commit 62110e0de498a772acb0175b8227aba2c3a03305
parent 12a4738f43286fd8da83c00b054e68529339d4df
Author: Christian Grothoff <grothoff@gnunet.org>
Date: Tue, 15 Aug 2023 13:00:16 +0200
recovery of subscriptions as discussed with Leif
Diffstat:
1 file changed, 11 insertions(+), 0 deletions(-)
diff --git a/design-documents/046-mumimo-contracts.rst b/design-documents/046-mumimo-contracts.rst
@@ -30,6 +30,9 @@ We want Taler to support various interesting use-cases:
with unlinkability and anonymity (modulo there being other users eligible
for the discount).
+ - Subscription tokens lost (due to loss of device without backup) should
+ be recoverable from any previous backup of the subscription.
+
- Currency conversion, that is exchanging one currency for another.
- Donations, including privacy-preserving tax receipts that prove that the
@@ -508,6 +511,12 @@ higher-priced alternative offers.
Subscription tokens are "critical" in that a wallet implementation must
understand them before allowing a user to interact with this class of token.
+Subscription token secrets should be derived from a master secret associated
+with the subscription, so that the private keys are recoverable from backup.
+To obtain the blind signatures, a merchant must offer an endpoint where
+one can submit the public key of the N-1 subscription token and obtain the
+blinded signature over the N-th subscription token. The wallet can then
+effectively recover the subscription from backup using a binary search.
The merchant SPA should allow the administrator to create (maybe update) and
delete subscriptions. Each subscription is identified by a subscription
@@ -521,6 +530,8 @@ respective cryptographic fields for the respective time period and
subscription label.
+
+
Discounts
---------
