View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0010662 | Taler | wallet (WebExtension) | public | 2025-11-25 22:21 | 2025-11-27 09:33 |
| Reporter | htgoebel | Assigned To | |||
| Priority | normal | Severity | major | Reproducibility | always |
| Status | acknowledged | Resolution | open | ||
| Target Version | post-1.0 | ||||
| Summary | 0010662: Can't take refund if order is deleted | ||||
| Description | In the wallet, when deleting a payment from the "balance" list, one can not receive any refund for this payment. This will actually lead to customers loosing money. (Thought the money ist not lost, since the merchant has it.) Expected: Either - being able to receive refund even if the corresponding purchase is gone or . puchances mut not be deletable (and deleted) before the end of the refund deadline. | ||||
| Steps To Reproduce | 1. In the merchant SPA create an order (no auto-refund!) 2. In the Wallet pay it. 3. In the Wallet, remove the purchase from the Balance list (click on the purchase entry and then on "Delete") 4. In the merchant SPA, refund the payment 5. In the merchant SPA, go to the order details and click the "Refund URL" link 6. The Wallet shows error: "Could not load the refund status Wallet operation "startRefundQueryForUri" failed" { "context": [], "cause": { "details": { "code": 7001, "when": { "t_ms": 1764105187306 }, "hint": "unexpected exception (message: no purchase found, can't refund)", "stack": "startRefundQueryForUri@moz-extension://1836e6f3-969e-4e6a-a6df-ee4b8c07bc79/dist/background.js:50384:11\n" } } } | ||||
| Additional Information | I'm using the Wallet with "developer mode" enabled. Web Extension 1.1.0 35435d32112a596930b72ddf9f43b553fdbaba97 | ||||
| Tags | No tags attached. | ||||
|
|
I'm not sure we can *reliably* do this. Deleted means we don't know about the order anymore, and given that this is a privacy project, that includes truly deleting associated data. Can't be that you deleted the transaction but it is still in your local database, imagine it was a donation to some opposition party and it's in your DB when some oppressive regime checks your phone. So we must fully delete the order, which includes the refund deadline, and if possible associated coin keys (as otherwise I can still find evidence of you being the buyer on your phone!). Now, we might be able to round-up the refund deadline and keep the required data around until then, but that could be subject to abuse if the merchant just sets an excessively long refund deadline and we'd effectively not delete the data in a timely fashion (privacy attack by merchant). |
|
|
IMO a good first step would be to add a strong warning in the UI to the user if the refund deadline hasn't expired yet and they want to delete an order in the wallet. "If you delete this transaction from your history, you will not be able to receive refunds from the merchant for it." |
|
|
That sounds reasonable. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-11-25 22:21 | htgoebel | New Issue | |
| 2025-11-25 22:27 | htgoebel | Description Updated | |
| 2025-11-25 22:27 | htgoebel | Steps to Reproduce Updated | |
| 2025-11-27 09:00 | Christian Grothoff | Note Added: 0026638 | |
| 2025-11-27 09:00 | Christian Grothoff | Status | new => acknowledged |
| 2025-11-27 09:07 | Florian Dold | Note Added: 0026639 | |
| 2025-11-27 09:20 | Christian Grothoff | Target Version | => post-1.0 |
| 2025-11-27 09:33 | Christian Grothoff | Note Added: 0026641 |
