commit 1b33cca7f409e52a2a936253d9976e720376cbef
parent 71054778232ae9831d461554fb0d51135f6f6439
Author: Matyja Lukas Adam <lukas.matyja@students.bfh.ch>
Date: Thu, 6 Jun 2024 13:54:08 +0200
Merge remote-tracking branch 'refs/remotes/origin/master'
Diffstat:
7 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/doc/thesis/chapters/approach/concept.tex b/doc/thesis/chapters/approach/concept.tex
@@ -1,4 +1,4 @@
-The Donau (donation authority) environment includes three stakeholders. Donors, charities and the tax authority. The Donau itself is operated by the tax authority while maintaining a list of verified charities. Each charity maintains a backend solution that allows it to communicate with the Donau and the donors. See Figure \ref{fig:stakeholders} \pageref{fig:stakeholders}
+The Donau environment includes three stakeholders. Donors, charities and the tax authority. The Donau itself is operated by the tax authority while maintaining a list of verified charities. Each charity maintains a backend solution that allows it to communicate with the Donau and the donors. See Figure \ref{fig:stakeholders} \pageref{fig:stakeholders}
\begin{figure}[ht]
\begin{center}
diff --git a/doc/thesis/chapters/background/hash.tex b/doc/thesis/chapters/background/hash.tex
@@ -1,4 +1,5 @@
-The project is based on existing cryptography. In the following only the crucial cryptographic elements used by the Donau system are described.
+The project is based on existing cryptography. This chapter describes only the crucial cryptographic elements used by the Donau.
+
\section{Hash Functions}
Hash functions are used to compress input values to a fixed output size. Hash function are deterministic. The same input leads to the same output. The Donau uses hash functions to compress data in order to record less data in the database or to send less data over the network. To be able to clearly recognize the corresponding data from the hash, the hash function has to second-preimage resistant or better collision resistant. With second-preimage resistance no equivalent hash for any input $x'$ to a given hash $h(x)$ with $x \neq x'$ can be found in a reasonable time. Collision resistance is the stronger assumption and even prevents to find $h(x) = h(x')$ with $x \neq x'$. A further important assumption is the Avalanche Criterion. The property defines that a small change in the hash input message leads to a substantially change in the output hash. This criteria makes it hard to guess the input even if a part of the input is known.\cite{hash2012} To protect the donor, his identity is represented as salted hash of the tax identifiaction number. The salt is a small value with high entropy to make it more difficult to guess the hashed value. \\
diff --git a/doc/thesis/chapters/results/conclusion.tex b/doc/thesis/chapters/results/conclusion.tex
@@ -0,0 +1,5 @@
+\section{Conclusion}
+%big picture stuff
+%history
+%tax transparency, floss, privacy
+%Donau international
diff --git a/doc/thesis/chapters/results/future.tex b/doc/thesis/chapters/results/future.tex
@@ -3,8 +3,11 @@
%charity merchant backend
%spa
%
-The donor client implementation needs to be implemented in the Taler wallet. This is a necessary step to be able to use the Donau together with the Taler payment system. Then donations could be made fully anonymous.
+\subsection{Client implementation}
+The donor client implementation needs to be implemented in the Taler wallet. This is a necessary step to be able to use the Donau together with the Taler payment system. Then donations could be made fully anonymous. The necessary functionality must be implemented in the \texttt{taler-wallet-core}. This includes the option to make donations and request for the final donation statement. If the donor wants to be able to deduct the donations from taxes, the user is asked to input his tax number. Hidden from the user are the generation of the various elements such as \texttt{DI}, \texttt{UDI}, \texttt{BUDI} and \texttt{BKP}. The blinding and unblinding implementation must also be present.
-Each registered charity needs to communicate with the donors and the Donau. The Taler merchant backend needs to be modified to incrporate the charity backend logic.
+\subsection{Charity backend}
+Each registered charity needs to communicate with the donors and the Donau. The Taler merchant backend needs to be modified to incrporate the charity backend logic. To do this it is necessary to add a charity information table to the merchant database. This table should contain information like the charity public key, domain, base URL, currency and instance. The instance beeing a number as there could be different instances running. The merchant backend needs to be extended to incrporate the charity logic. Meaning the signing of BKP's sent to the charity and also the communication whith the donor. The charity should return a list of Donaus in which the charity is registered, so that the donor can choose the appropriate Donau for tax deduction.
-For the administrator a single page application is needed to comftably manage the charities. This would include functionality to add, remove and modify charities.
+\subsection{Donau SPA}
+For the administrator a single page application is needed to comftably manage the charities. This would include functionality to add, remove and modify charities. This setup could include a reverse proxy, which authenicates the Donau admin. Once the identity has been confirmed the proxy can access the Donau endpoint to manage a charity. The proxy would hold a bearer token, in order to authenticate itself.
diff --git a/doc/thesis/chapters/results/results.tex b/doc/thesis/chapters/results/results.tex
@@ -1,5 +1,7 @@
\section{Results}
-Currently the Donau REST API is fully implemented.
+Currently the Donau REST API is fully implemented. The Donau can manage any number of charities using the \texttt{/charities} endpoint.
+All the keys used for singing and blind singing are managed by the Donau thogether with the Secmod helpers.
+Overall the Donau is able to issue donation receipts and provide the necessary donation statement to the donor, all while keeping the data anonymized and protecting the privacy of the donor.
%...
Important components that are needed to operate the Donau are not yet implemented. This includes the charity side and donor client side. Although test where written to ensure that the Donau endpoints operate as expected, there are still some bugs and most likely also unknown bugs, not yet found.
diff --git a/doc/thesis/thesis.pdf b/doc/thesis/thesis.pdf
Binary files differ.
diff --git a/doc/thesis/thesis.tex b/doc/thesis/thesis.tex
@@ -47,6 +47,7 @@
\chapter{Results and Future work}
\input{chapters/results/results}
\input{chapters/results/future}
+\input{chapters/results/conclusion}
\bibliography{bibliography}
\addcontentsline{toc}{chapter}{Bibliography}
