Taler - Roadmap
Scheduled For Release 2025-05-31
- 0010158: [exchange] exchange didn't recover well after fail (sebasjm)
- 0008614: [libeufin-bank] allow different fee classes for cashout [20h] (Antoine A)
- 0010104: [libeufin-bank-ui (SPA)] Conversion rate class UI (Antoine A)
- 0010166: [deployment and operations] set up separate staging apt (rep)repro, document publishing flow
- 0008155: [quality checkpoint] acceptance testing of SPA with MG
- 0009639: [exchange] spec and implement transaction risk monitoring [4h] (Florian Dold)
- 0009874: [exchange AML backoffice (SPA)]
measures do not always have to have PROGRAMS(sebasjm) - 0010110: [exchange AML backoffice (SPA)]
aml officer should see the current active measures on the account details(sebasjm) - 0010111: [exchange AML backoffice (SPA)]
aml spa should always show the complet rule set of the account(sebasjm) - 0010014: [exchange KYC SPA]
implement form for uploading list of documents from context [4h](Florian Dold) - 0010031: [exchange AML backoffice (SPA)]
AML SPA should also show KYC auth transfers under transfers page(sebasjm) - 0009736: [exchange AML backoffice (SPA)]
Design change (?): need to be able to provide context when adding measure (est 8h - due date 6/6)(sebasjm) - 0010032: [exchange AML backoffice (SPA)]
AML SPA does not show account AML status in AML SPA despite successful KYC auth and access token(sebasjm) - 0009810: [exchange AML backoffice (SPA)]
wild form for custom measure (est 8h - due date 5/6)(sebasjm) - 0010065: [exchange AML backoffice (SPA)]
AML spa should use new default rule information(sebasjm) - 0009890: [exchange]
exchange has no API for AML officer to get default rules [2h], 10.6.25(Christian Grothoff) - 0009677: [exchange AML backoffice (SPA)]
force manual AML_INVESTIGATION_STATE on 'other' (est 4h - due date 4/6)(sebasjm) - 0009875: [exchange AML backoffice (SPA)]
FORM_IDs for challenger forms(sebasjm) - 0009777: [exchange AML backoffice (SPA)]
implement derived properties(sebasjm) - 0009778: [exchange AML backoffice (SPA)]
implement derived events(sebasjm) - 0009866: [exchange KYC SPA]
missing obvious validations to the vqf forms(sebasjm) - 0009868: [exchange AML backoffice (SPA)]
wizard forget the values when moving in and out the section(sebasjm) - 0009877: [exchange AML backoffice (SPA)]
MROS confirmation required without MROS event?(sebasjm) - 0009905: [exchange AML backoffice (SPA)]
cannot enter multi-line values in context(sebasjm) - 0009906: [exchange AML backoffice (SPA)]
"add custom measure" does not actually add the measure to active measures(sebasjm) - 0010162: [wallet-core] wallet-core should limit batch size of large deposit transactions [3h] (Florian Dold)
- 0010174: [deployment and operations] ansible script to import new sanction list is dated, needs to be improved (Florian Dold)
- 0010140: [wallet-core] Update third party dependencies [6h] (avalos)
- 0010167: [wallet (iOS App)] iOS wallet doesn't show error states of exchange entries (MarcS)
- 0010010: [libeufin-bank-ui (SPA)] German translations of English strings chosen at random (Stefan)
- 0010129: [Web site(s)] The language switcher for the demo pages is dysfunctional (Bohdan)
- 0010146: [wallet (iOS App)] French version not available on Taler wallet with iOS (MarcS)
- 0010102: [wallet (iOS App)] Integration Test fails and wallet crashes if Payment Service (KUDOS) gets removed (Florian Dold)
- 0009930: [deployment and operations] test backups also on rusty [3h] (Florian Dold)
- 0009243: [wallet-core] When an Exchange is not reachable, wallet-core should return "not reachable" instead of some JSON error (MarcS)
- 0008351: [Web site(s)] Get screenshots from the latest actual mobile apps and the CHF exchange just before going live (MarcS)
- 0009935: [wallet (iOS App)] updated all outdated screenshots and keep them up-to-date (MarcS)
- 0010054: [Web site(s)]
link to merchant api docs on english documentation page is broken (HTTP 404)(Christian Grothoff) - 0010171: [merchant backend]
doesnt return new tokens after creating one(schanzen) - 0010173: [merchant backend]
cant add description in the token info(schanzen) - 0010118: [merchant backend]
merchant backend should have API to list and revoke access tokens(schanzen) - 0009922: [libeufin-nexus]
get wallet tests to work with libeufin [3h](Florian Dold) - 0009454: [merchant backend]
import transaction settlement data from exchange without wire transfer confirmation(Christian Grothoff) - 0010159: [merchant backend]
merchant backend should return list of tokens(sebasjm) - 0010126: [merchant backend]
taler.conf can't be symlink of symlink(schanzen) - 0010144: [wallet (Android App)]
Banking QR codes should be shared as images(avalos) - 0010070: [deployment and operations]
TOPS exchange requires ToS download after phone number validation [5h](Florian Dold) - 0010099: [wallet-core]
implement DD64 (kyc check algo) in wallet-core [8h](Florian Dold) - 0010156: [exchange]
harness test kyc-decision-events fails with SQL error(Florian Dold) - 0009931: [wallet (Android App)]
Protect access to Android wallet(avalos) - 0010154: [merchant backend]
merchant die, re starting worked again(Christian Grothoff) - 0010142: [merchant backoffice SPA]
merchant SPA does not show or check currency of editable_defaults(sebasjm) - 0010105: [wallet (Android App)]
when offline, block actions that are not possible without network(avalos) - 0010128: [specification]
exchange should have an API to get stats in bluk(sebasjm) - 0010062: [deployment and operations]
weblate installation on pixel looks cursed(Stefan) - 0009540: [exchange AML backoffice (SPA)]
AML SPA throttled?(sebasjm) - 0010150: [exchange AML backoffice (SPA)]
update aml spa to the new stats API(sebasjm) - 0007949: [specification]
unified set of parameters for endpoint with pagination(Christian Grothoff) - 0009968: [exchange]
Support listing accounts that did NOT trigger onboarding in AML SPA(Christian Grothoff) - 0010119: [merchant backend]
configure.ac references wrong include directory(Christian Grothoff) - 0009284: [exchange]
inefficient web serving in exchange mhd_spa(Christian Grothoff) - 0010106: [qtart]
memory freed based on uninitialized counter(Florian Dold) - 0010107: [qtart]
call of js_free on uninitialized pointer(Florian Dold) - 0010026: [wallet-core]
wallet-core should support migration of exchange base URLs [8h](Florian Dold) - 0010075: [wallet-core]
wallet-core should support migration records for exchange base URLs [10h](Florian Dold) - 0010098: [qtart]
cleanup reference to developer's local path's in .iml file(avalos) - 0010074: [robocop]
robocop needs documentation(Christian Grothoff) - 0009945: [merchant backoffice SPA]
better error message when there is no wire transfer delay(sebasjm) - 0010125: [exchange KYC SPA]
uploading KYC document sometimes fails with 400 (likely broken request compression)(Christian Grothoff) - 0009960: [sandcastle (containerized demo deployment)]
sandcastle does not start cleanly when postgres needs to do recovery after unclean shutdown [1h](Florian Dold) - 0010120: [merchant backoffice SPA]
do not ask the admin for the current instance password to change to a new password(sebasjm) - 0010121: [merchant backend]
should be able to change the instance password with the admin access token(sebasjm) - 0010114: [merchant backend]
merchant SPA stuck on login dialogue(sebasjm) - 0009723: [exchange]
exchange should set cache-control headers on GET requests to 'no-store' disable caching in some cases(Christian Grothoff) - 0009647: [merchant backend]
Scope in tokens / authorizations needs rework(schanzen) - 0009556: [specification]
address merchant auth token weirdness(Christian Grothoff) - 0009620: [merchant backend]
Restrict public instance access and replace token-based authentication with username and password(schanzen) - 0009975: [exchange]
Harmonize coin history data with new refresh potocol(Christian Grothoff) - 0009646: [documentation]
Merchant authentication/token API not (fully documented)(schanzen) - 0009027: [exchange]
expose measures that have been triggered to AML staff [1d](Christian Grothoff) - 0009572: [exchange AML backoffice (SPA)]
automatic logout (est 4h - due date 5/6)(sebasjm) - 0010080: [deployment and operations]
outgoing wire transfers on glstest do not work(Florian Dold) - 0010113: [exchange AML backoffice (SPA)]
clean up some dead code [2hs](sebasjm) - 0010109: [merchant backend]
remove cache directive (max-age) on merchant backend(Christian Grothoff) - 0010096: [merchant backoffice SPA]
merchant SPA should load /config with Cache-Control: no-cache when logged out(Florian Dold) - 0010039: [wallet (iOS App)]
cant read QR code(sebasjm) - 0010050: [wallet (all platforms)]
user reports "KYC required" when trying to put money back into originating account(Florian Dold) - 0009754: [merchant backoffice SPA]
admin should be able to reset/change password of other instances (est 8h - due date 9/6)(sebasjm) - 0009053: [exchange]
add support for automated sanction list processing [1h] / 13.6.25(Christian Grothoff) - 0010072: [robocop]
some inputs fail to yield score, depending on sanction list and input(Christian Grothoff) - 0010024: [exchange]
exchange (and other components) do not support multiple LISTEN_FDS(Christian Grothoff) - 0010097: [wallet-core]
remove testing-dangerously-eval from production code(oec) - 0010023: [merchant backend]
merchant (and probably other components) should have explicit SERVE config for socket passing(Christian Grothoff) - 0010090: [merchant backend]
taler-merchant-kyccheck goes insane if KYC is off(Christian Grothoff) - 0009536: [wallet (WebExtension)]
two CHF exchanges and weirdness everywhere (also: global vs. regional exchange settings borked)(sebasjm) - 0009998: [wallet-core]
CHF exchange confusion [1h], 6.6.25(Christian Grothoff) - 0010056: [Web site(s)]
demo does not define all colors in dark mode [1h], 9.6.25(Christian Grothoff) - 0009864: [merchant backoffice SPA]
space not tolerated in IBAN(Christian Grothoff) - 0010073: [robocop]
robocop should be split into XML parser and matching logic(Christian Grothoff) - 0010071: [libeufin-bank-ui (SPA)]
Allow cashout without 2FA(sebasjm) - 0010081: [libeufin-bank]
calculation from spa and libeufin server doesn't match(Antoine A) - 0009821: [wallet-core]
Refactor notifications handling(Florian Dold) - 0009724: [wallet (iOS App)]
Use FaceID/TouchID to enable using the app(MarcS) - 0009982: [deployment and operations]
integrate GLS configuration into ansible scripts(Florian Dold) - 0010049: [wallet-core]
unify divergent exchange client classes in taler-typescript-core/taler-util(Florian Dold) - 0010061: [deployment and operations]
implement and document test procedures for rusty / glsint(Florian Dold) - 0010053: [wallet-core]
reserve_pub not used for deposit(Florian Dold) - 0008980: [deployment and operations]
lcov.taler.net is very outdated(schanzen) - 0010044: [exchange]
exchange should honor Account-Owner-Pub signature when checking Account-Owner-Signature(Christian Grothoff) - 0010043: [documentation]
expand test plan with deposits and KYC auth(Florian Dold) - 0009979: [exchange KYC SPA]
bad iso date input(sebasjm) - 0010064: [exchange]
exchange does not correctly correlate account verification from withdrawal with deposits(Florian Dold) - 0008999: [libeufin-bank]
Set limits to all variable size user inputs(Antoine A) - 0009819: [libeufin-bank]
cannot cashout(sebasjm) - 0009957: [wallet (Android App)]
decide and document test+release process for Android on Play Store(avalos) - 0009985: [wallet (Android App)]
NFC chip continues to broadcast after detail view with QR code was dismissed(avalos) - 0009986: [wallet (Android App)]
NFC transmission Android to Android doesn't work(avalos) - 0009988: [exchange AML backoffice (SPA)]
preload the new req decision with the information of the current decision(sebasjm) - 0009990: [libeufin-nexus]
Check bank public keys hash from the config file(Antoine A) - 0009992: [exchange KYC SPA]
TOPS KYC page does not work on iOS/Safari(sebasjm) - 0010002: [merchant backend]
kyc-check loop in merchant (when KYC is disabled at exchange)(Florian Dold) - 0010013: [exchange]
AML programs do not receive input new_rules.custom_measures despite it being mandatory in the spec(Florian Dold) - 0010015: [wallet (iOS App)]
iOS wallet does not show KYC link in deposit transactions(Florian Dold) - 0010016: [wallet (Android App)]
Android wallet does not show KYC link in deposit transactions(avalos) - 0010018: [wallet-core]
wallet-core does not properly abort deposit transactions in pending(kyc) state(Florian Dold) - 0010021: [libeufin-nexus]
nexus doesn't ingest current MB camt file(Antoine A) - 0010028: [wallet (WebExtension)]
wallet content security policy breaks the UI(sebasjm) - 0010030: [libeufin-nexus]
bounce payments should use original instructed amount, minus bounce fee(Antoine A) - 0010033: [wallet (WebExtension)]
first load of TOS doesn't work(sebasjm) - 0010034: [exchange AML backoffice (SPA)]
can't render when dialect is gls(sebasjm) - 0010036: [libeufin-nexus]
Bounce transactions based on their IBAN for country restriction(Antoine A) - 0010042: [wallet (Android App)]
failed to create an invoice(avalos) - 0010047: [wallet-core]
peer-push-debit kyc transaction is missing kycUrl(Florian Dold) - 0010048: [libeufin-nexus]
libeufin-nexus as wire gateway lose the creditor name(Antoine A) - 0010059: [deployment and operations]
quota service did not start properly on firefly on reboot(schanzen) - 0010041: [wallet (Android App)]
reading QR code leaves the app without response(avalos) - 0009756: [deployment and operations]
alertmanager in ansible-taler-exchange(Christian Grothoff) - 0010060: [merchant backend]
taler-merchant-depositcheck fails to go down nicely if DB was outdated, runs into assertion failures(Christian Grothoff) - 0010009: [deployment and operations]
alloy cannot log to loki: too many requests + ring buffer problems(Christian Grothoff) - 0009999: [wallet (Android App)]
Banking QR codes for withdrawal should be shown directly after confirming manual withdrawal(avalos) - 0009900: [auditor]
Adapt auditor/taler-helper-auditor-coins to new refresh(Christian Grothoff) - 0009940: [deployment and operations]
migrate pre 1.0 deployments to 1.0 setup(Christian Grothoff) - 0009974: [merchant backend]
payments fail in BFH deployment(Christian Grothoff) - 0009977: [wallet (Android App)]
upload Android wallet with wallet-core 1.0.5(avalos) - 0009978: [wallet (Android App)]
upload iOS wallet with wallet-core 1.0.4(MarcS) - 0010035: [exchange]
reserves_out table is dead(Christian Grothoff) - 0009892: [merchant backend]
make retry timeouts in taler-merchant-kyccheck configurable for better testability(Florian Dold) - 0010020: [exchange]
kyc-decisions test causes DB error in exchange(Christian Grothoff) - 0009932: [wallet (iOS App)]
iOS wallet should use "withdraw from bank" instead of plain "withdraw" on cta-withdraw(MarcS) - 0009993: [challenger]
challenger still does not seem to tolerate it well when postgres goes away(Christian Grothoff) - 0009969: [wallet (iOS App)]
cannot initiate p2p payment(Christian Grothoff) - 0010011: [exchange]
taler-terms-generator -h fails with "VERSION unbound variable"(Christian Grothoff) - 0010003: [exchange]
exchange KYC auth does not work when non-normalized payto URI differs between withdrawal and KYC auth(Christian Grothoff) - 0010000: [merchant backoffice SPA]
merchant SPA freaks out if bank account IBAN has spaces during account setup(sebasjm) - 0009713: [wallet (WebExtension)]
on invoice: QR code should be shown by default(sebasjm) - 0009728: [wallet (WebExtension)]
qr code should be shown by default in P2P(sebasjm) - 0009858: [wallet (Android App)]
migrate qtart away from legacy Maven publishing API(avalos) - 0009873: [merchant backoffice SPA]
kyc is not yellow while the kyc is still pending(sebasjm) - 0009933: [wallet (Android App)]
Android wallet should use "withdraw from bank" instead of plain "withdraw" cta-withdraw(avalos) - 0009943: [merchant backoffice SPA]
Webhook creation page has different event types and fields than webhook edit/update page(sebasjm) - 0009946: [wallet (Android App)]
No info if QR already was claimed by another wallet(avalos) - 0009948: [merchant backoffice SPA]
Activate Content-Security-Policy default-src: 'none' for SPA(sebasjm) - 0009950: [qtart]
unchecked malloc can lead to crash(avalos) - 0009964: [wallet (Android App)]
Balance strings seems to be cut for no reason(avalos) - 0009972: [wallet-core]
taler-wallet-cli does not work with pay-push URIs(Florian Dold) - 0009973: [libeufin-bank]
libeufin 'make install' fails to install libeufin-bank man pages(Antoine A) - 0009976: [wallet (WebExtension)]
upload webext wallet with wallet-core 1.0.4(Florian Dold) - 0009971: [wallet (Android App)]
allow choosing exchange for currency(avalos) - 0009970: [merchant backend]
TOPS exchange not included in list of trusted exchanges(Christian Grothoff) - 0009939: [merchant-pos-terminal (Android App)]
Update dependency for QR code recognition on PoS app(Bohdan) - 0009962: [sandcastle (containerized demo deployment)]
Omitting the redirect to https for dev purposes on demo endpoints(Christian Grothoff) - 0009959: [wallet-core]
withdrawal does not transition out of KYC required state when exchange changes config(Florian Dold) - 0009926: [exchange]
Fix incorrect SQL statement, parameters and callback signature in exchangedb/pg_select_withdrawals_above_serial_id.c(Christian Grothoff) - 0009947: [exchange]
search_path does not work for some triggers(Christian Grothoff) - 0009944: [exchange]
secmod pthread_detach is unclean(Christian Grothoff) - 0009923: [deployment and operations]
uptimekuma failed to alert when we took spec down(Christian Grothoff) - 0010141: [exchange]
old SQL files not cleared after make install(Christian Grothoff) - 0010130: [wallet-core]
implement mechanism to force updating an exchange with static list of timestamps shipped with wallet-core(Christian Grothoff) - 0009256: [wallet (all platforms)]
Correction of input fields / Korrektur von Eingabefeldern(Damian Pilka) - 0009598: [wallet (Android App)]
Impossible to transfer all the money to the bank(Emmanuel)
162 of 180 issue(s) resolved View Issues
