh/reveal and recoup | Özgür Kesim | |
Added age restriction support for - melt/refresh/reveal - recoup However, tests are not yet implemented for those flows. Also: minor fixes and refactoring. | |||
2022-02-16 | [age restriction] progress 14/n - withdraw and deposit | Özgür Kesim | |
Age restriction support for - withdraw is done and tested - deposit is done and tested TODOs: - melt/refresh/reveal - link ------ Added functions - TALER_age_restriction_commit - TALER_age_commitment_derive - TALER_age_commitment_hash - TALER_age_restriction_commitment_free_inside - Hash of age commitment passed around API boundaries Exchangedb adjustments for denominations - all prepared statements re: denominations now handle age_mask - signature parameters adjusted Hash and signature verification of /keys adjusted - Hashes of (normal) denominations and age-restricted denominations are calculated seperately - The hash of the age-restricted ones will then be added to the other hash - The total hash is signed/verified Tests for withdraw with age restriction added - TALER_EXCHANGE_DenomPublickey now carries age_mask - TALER_TESTING_cmd_withdraw_amount* takes age parameter - TALER_TESTING_find_pk takes boolean age_restricted - WithdrawState carries age_commitment and its hash - withdraw_run derives new age commitment, if applicable - Added age parameter to testing (13 as example) Various Fixes and changes - Fixes of post handler for /management/extensions - Fixes for offline tool extensions signing - Slight refactoring of extensions - Age restriction extension simplified - config is now global to extension - added global TEH_age_restriction_enabled and TEH_age_mask in taler-exchange-httpd - helper functions and macros introduced | |||
2022-02-14 | -towards fixing the protocol | Christian Grothoff | |
2022-02-11 | -simplify: nonce no longer hashed | Christian Grothoff | |
2022-02-10 | -get recoup/refresh to pass | Christian Grothoff | |
2022-02-09 | also pass ewvs during recoup-refresh | Christian Grothoff | |
2022-02-04 | resolves merge conflicts | Gian Demarmels | |
2022-01-11 | The current recoup API is broken. I guess this is another example where ↵ | Christian Grothoff | |
"trivial" API changes turn out to have (multiple!) unexpected consequences. The current "/recoup" API does not have clear idempotency semantics, as we've discussed on the phone. This is already bad by itself, as it makes it hard to write down what the API does other than "whatever the implementation does". However, it actually breaks correctness in this (admittedly kinda contrived, but not impossible) case: Say that we have a coin A obtained via withdrawal and a coin B obtained via refreshing coin A. Now the denominations of A gets revoked.. The wallet does a recoup of A for EUR:1. Now the denomination of B also gets revoked. The wallet recoups B (incidentally also for EUR:1) and now A can be recouped again for EUR:1. But now the exchange is in a state where it will refuse a legitimate recoup request for A because the detection for an idempotent request kicks in. This is IMHO bad API design, and the exchange should simply always recoup the maximum amount. Furthermore, we usually follow the principle of "API calls that take up DB space are paid". With the current recoup API, I can do many tiny recoup requests which the exchange then has to store, right? I guess it would not be a big change to remove the "amount" value from the recoup/recoup-refresh request bodies, right? - Florian | |||
2021-12-25 | protocol v12 changes (/recoup split, signature changes) plus database ↵ | Christian Grothoff | |
sharding plus O(n^2)=>O(n) worst-case complexity reduction on coin balance checks |