commit 88e3d75eae7c65b0aa0a5815f9f291564b6418f8
parent 8f9b04b47ced66f3833da112fb0e8a2457907dbf
Author: Matyja Lukas Adam <lukas.matyja@students.bfh.ch>
Date: Fri, 23 Feb 2024 14:04:51 +0100
add meeting protocol
Diffstat:
2 files changed, 43 insertions(+), 150 deletions(-)
diff --git a/doc/flows/mainOld.tex b/doc/flows/mainOld.tex
@@ -1,150 +0,0 @@
-\documentclass{article}
-
-\usepackage[english]{babel}
-\usepackage[utf8]{inputenc}
-\usepackage{amsmath,amssymb}
-\usepackage{parskip}
-\usepackage{graphicx}
-\graphicspath{ {./images/} }
-
-% Margins
-\usepackage[top=3cm, left=3cm, right=3cm, bottom=3cm]{geometry}
-% Colour table cells
-\usepackage[table]{xcolor}
-
-\title{DONAU protocol overview}
-\author{Johannes Casaburi \and Pius Loosli \and Lukas Matyja}
-\date{\today}
-
-\begin{document}
-\maketitle
-
-\section{Definitions}
-\begin{itemize}
-\item $DU :=$ \textbf{donation unit} = Smallest structure representing a donation confirmation unit, i.e. accepted values that compose a donation (examples: CHF1, CHF2, EUR1, EUR2). Equivalent in Taler is "denomination".
- \item $UDID := $ \textbf{unique donor identifier} of a donor by tax ID, made unique per donation to obtain unique $DR$s per donation
- \item $BDID :=$ blinded $UDID$, blinded for privacy of the donor
- \item $BS :=$ BDU blinded signature made with a donation unit secret key (from DONAU)
- \item $S :=$ unblinded BS
- \item $DR :=$ \textbf{donation receipt} = $UDID$ with $S$ signature of DONAU affirming donation over the respectiv amount as given by the DU associated with the signature
- \item $DRs :=$ collection of $DR$s
- \item $DS_{year} :=$ \textbf{donation statement} = confirmation over the total amount of DRs produced for a specific year and specific donor (DID)
- \item $b :=$ blinding factor
- \item $H :=$ cryptographic hash function
- \item $DUi, Si, DRi, \ldots$ := number entities if there are more than one e.g. $DU1$, $DU2$ ...
- \item $BS_{kj}$ or $S_{kj} \Rightarrow kj$ := specific DONAU public key used to attribute a specific value to a DU, e.g. k1 gives the DU a value of 1, k2 a value of 2...
-\end{itemize}
-
-\subsection{Unique Donor ID (UDID)}
-
-The NONCE is used to uniquely distinguish donor IDs of the same value
-("create a fresh donor ID"). Otherwise the DONAU would refuse DUs
-containing donations of equal amount to the same charity, since this
-would be seen as "double spending" (or rather, double claiming of
-tax deduction for the same donation).
-
-\begin{align}
- UDID := \langle H(TAXID, SALT), NONCE \rangle
-\end{align}
-
-\section{Overview}
-\includegraphics[width=\textwidth]{overview}
-
-\subsection{Step 0: Initial setup}
-\begin{enumerate}
- \item Key generation for blind signatures and statement signing by the DONAU. Distribution of the keys to charities, donors and tax authorities (possibly on-demand via REST API). Let $ki$ be the private key for $i$ DU and $Pi$ be the corresponding public key.
- \item The charity generates their own key pair (charity pub/priv).
- \item The DONAU administrator registers the public key of the charity and sets the yearly donation limit for the charities.
-\end{enumerate}
-
-\subsection{Step 1: Attest donation}
-\subsubsection{Donor donates to charity}
-\begin{enumerate}
- \item The donor downloads the DU public keys $P1, P4$ for the corresponding year from the DONAU.
-
- \item To donate 5 Euros the donor has to generate 2 UDIDs (for 1 Euro and 4 Euro DU).
- The donor generates UDIDs $U1$ and $U2$ which include a salted hash of the tax number
- (here TAXID) and a NONCE.
-
- \begin{align}
- U1 = \langle H(TAXID, SALT), NONCE_1 \rangle \\
- U2 = \langle H(TAXID, SALT), NONCE_2 \rangle
- \end{align}
-
- \item The donor blinds the UDIDs using two different blinding factors $b_1, b_2$.
- \begin{align}
- BU1 = \langle blind(b_1,U1, P1), H(P1) \rangle \\
- BU2 = \langle blind(b_2,U2, P4), H(P4) \rangle
- \end{align}
-
-\item The donor sends the blinded UDIDs (BDIDs) $BU1$ and $BU2$ as well as the payment of 5 Euros.
-
-\end{enumerate}
-
-\subsubsection{Charity sends signed BDIDs to DONAU}
-\begin{enumerate}
-\item The charity verifies that the amount requested (based on the $H(Pi)$)
- for signing is lower or equal to the effective amount of the donation.
- \item The charity signs (using EdDSA) a structure containing all unsigned BDIDs coming from the donor.
- \item The charity sends this structure and the signature to the DONAU.
-\end{enumerate}
-
-\subsubsection{DONAU sends back blind signed UDIDs to charity}
-\begin{enumerate}
- \item The DONAU:
- \begin{enumerate}
- \item verifies the charity signature on the structure.
- \item increments the current year amount of the charity by the total amount of the BDIDs, if the increment does not exceed the annual limit.
- \item blind signs all the BDIDs using the private keys $k_i$ matching the public keys $H(Pi)$.
- \begin{align}
- BS1 &:= sign(BU1, k_1) \\
- BS2 &:= sign(BU2, k_4)
- \end{align}
- \item sends back the blind signatures to the charity.
- \end{enumerate}
- \item The charity transmits the blind signatures to the donor.
- \item The donor unblinds the signatures.
- \begin{align}
- S1_{k1} &= unblind(BS1, b_1) \\
- S2_{k4} &= unblind(BS2, b_2)
- \end{align}
-\end{enumerate}
-
-
-\subsection{Step 2: Donor sends DRs to DONAU, DONAU sends back donation statement (DS)}
-\begin{enumerate}
- \item The donor sends the collection of all $\langle DUi, Si, H(Pj) \rangle$, also called DRs, to the DONAU. The DRs are sent manually once a year.
- \item For each $\langle DUi, Si, H(Pj) \rangle$ The DONAU...
-
- \begin{itemize}
- \item check if $Pj$ is stored and get the corresponding year and donation unit (amount donated).
- \item verifies if $Si$ is a correct signature with the corresponding public key $Pj$.
- \item verifies that the hash of the TAXID and the salt is the same as in other DRs (With multiple wallets each wallet must simply obtain a separate DS!).
- \item verifies that the nonce is different from each ever used nonce of this donor for the corresponding year.
- \item if all of this is the case, it adds the amount corresponding to the public key to the total donation amount for the year.
- \end{itemize}
- \item The DONAU then signs over the total amount,
- year and hashed TAXID+salt and sends signature and the total amount so far back to the donor.
-
- \begin{align}
- DS := sign(total amount, year, H(TAXID, salt))
- \end{align}
-
-\end{enumerate}
-
-\subsection{Step 3: Donor sends QR Code to validator (tax office)}
-\begin{enumerate}
- \item The donor generates a QR code containing the following and sends it to the validator/tax office:
- \begin{itemize}
- \item version of the protocol (one byte)
- \item TAXID
- \item salt
- \item DS received from the DONAU
- \item year
- \item amount for the year
- \end{itemize}
-
-\item The validator scans the QR code and validates that the signature corresponds to the current DONAU DS signing key.
-\end{enumerate}
-
-\end{document}
diff --git a/doc/flows/meetings/01_22-02-2024.md b/doc/flows/meetings/01_22-02-2024.md
@@ -0,0 +1,43 @@
+# Meeting 22.02.2024
+
+## administrative
+
+Must have (to prioritize):
+
+- DONAU implementation
+
+- Merchant part implementation
+
+- Clarification of practicability with the cantonal tax office
+
+ - presentation of the idea
+
+ - legal requirements
+
+ - Is there a need -> yes :)
+
+Optional (time dependent):
+
+- Wallet implementation (client side)
+
+- Android app (verification tool for tax office)
+
+ - Scans the QR, checks the signature and shows a green visual check mark or a red cross
+
+- SPA DONAU
+
+## donau coding questions
+
+This code in src/testing/testing_api_cmd_charity_get.c will asynchronously call the next job if the timeout is not zero. Since the next call is TALER_TESTING_cmd_end (), all jobs are terminated and the desired GET charitiy/1. The solution: Use GNUNET_TIME_relative_get_zero_ () to call the function.
+
+```c
+ if (! GNUNET_TIME_relative_is_zero (ss->timeout))
+ {
+ TALER_TESTING_interpreter_next (is);
+ return;
+ }
+```
+
+Problem uint64_t gives warnings by writing into the database. Therefore we are now generally using long long unsigned int and casting before database interaction with long unsigned int (important to cast after scanf operation we dont want to cut off parts).
+
+
