-update KYC DB schema to store exchange pub/sig/timestamp

author: Christian Grothoff <christian@grothoff.org> 2021-10-10 20:47:48 +0200
committer: Christian Grothoff <christian@grothoff.org> 2021-10-10 20:47:48 +0200
commit: 0e06513c2910cda1ddc22c8a5d3825557e57660e (patch)
tree: 9762cc552a0e92deb686482c6a295a6bc12016f5 /src/backenddb
parent: ba2c477c245bb3fe080619abdbcbbdfb9ca1f3fb (diff)
download: merchant-0e06513c2910cda1ddc22c8a5d3825557e57660e.tar.gz
merchant-0e06513c2910cda1ddc22c8a5d3825557e57660e.tar.bz2
merchant-0e06513c2910cda1ddc22c8a5d3825557e57660e.zip
3 files changed, 44 insertions, 9 deletions
diff --git a/src/backenddb/merchant-0003.sql b/src/backenddb/merchant-0003.sql
index 00c77656..80860d23 100644
--- a/src/backenddb/merchant-0003.sql
+++ b/src/backenddb/merchant-0003.sql
@@ -27,7 +27,9 @@ SELECT _v.register_patch('merchant-0003', NULL, NULL);
 CREATE TABLE IF NOT EXISTS merchant_kyc
 (kyc_serial_id BIGSERIAL UNIQUE
 ,kyc_timestamp INT8 NOT NULL
-,kyc_ok BOOLEAN NOT NULL DEFAULT (false)
+,kyc_ok BOOLEAN NOT NULL DEFAULT (FALSE)
+,exchange_sig BYTEA CHECK(LENGTH(exchange_sig)=64)
+,exchange_pub BYTEA CHECK(LENGTH(exchange_pub)=32)
 ,exchange_kyc_serial INT8 NOT NULL DEFAULT(0)
 ,account_serial INT8 NOT NULL
   REFERENCES merchant_accounts (account_serial) ON DELETE CASCADE
@@ -37,11 +39,15 @@ CREATE TABLE IF NOT EXISTS merchant_kyc
 COMMENT ON TABLE merchant_kyc
   IS 'Status of the KYC process of a merchant account at an exchange';
 COMMENT ON COLUMN merchant_kyc.kyc_timestamp
-  IS 'Last time we checked our KYC status at the exchange. Useful to re-check if the status is very stale.';
+  IS 'Last time we checked our KYC status at the exchange. Useful to re-check if the status is very stale. Also the timestamp used for the exchange signature (if present).';
 COMMENT ON COLUMN merchant_kyc.exchange_kyc_serial
   IS 'Number to use in the KYC-endpoints of the exchange to check the KYC status or begin the KYC process. 0 if we do not know it yet.';
 COMMENT ON COLUMN merchant_kyc.kyc_ok
   IS 'true if the KYC check was passed successfully';
+COMMENT ON COLUMN merchant_kyc.exchange_sig
+  IS 'signature of the exchange affirming the KYC passed (or NULL if exchange does not require KYC or not kyc_ok)';
+COMMENT ON COLUMN merchant_kyc.exchange_pub
+  IS 'public key used with exchange_sig (or NULL if exchange_sig is NULL)';
 COMMENT ON COLUMN merchant_kyc.account_serial
   IS 'Which bank account of the merchant is the KYC status for';
 COMMENT ON COLUMN merchant_kyc.exchange_url
diff --git a/src/backenddb/plugin_merchantdb_postgres.c b/src/backenddb/plugin_merchantdb_postgres.c
index 838a6897..4b90674e 100644
--- a/src/backenddb/plugin_merchantdb_postgres.c
+++ b/src/backenddb/plugin_merchantdb_postgres.c
@@ -991,6 +991,9 @@ postgres_account_kyc_get_status (void *cls,
  * @param h_wire hash of the wire account to check
  * @param exchange_url base URL of the exchange to check
  * @param exchange_kyc_serial serial number for our account at the exchange (0 if unknown)
+ * @param exchange_sig signature of the exchange, or NULL for none
+ * @param exchange_pub public key of the exchange, or NULL for none
+ * @param timestamp timestamp to store
  * @param kyc_ok current KYC status (true for satisfied)
  * @return database result code
  */
@@ -1001,23 +1004,32 @@ postgres_account_kyc_set_status (
   const struct GNUNET_HashCode *h_wire,
   const char *exchange_url,
   uint64_t exchange_kyc_serial,
+  const struct TALER_ExchangeSignatureP *exchange_sig,
+  const struct TALER_ExchangePublicKeyP *exchange_pub,
+  struct GNUNET_TIME_Absolute timestamp,
   bool kyc_ok)
 {
   struct PostgresClosure *pg = cls;
   uint8_t ok = kyc_ok;
-  struct GNUNET_TIME_Absolute now = GNUNET_TIME_absolute_get ();
   struct GNUNET_PQ_QueryParam params[] = {
     GNUNET_PQ_query_param_string (merchant_id),
     GNUNET_PQ_query_param_auto_from_type (h_wire),
     GNUNET_PQ_query_param_string (exchange_url),
     GNUNET_PQ_query_param_uint64 (&exchange_kyc_serial),
-    GNUNET_PQ_query_param_absolute_time (&now),
+    GNUNET_PQ_query_param_absolute_time (&timestamp),
     GNUNET_PQ_query_param_auto_from_type (&ok),
+    exchange_pub
+    ? GNUNET_PQ_query_param_auto_from_type (exchange_pub)
+    : GNUNET_PQ_query_param_null (),
+    exchange_sig
+    ? GNUNET_PQ_query_param_auto_from_type (exchange_sig)
+    : GNUNET_PQ_query_param_null (),
     GNUNET_PQ_query_param_end
   };
 
   check_connection (pg);
-  (void) GNUNET_TIME_round_abs (&now);
+  GNUNET_assert (GNUNET_OK ==
+                 GNUNET_TIME_round_abs (&timestamp));
   return GNUNET_PQ_eval_prepared_non_select (pg->conn,
                                              "upsert_account_kyc",
                                              params);
@@ -6848,8 +6860,10 @@ postgres_connect (void *cls)
                             ",kyc_ok"
                             ",exchange_kyc_serial"
                             ",account_serial"
-                            ",exchange_url)"
-                            " SELECT $5, $6, $4, account_serial, $3"
+                            ",exchange_url"
+                            ",exchange_pub"
+                            ",exchange_sig)"
+                            " SELECT $5, $6, $4, account_serial, $3, $7, $8"
                             " FROM merchant_instances"
                             " JOIN merchant_accounts USING (merchant_serial)"
                             " WHERE merchant_id=$1"
@@ -6857,8 +6871,11 @@ postgres_connect (void *cls)
                             " ON CONFLICT(account_serial,exchange_url) DO "
                             "UPDATE"
                             " SET exchange_kyc_serial=$4"
-                            "    ,kyc_ok=$6",
-                            6),
+                            "    ,kyc_timestamp=$5"
+                            "    ,kyc_ok=$6"
+                            "    ,exchange_pub=$7"
+                            "    ,exchange_sig=$8",
+                            8),
     /* for postgres_account_kyc_get_status */
     GNUNET_PQ_make_prepare ("lookup_kyc_status",
                             "SELECT"
diff --git a/src/backenddb/test_merchantdb.c b/src/backenddb/test_merchantdb.c
index 9fd159d8..473a3f62 100644
--- a/src/backenddb/test_merchantdb.c
+++ b/src/backenddb/test_merchantdb.c
@@ -6697,6 +6697,7 @@ test_kyc (void)
   struct InstanceData instance;
   struct TALER_MERCHANTDB_AccountDetails account;
   bool fail;
+  struct GNUNET_TIME_Absolute now;
 
   make_instance ("test_kyc",
                  &instance);
@@ -6706,12 +6707,17 @@ test_kyc (void)
   TEST_RET_ON_FAIL (test_insert_account (&instance,
                                          &account,
                                          GNUNET_DB_STATUS_SUCCESS_ONE_RESULT));
+  now = GNUNET_TIME_absolute_get ();
+  (void) GNUNET_TIME_round_abs (&now);
   TEST_RET_ON_FAIL (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
                     plugin->account_kyc_set_status (plugin->cls,
                                                     instance.instance.id,
                                                     &account.h_wire,
                                                     "https://exchange.net/",
                                                     1LLU,
+                                                    NULL,
+                                                    NULL,
+                                                    now,
                                                     false));
   TEST_RET_ON_FAIL (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
                     plugin->account_kyc_set_status (plugin->cls,
@@ -6719,6 +6725,9 @@ test_kyc (void)
                                                     &account.h_wire,
                                                     "https://exchange2.com/",
                                                     1LLU,
+                                                    NULL,
+                                                    NULL,
+                                                    now,
                                                     false));
   TEST_RET_ON_FAIL (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
                     plugin->account_kyc_set_status (plugin->cls,
@@ -6726,6 +6735,9 @@ test_kyc (void)
                                                     &account.h_wire,
                                                     "https://exchange.net/",
                                                     1LLU,
+                                                    NULL,
+                                                    NULL,
+                                                    now,
                                                     true));
   fail = true;
   TEST_RET_ON_FAIL (1 !=
author	Christian Grothoff <christian@grothoff.org>	2021-10-10 20:47:48 +0200
committer	Christian Grothoff <christian@grothoff.org>	2021-10-10 20:47:48 +0200
commit	0e06513c2910cda1ddc22c8a5d3825557e57660e (patch)
tree	9762cc552a0e92deb686482c6a295a6bc12016f5 /src/backenddb
parent	ba2c477c245bb3fe080619abdbcbbdfb9ca1f3fb (diff)
download	merchant-0e06513c2910cda1ddc22c8a5d3825557e57660e.tar.gz merchant-0e06513c2910cda1ddc22c8a5d3825557e57660e.tar.bz2 merchant-0e06513c2910cda1ddc22c8a5d3825557e57660e.zip