View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0003887 | Taler | exchange | public | 2015-07-12 01:10 | 2024-01-12 14:05 |
| Reporter | Christian Grothoff | Assigned To | Christian Grothoff | ||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | closed | Resolution | fixed | ||
| Platform | i7 | OS | Debian GNU/Linux | OS Version | squeeze |
| Product Version | git (master) | ||||
| Target Version | 0.3 | Fixed in Version | 0.3 | ||
| Summary | 0003887: handle "emergency" where denomination key is overdrawn (/payback) | ||||
| Description | We need to limit the amount of funds that can be signed into existence per denomination key (and if we're at the limit, switch to another key). Then, we need to track how much was signed into existence by a key, and report an error when more coins are redeemed than we know to have signed into existence. | ||||
| Tags | No tags attached. | ||||
| parent of | 0004498 | closed | Florian Dold | wallet needs to periodically check /keys for panic DK revocation and trigger /payback |
| parent of | 0003775 | closed | Christian Grothoff | need to implement basic auditing |
| related to | 0004751 | closed | Christian Grothoff | reserve balances and garbage collection of denomination keys |
|
|
Specification added in d39bbc6..91d1ae8 |
|
|
structs and signature types added in 424b327..a3bb69f. |
|
|
a3bb69f..21ae4cc defines likely sufficient exchangedb API for /payback. |
|
|
8d9dc14..b38134e implements /payback parsing and signature verification. |
|
|
7225778..5aebc70 adds /payback functions to libtalerexchange.so (not tested). |
|
|
5aebc70..21d2613 provides a first (incomplete) implementation of the _db.c-functionality for /payback. (Need exchangedb_plugin.h extensions to complete.) |
|
|
21d2613..c329b92 implements the main /payback responses. |
|
|
Left do to: * modify DB plugin to obtain reserve information * modify DB plugin to store payback information (and obtain wire deadline) * modify DB plugin to return payback information as part of coin history * modify DB plugin to return payback information as part of reserve history * modify exchange and exchange-lib to handle payback in reserve history * modify exchange and exchange-lib to handle payback in coin history * modify exchangedb key logic to detect denomination keys in emergency mode and return them properly in /keys AND on TEH_KS_denomination_key_lookup() * modify auditor to handle payback in coin history * modify auditor to handle payback in reserve history * implement tests, in particular: + test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof; + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse) |
|
|
c329b92..b293bda modifies the DB plugin to obtain reserve information. |
|
|
b293bda..94dddbb modifies the DB plugin to store payback information. |
|
|
94dddbb..d8542d7 modifies DB plugin to return payback as part of reserve history d8542d7..b95522c modifies DB plugin to return payback as part of coin history (tests still needed) |
|
|
DB plugin tests added in b95522c..b988eb9 |
|
|
94e9ba8..29a2f9b modifies exchange to handle payback in reserve and coin history. |
|
|
dbb2368..cc3aa31 modifies libtalerexchange to handle payback information in reserve/coin history. |
|
|
Left to do: * modify exchangedb key logic to detect denomination keys in emergency mode and return them properly in /keys AND on TEH_KS_denomination_key_lookup() * modify auditor to handle payback in coin history * modify auditor to handle payback in reserve history * implement tests, in particular: + test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof; + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse) |
|
|
4b5efa4..9301012 modifies the auditor to handle payback-related verifications in coin and reserve history. |
|
|
Next step requires some more design work: * specify how exchange/auditor decide that a denomination is in payback mode; * include: modify auditor to trigger 3887-style handling of denominations; * modify exchangedb (non-plugin) key logic to detect denomination keys in emergency mode and return them properly in /keys AND on TEH_KS_denomination_key_lookup() * modify auditor to check that denomination key is in 3887-mode when encountering /payback-records Then, finally: * implement tests, in particular: + test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof; + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse) |
|
|
ef6d9cc..209076e modifies exchangedb to support denomination key revocations. However, we still need to (1) update the documentation about the '.rev' files, and (2) actually use the new information in the exchange (httpd) logic, and (3) output the DKH in the auditor when emergency is detected, and (4) import the '.rev' files into the exchangedb _database_ for the auditor. |
|
|
Left to do after d27f7f3..5f67d98: (1) import the '.rev' files into the exchangedb _database_ for the auditor (2) modify auditor to check that denomination key is in 3887-mode when encountering /payback-records (3) implement tests, in particular: + unit tests for new exchangedb operations (plugin and DK APIs) + test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof; + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse) |
|
|
5f67d98..8e9d6c6 extends the exchangedb API to allow storing the DK rev signatures in the DB (but not yet used). |
|
|
8e9d6c6..11b8710 implements (1) and (2) of note 12026. Additional bugs (0004984 and 0004983) were filed for remaining issues to polish. What is left here is testing -- note (3) of 12026. |
|
|
Tests are implemented, except that the exchange currently never returns the /payback data in the proof because we generate a 404 (denomination key not found) instead of a 403-forbidden. We probably should change that and distinguish between 403-forbidden (denomination key revoked) and 409 conflict (/payback already happened, coin balance is zero / insufficient). So the 403 would return the signature that the DK was revoked, while the 409 would include the coin balance. This needs to be fixed/clarified in the /deposit spec first. |
|
|
I've now added a test for issuing /payback twice, and checking the coin's transaction history including /payback. I now think the 404 on /deposit is OK, as at this point the key is considered "not found". So the exchange implementation and testing are now done. The bug remains open as we wait for the wallet to support /payback. |
|
|
Wallet done, so victory! |
|
|
Fix committed to master branch. |
|
exchange: master 4d4ac495 2017-04-16 04:39 Details Diff |
test case of /payback done twice, handle 403-case in /payback handler, thereby also testing coin-with-payback history case in test logic (fixes 0003887) |
Affected Issues 0003887 |
|
| mod - src/exchange-lib/exchange_api_payback.c | Diff File | ||
| mod - src/exchange-lib/test_exchange_api.c | Diff File | ||
| mod - src/exchange/taler-exchange-httpd_db.c | Diff File | ||
| mod - src/include/taler_exchange_service.h | Diff File | ||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2015-07-12 01:10 | Christian Grothoff | New Issue | |
| 2015-07-12 01:14 | Christian Grothoff | Status | new => confirmed |
| 2015-10-18 00:26 | Christian Grothoff | Relationship added | child of 0003989 |
| 2016-02-18 15:43 | Christian Grothoff | Category | mint => exchange |
| 2016-03-20 21:53 | Torsten Grothoff | Issue cloned: 0004319 | |
| 2016-05-04 06:48 | Christian Grothoff | Assigned To | => Christian Grothoff |
| 2016-05-04 06:48 | Christian Grothoff | Status | confirmed => assigned |
| 2016-05-05 17:44 | Christian Grothoff | Target Version | 0.3 => 0.4 |
| 2016-05-26 21:56 | Christian Grothoff | Target Version | 0.4 => 0.3 |
| 2016-05-31 19:08 | Christian Grothoff | Priority | low => normal |
| 2016-09-23 17:48 | Christian Grothoff | Category | exchange => auditor |
| 2016-09-26 15:22 | Christian Grothoff | Relationship added | child of 0003775 |
| 2016-09-26 15:22 | Christian Grothoff | Relationship deleted | child of 0003989 |
| 2017-03-08 13:14 | Christian Grothoff | Relationship added | parent of 0004498 |
| 2017-03-18 23:16 | Christian Grothoff | Relationship added | related to 0004840 |
| 2017-03-18 23:30 | Christian Grothoff | Relationship added | parent of 0004852 |
| 2017-03-18 23:41 | Christian Grothoff | Relationship deleted | child of 0003775 |
| 2017-03-18 23:41 | Christian Grothoff | Relationship added | parent of 0003775 |
| 2017-03-19 07:43 | Christian Grothoff | Note Added: 0011948 | |
| 2017-03-19 07:50 | Christian Grothoff | Note Added: 0011950 | |
| 2017-03-19 08:39 | Christian Grothoff | Summary | handle "emergency" where denomination key is overdrawn => handle "emergency" where denomination key is overdrawn (/payback) |
| 2017-03-19 08:39 | Christian Grothoff | Note Added: 0011951 | |
| 2017-03-19 10:40 | Christian Grothoff | Relationship added | related to 0004751 |
| 2017-03-20 04:44 | Christian Grothoff | Category | auditor => exchange API (C) |
| 2017-03-29 14:41 | Christian Grothoff | Note Added: 0011986 | |
| 2017-03-29 15:43 | Christian Grothoff | Note Added: 0011990 | |
| 2017-03-29 16:40 | Christian Grothoff | Note Added: 0011991 | |
| 2017-03-29 16:54 | Christian Grothoff | Note Added: 0011992 | |
| 2017-03-29 17:02 | Christian Grothoff | Note Added: 0011993 | |
| 2017-04-01 23:23 | Christian Grothoff | Note Edited: 0011993 | |
| 2017-04-01 23:36 | Christian Grothoff | Note Edited: 0011993 | |
| 2017-04-01 23:44 | Christian Grothoff | Note Added: 0012005 | |
| 2017-04-02 00:05 | Christian Grothoff | Note Added: 0012006 | |
| 2017-04-02 00:15 | Christian Grothoff | Relationship deleted | parent of 0004852 |
| 2017-04-02 18:18 | Christian Grothoff | Note Added: 0012017 | |
| 2017-04-02 22:35 | Christian Grothoff | Note Added: 0012018 | |
| 2017-04-03 16:37 | Christian Grothoff | Note Added: 0012019 | |
| 2017-04-03 22:46 | Christian Grothoff | Note Added: 0012020 | |
| 2017-04-03 22:46 | Christian Grothoff | Note Added: 0012021 | |
| 2017-04-04 17:06 | Christian Grothoff | Note Added: 0012022 | |
| 2017-04-04 17:10 | Christian Grothoff | Note Added: 0012023 | |
| 2017-04-07 22:40 | Christian Grothoff | Note Added: 0012025 | |
| 2017-04-08 20:26 | Christian Grothoff | Note Added: 0012026 | |
| 2017-04-08 22:01 | Christian Grothoff | Note Added: 0012027 | |
| 2017-04-08 22:53 | Christian Grothoff | Note Added: 0012028 | |
| 2017-04-10 16:50 | Christian Grothoff | Note Added: 0012029 | |
| 2017-04-10 17:58 | Christian Grothoff | Relationship deleted | related to 0004840 |
| 2017-04-16 16:58 | Christian Grothoff | Note Added: 0012039 | |
| 2017-05-02 14:42 | Christian Grothoff | Status | assigned => resolved |
| 2017-05-02 14:42 | Christian Grothoff | Resolution | open => fixed |
| 2017-05-02 14:42 | Christian Grothoff | Fixed in Version | => 0.3 |
| 2017-05-02 14:42 | Christian Grothoff | Note Added: 0012094 | |
| 2017-06-06 14:18 | Christian Grothoff | Status | resolved => closed |
| 2021-09-02 18:13 | Christian Grothoff | Changeset attached | => Taler-exchange master 4d4ac495 |
| 2021-09-02 18:14 | Christian Grothoff | Note Added: 0018301 | |
| 2024-01-12 14:05 | Christian Grothoff | Category | exchange API (C) => exchange |
