commit 2477aa0efa1add2a3ecd2a537c947569a13f0468
parent 9223b516f6293e20943172857b24c5e89233e761
Author: Casaburi Johannes <johannes.casaburi@students.bfh.ch>
Date: Sat, 30 Sep 2023 15:32:21 +0200
[doc] indents and other adjustments
Diffstat:
| M | doc/flows/main.tex | | | 155 | ++++++++++++++++++++++++++++++++++++++++--------------------------------------- |
1 file changed, 78 insertions(+), 77 deletions(-)
diff --git a/doc/flows/main.tex b/doc/flows/main.tex
@@ -21,22 +21,22 @@
\section{Definitions}
\begin{itemize}
- \item $m :=$ \textbf{receipt} = smallest structure representing a donation confirmation unit, e.g. receipt for CHF1, CHF2. Equivalent in Taler is "coin".
- \item $b :=$ blinding factor
- \item $statement_{year} :=$ sum of donations(receipts) for one specific year and specific donor
- \item $m :=$ receipt
- \item $m' :=$ blinded receipt
- \item $s :=$ signed receipt
- \item $s' :=$ blind signed receipt
- \item $mi, si, mi'...$ := number receipts/signatures if there are
- more than one eg. m1,m2...
- \item $m_{kj}$ or $mi_{kj} \Rightarrow kj$ := specific donau public key used to attribute a specific value to a receipt, e.g. k1 gives the receipt a value of 1, k2 a value of 2...
+ \item $m :=$ \textbf{receipt} = smallest structure representing a donation confirmation unit, e.g. receipt for CHF1, CHF2. Equivalent in Taler is "coin".
+ \item $b :=$ Blinding factor
+ \item $H :=$ Cryptographic hash function
+ \item $statement_{year} :=$ sum of donations (receipts) for one specific year and specific donor
+ \item $m' :=$ Blinded receipt
+ \item $s :=$ Signed receipt
+ \item $s' :=$ Blind signed receipt
+ \item $mi, si, mi'...$ := number receipts/signatures if there are more than one eg. m1,m2...
+ \item $m_{kj}$ or $mi_{kj} \Rightarrow kj$ := specific DONAU public key used to attribute a specific value to a receipt, e.g. k1 gives the receipt a value of 1, k2 a value of 2...
\end{itemize}
-\subsection{receipt}
-The nonce is used to uniquely distinguish receipts of the same value ("create a fresh receipt"). Otherwise the donau would refuse receipts starting at the second, since it would believe it is a "double spending". To simplify the thought process, the \begin{color}{red}{nonce}\end{color} can be thought of as "the receipt id".
+\subsection{Receipt}
+The NONCE is used to uniquely distinguish receipts of the same value ("create a fresh receipt"). Otherwise the DONAU would refuse receipts containing donations of equal amount to the same charity, since this would be seen as "double spending". To simplify the thought process, the NONCE can be thought of as a "receipt ID".
+
\begin{align}
- m := <Hash(TaxID, salt), \begin{color}{red}{nonce}\end{color}>
+ m := \langle H(TAXID, SALT), NONCE \rangle
\end{align}
% TODO example
@@ -44,98 +44,99 @@ The nonce is used to uniquely distinguish receipts of the same value ("create a
\section{Overview}
\includegraphics[width=\textwidth]{overview}
-\subsection{Step 0: Setup}
+\subsection{Step 0: Initial setup}
\begin{enumerate}
- \item Charity generates keys.
- \item Donau (admin) registers the public key of the charity and sets the max issue of donation receipts amount per year for the charity.
+ \item The charity generates their own key pair.
+ \item The DONAU administrator registers the public key of the charity and sets the yearly donation limit.
\end{enumerate}
\subsection{Step 1: Donor donates to charity}
\begin{enumerate}
+ \item The donor downloads the donation unit/receipt public keys for the corresponding year from the DONAU.
- \item The donor downloads the donation unit/receipt public keys for the corresponding year from the donau.
-
- \item To donate 5 Euros the donor has to generate 2 receipts (a 1 Euro and 4 Euro receipt). The donor generates receipts $m1$ and $m2$ which include a salted hash of the tax number and a NONCE.
+ \item To donate 5 Euros the donor has to generate 2 receipts (a 1 Euro and 4 Euro receipt). The donor generates receipts $m1$ and $m2$ which include a salted hash of the tax number (here TAXID) and a NONCE.
- \begin{align}
- m1 = \langle H(TAXID, SALT), NONCE_1 \rangle \\
- m2 = \langle H(TAXID, SALT), NONCE_2 \rangle
- \end{align}
+ \begin{align}
+ m1 = \langle H(TAXID, SALT), NONCE_1 \rangle \\
+ m2 = \langle H(TAXID, SALT), NONCE_2 \rangle
+ \end{align}
- \item The donor blinds the receipts using two different blinding factors $b_1, b_2$ and sends them as $m1'$ and $m2'$ to the charity in addition to the payment of 3 Euros.
+ \item The donor blinds the receipts using two different blinding factors $b_1, b_2$ and sends them as $m1'$ and $m2'$ to the charity in addition to the payment of 3 Euros.
- \begin{align}
- m1' = m1 \cdot b_1^{e_{1EUR}} \mod n_{1EUR} \\
- m2' = m2 \cdot b_2^{e_{4EUR}} \mod n_{4EUR}
- \end{align}
-
- \item The Donor signs the receipts using the correct donau public keys. This gives the receipts their respective value.
- \begin{align}
- m1'_{k1} = sign_{k1}(m1') \\
- m2'_{k4} = sign_{k4}(m2')
- \end{align}
+ \begin{align}
+ m1' = m1 \cdot b_1^{e_{1EUR}} \mod n_{1EUR} \\
+ m2' = m2 \cdot b_2^{e_{4EUR}} \mod n_{4EUR}
+ \end{align}
+ \item The Donor signs the receipts using the correct DONAU public keys. This gives the receipts their respective value.
+ \begin{align}
+ m1'_{k1} = sign_{k1}(m1') \\
+ m2'_{k4} = sign_{k4}(m2')
+ \end{align}
\end{enumerate}
-\subsection{Step 2: Charity sends signed receipt to donau}
+\subsection{Step 2: Charity sends signed receipt to DONAU}
\begin{enumerate}
- \item The charity verifies that the amount requested for signing is lower or equal to the effective amount of the donation.
- \item The charity signs(EdDSA, more efficient than RSA-based signatures) a structure containing all unsigned receipts coming from the donor.
- \item The charity sends this structure to the Donau.
+ \item The charity verifies that the amount requested for signing is lower or equal to the effective amount of the donation.
+ \item The charity signs(EdDSA, more efficient than RSA-based signatures) a structure containing all unsigned receipts coming from the donor.
+ \item The charity sends this structure to the DONAU.
\end{enumerate}
-\subsection{Step 3: Donau sends back blind signed receipt to charity}
+\subsection{Step 3: DONAU sends back blind signed receipt to charity}
\begin{enumerate}
- \item The donau verifies the charity Signature on the structure.
- \item The donau verifies the signature of every receipt with it's private keys.
- \item The donau increments the current year amount of the charity by the total amount of the receipts.
- \item The donau blind signs (RSA/Schnorr) all the receipts
- \begin{align}
+ \item The DONAU:
+ \begin{enumerate}
+ \item verifies the charity Signature on the structure.
+ \item verifies the signature of every receipt with it's private keys.
+ \item increments the current year amount of the charity by the total amount of the receipts.
+ \item blind signs (RSA/Schnorr) all the receipts
+ \end{enumerate}
+ \begin{align}
s_1' = m_1'^{(d_{E1})} \emph{mod ?} \\
s_2' = m_2'^{(d_{E2})} \emph{mod ?}
- \end{align}
- \item The donau sends back the blind signed receipts to the charity
- \item The charity transmits the blind signed receipts to the donor.
- \item The donor unblinds the receipts.
- \begin{align}
+ \end{align}
+ \item The DONAU sends back the blind signed receipts to the charity
+ \item The charity transmits the blind signed receipts to the donor.
+ \item The donor unblinds the receipts.
+ \begin{align}
s_1 = s_1' \cdot b^{-1} \mod n_1 \\
s_2 = s_2' \cdot b^{-1} \mod n_2
- \end{align}
+ \end{align}
\end{enumerate}
-\subsection{Step 4: Donor sends receipts to donau, Donau sends back statement}
+\subsection{Step 4: Donor sends receipts to DONAU, DONAU sends back statement}
\begin{enumerate}
- \item The donor sends the collection of all $(mi, si, kj)$ of the year to the donau.
- \item For each $(mi, si, kj)$ The donau...
-
- \begin{itemize}
- \item verifies that $kj$ is one of it's currently valid public keys
- \item verifies if $si$ is a correct signature with the corresponding secret key.
- \item verifies that the hash of the taxid and the salt is the same as in other receipts
- \item verifies that the nonce is different from the ones in other receipts
- \item if all of this is the case, it adds the amount corresponding to the public key to the total donation amount for the year.
- \end{itemize}
-
- \item The donau then signs over the amount, year and hashed taxid+salt and sends signature back to the donor
- \begin{align}
- sign(total amount, year, hash(taxid, salt))
- \end{align}
+ \item The donor sends the collection of all $(mi, si, kj)$ of the year to the DONAU.
+ \item For each $(mi, si, kj)$ The DONAU...
+
+ \begin{itemize}
+ \item verifies that $kj$ is one of it's currently valid public keys
+ \item verifies if $si$ is a correct signature with the corresponding secret key.
+ \item verifies that the hash of the TAXID and the salt is the same as in other receipts
+ \item verifies that the nonce is different from the ones in other receipts
+ \item if all of this is the case, it adds the amount corresponding to the public key to the total donation amount for the year.
+ \end{itemize}
+
+ \item The DONAU then signs over the amount, year and hashed TAXID+salt and sends signature back to the donor
+
+ \begin{align}
+ sign(total amount, year, hash(TAXID, salt))
+ \end{align}
\end{enumerate}
\subsection{Step 5: Donor sends QR Code to validator (tax office)}
\begin{enumerate}
- \item The donor generates a QR code containing the following and sends it to the validator/tax office:
- \begin{itemize}
- \item taxid
- \item salt
- \item signature received from the donau
- \item year
- \item amount for the year
- \end{itemize}
-
- \item The validator scans the QR code. The app validates that the signature corresponds to the current donau statement signing key.
+ \item The donor generates a QR code containing the following and sends it to the validator/tax office:
+ \begin{itemize}
+ \item TAXID
+ \item salt
+ \item signature received from the DONAU
+ \item year
+ \item amount for the year
+ \end{itemize}
+
+ \item The validator scans the QR code. The app validates that the signature corresponds to the current DONAU statement signing key.
\end{enumerate}
-
\end{document}
