commit c6c3c28421656b5f0f5bcba2b64b76325fba9fa2 parent 8771a2231bc9989665a9a1411a3d8bcaa64a4653 Author: Matyja Lukas Adam <lukas.matyja@students.bfh.ch> Date: Thu, 6 Jun 2024 20:45:56 +0200 add some text to results Diffstat:
5 files changed, 7 insertions(+), 10 deletions(-)
diff --git a/doc/thesis/chapters/introduction/motivation.tex b/doc/thesis/chapters/introduction/motivation.tex @@ -5,7 +5,7 @@ To be able to donate to a charity and deduct that donation from taxes, it is oft There are many reasons why such information can be sensitive and should be hidden from third parties. Both personally and politically this information could be harmful to individuals if not handeled responsably. It is best to reduce and anonymize this information as much as possible, while still having all the necessary information to verify donations and prevent illegal practices. %verifiability -%see gitlab (sensitive) +%see gitlab (interview part) %simplicity Tax authorities may have to verify donations manually which can be time consuming and involves a disproportionate amount of effort for the tax authorities. The donor on the other hand has to keep track of the donation receipts, which may get lost. diff --git a/doc/thesis/chapters/results/conclusion.tex b/doc/thesis/chapters/results/conclusion.tex @@ -1,7 +1,7 @@ \section{Conclusion}\label{conclusion} Tax transparency is a crucial aspect of a well-functioning society, as it fosters trust, accountability, and fairness in the relationship between the state and its citizens. Transparency allows for public scrutiny, which can help identify inefficiencies, loopholes, or instances of corruption within the tax system, ultimately leading to necessary reforms and improvements. -Unfortunately, it occured to us that many tax departments still rely heavily on outdated, paper-based systems and legacy software, hindering their ability to operate efficiently and transparently. The lack of digitization not only slows down processes but also increases the risk of errors, data inconsistencies, and potential mishandling of sensitive information. +Unfortunately, it occured that some tax departments still rely heavily on outdated, paper-based systems and legacy software, hindering their ability to operate efficiently and transparently. The lack of digitization not only slows down processes but also increases the risk of errors, data inconsistencies, and potential mishandling of sensitive information. The adoption of free and open-source software (FOSS) presents a compelling solution. FOSS solutions offer several advantages, including cost-effectiveness, customizability, and the ability to scrutinize the underlying code for security and transparency purposes. By embracing FOSS, tax departments can modernize their systems, streamline processes, and enhance data integrity, ultimately fostering greater transparency and trust with the public. diff --git a/doc/thesis/chapters/results/future.tex b/doc/thesis/chapters/results/future.tex @@ -1,13 +1,10 @@ \section{Future work}\label{future_work} -%donor client -%charity merchant backend -%spa -% + \subsection{Client implementation}\label{client_implementation} The donor client implementation needs to be implemented in the Taler wallet. This is a necessary step to be able to use the Donau together with the Taler payment system. Then donations could be made fully anonymous. The necessary functionality must be implemented in the \texttt{taler-wallet-core}. This includes the option to make donations and request for the final donation statement. If the donor wants to be able to deduct the donations from taxes, the user is asked to input his tax number. Hidden from the user are the generation of the various elements such as \texttt{DI}, \texttt{UDI}, \texttt{BUDI} and \texttt{BKP}. The blinding and unblinding implementation must also be present. -\subsection{Charity backend}\label{chairty_backend} -Each registered charity needs to communicate with the donors and the Donau. The Taler merchant backend needs to be modified to incrporate the charity backend logic. To do this it is necessary to add a charity information table to the merchant database. This table should contain information like the charity public key, domain, base URL, currency and instance. The instance beeing a number as there could be different instances running. The merchant backend needs to be extended to incrporate the charity logic. Meaning the signing of BKP's sent to the charity and also the communication whith the donor. The charity should return a list of Donaus in which the charity is registered, so that the donor can choose the appropriate Donau for tax deduction. +\subsection{Charity backend}\label{charity_backend} +Each registered charity needs to communicate with the donors and the Donau. The Taler merchant backend needs to be modified to incorporate the charity backend logic. To do this it is necessary to add a charity information table to the merchant database. This table should contain information like the charity public key, domain, base URL, currency and instance. The instance beeing a number as there could be different instances running. The merchant backend needs to be extended to incorporate the charity logic. Meaning the signing of BKP's sent to the charity and also the communication with the donor. The charity should return a list of Donaus where the charity is registered, so that the donor can choose the appropriate Donau for tax deduction. \subsection{Donau SPA}\label{donau_spa} For the administrator a single page application is needed to comftably manage the charities. This would include functionality to add, remove and modify charities. This setup could include a reverse proxy, which authenicates the Donau admin. Once the identity has been confirmed the proxy can access the Donau endpoint to manage a charity. The proxy would hold a bearer token, in order to authenticate itself. diff --git a/doc/thesis/chapters/results/results.tex b/doc/thesis/chapters/results/results.tex @@ -1,8 +1,8 @@ \section{Results}\label{results} Currently the Donau REST API is fully implemented. The Donau can manage any number of charities using the \texttt{/charities} endpoint. -All the keys used for singing and blind singing are managed by the Donau thogether with the Secmod helpers. +All the keys used for signing and blind signing are managed by the Donau thogether with the Secmod helpers. Overall the Donau is able to issue donation receipts and provide the necessary donation statement to the donor, all while keeping the data anonymized and protecting the privacy of the donor. -%... +With the binding of the tax number to the donation receipts and the signature of the tax authority with year-dependent keys, the receipts are absolutely bound to a donor and to a year and cannot be falsified or imitated without falsifying the signature. Therefore donation fraud can be prevented. By summarizing the receipts into one single QR-Code, the user convienience for the tax authority and for the donor could be improved. Important components that are needed to operate the Donau are not yet implemented. This includes the charity side and donor client side. Although test where written to ensure that the Donau endpoints operate as expected, there are still some bugs and most likely also unknown bugs, not yet found. diff --git a/doc/thesis/thesis.pdf b/doc/thesis/thesis.pdf Binary files differ.