View Issue Details

IDProjectCategoryView StatusLast Update
0003887Talerexchange API (C)public2017-06-06 14:18
ReporterChristian GrothoffAssigned ToChristian Grothoff 
PrioritynormalSeverityfeatureReproducibilityN/A
Status closedResolutionfixed 
Platformi7OSDebian GNU/LinuxOS Versionsqueeze
Product VersionSVN HEAD 
Target Version0.3Fixed in Version0.3 
Summary0003887: handle "emergency" where denomination key is overdrawn (/payback)
DescriptionWe need to limit the amount of funds that can be signed into existence per denomination key (and if we're at the limit, switch to another key).

Then, we need to track how much was signed into existence by a key, and report an error when more coins are redeemed than we know to have signed into existence.
TagsNo tags attached.

Relationships

parent of 0004498 closedFlorian Dold wallet needs to periodically check /keys for panic DK revocation and trigger /payback 
parent of 0003775 closedChristian Grothoff need to implement basic auditing 
related to 0004751 closedChristian Grothoff reserve balances and garbage collection of denomination keys 

Activities

Christian Grothoff

2017-03-19 07:43

manager   ~0011948

Specification added in d39bbc6..91d1ae8

Christian Grothoff

2017-03-19 07:50

manager   ~0011950

structs and signature types added in 424b327..a3bb69f.

Christian Grothoff

2017-03-19 08:39

manager   ~0011951

a3bb69f..21ae4cc defines likely sufficient exchangedb API for /payback.

Christian Grothoff

2017-03-29 14:41

manager   ~0011986

8d9dc14..b38134e implements /payback parsing and signature verification.

Christian Grothoff

2017-03-29 15:43

manager   ~0011990

7225778..5aebc70 adds /payback functions to libtalerexchange.so (not tested).

Christian Grothoff

2017-03-29 16:40

manager   ~0011991

5aebc70..21d2613 provides a first (incomplete) implementation of the _db.c-functionality for /payback. (Need exchangedb_plugin.h extensions to complete.)

Christian Grothoff

2017-03-29 16:54

manager   ~0011992

21d2613..c329b92 implements the main /payback responses.

Christian Grothoff

2017-03-29 17:02

manager   ~0011993

Last edited: 2017-04-01 23:36

View 3 revisions

Left do to:

* modify DB plugin to obtain reserve information
* modify DB plugin to store payback information (and obtain wire deadline)
* modify DB plugin to return payback information as part of coin history
* modify DB plugin to return payback information as part of reserve history
* modify exchange and exchange-lib to handle payback in reserve history
* modify exchange and exchange-lib to handle payback in coin history
* modify exchangedb key logic to detect denomination keys in emergency mode and return them properly in /keys AND on TEH_KS_denomination_key_lookup()
* modify auditor to handle payback in coin history
* modify auditor to handle payback in reserve history
* implement tests, in particular:
  + test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof;
  + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse)

Christian Grothoff

2017-04-01 23:44

manager   ~0012005

c329b92..b293bda modifies the DB plugin to obtain reserve information.

Christian Grothoff

2017-04-02 00:05

manager   ~0012006

b293bda..94dddbb modifies the DB plugin to store payback information.

Christian Grothoff

2017-04-02 18:18

manager   ~0012017

94dddbb..d8542d7 modifies DB plugin to return payback as part of reserve history
d8542d7..b95522c modifies DB plugin to return payback as part of coin history
(tests still needed)

Christian Grothoff

2017-04-02 22:35

manager   ~0012018

DB plugin tests added in b95522c..b988eb9

Christian Grothoff

2017-04-03 16:37

manager   ~0012019

94e9ba8..29a2f9b modifies exchange to handle payback in reserve and coin history.

Christian Grothoff

2017-04-03 22:46

manager   ~0012020

dbb2368..cc3aa31 modifies libtalerexchange to handle payback information in reserve/coin history.

Christian Grothoff

2017-04-03 22:46

manager   ~0012021

Left to do:
* modify exchangedb key logic to detect denomination keys in emergency mode and return them properly in /keys AND on TEH_KS_denomination_key_lookup()
* modify auditor to handle payback in coin history
* modify auditor to handle payback in reserve history
* implement tests, in particular:
  + test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof;
  + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse)

Christian Grothoff

2017-04-04 17:06

manager   ~0012022

4b5efa4..9301012 modifies the auditor to handle payback-related verifications in coin and reserve history.

Christian Grothoff

2017-04-04 17:10

manager   ~0012023

Next step requires some more design work:
* specify how exchange/auditor decide that a denomination is in payback mode;
* include: modify auditor to trigger 3887-style handling of denominations;
* modify exchangedb (non-plugin) key logic to detect denomination keys in emergency mode and return them properly in /keys AND on TEH_KS_denomination_key_lookup()
* modify auditor to check that denomination key is in 3887-mode when encountering /payback-records

Then, finally:
* implement tests, in particular:
  + test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof;
  + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse)

Christian Grothoff

2017-04-07 22:40

manager   ~0012025

ef6d9cc..209076e modifies exchangedb to support denomination key revocations. However, we still need to (1) update the documentation about the '.rev' files, and (2) actually use the new information in the exchange (httpd) logic, and (3) output the DKH in the auditor when emergency is detected, and (4) import the '.rev' files into the exchangedb _database_ for the auditor.

Christian Grothoff

2017-04-08 20:26

manager   ~0012026

Left to do after d27f7f3..5f67d98:
(1) import the '.rev' files into the exchangedb _database_ for the auditor
(2) modify auditor to check that denomination key is in 3887-mode when encountering /payback-records
(3) implement tests, in particular:
+ unit tests for new exchangedb operations (plugin and DK APIs)
+ test coin transaction history works, i.e. by trying /payback twice for the same coin and checking the proof;
  + test /deposit after /payback fails (should no longer provide /payback proof, but notice emergency and thus refuse)

Christian Grothoff

2017-04-08 22:01

manager   ~0012027

5f67d98..8e9d6c6 extends the exchangedb API to allow storing the DK rev signatures in the DB (but not yet used).

Christian Grothoff

2017-04-08 22:53

manager   ~0012028

8e9d6c6..11b8710 implements (1) and (2) of note 12026. Additional bugs (0004984 and 0004983) were filed for remaining issues to polish. What is left here is testing -- note (3) of 12026.

Christian Grothoff

2017-04-10 16:50

manager   ~0012029

Tests are implemented, except that the exchange currently never returns the /payback data in the proof because we generate a 404 (denomination key not found) instead of a 403-forbidden. We probably should change that and distinguish between 403-forbidden (denomination key revoked) and 409 conflict (/payback already happened, coin balance is zero / insufficient). So the 403 would return the signature that the DK was revoked, while the 409 would include the coin balance. This needs to be fixed/clarified in the /deposit spec first.

Christian Grothoff

2017-04-16 16:58

manager   ~0012039

I've now added a test for issuing /payback twice, and checking the coin's transaction history including /payback. I now think the 404 on /deposit is OK, as at this point the key is considered "not found". So the exchange implementation and testing are now done. The bug remains open as we wait for the wallet to support /payback.

Christian Grothoff

2017-05-02 14:42

manager   ~0012094

Wallet done, so victory!

Issue History

Date Modified Username Field Change
2015-07-12 01:10 Christian Grothoff New Issue
2015-07-12 01:14 Christian Grothoff Status new => confirmed
2015-10-18 00:26 Christian Grothoff Relationship added child of 0003989
2016-02-18 15:43 Christian Grothoff Category mint => exchange
2016-03-20 21:53 Torsten Grothoff Issue cloned: 0004319
2016-05-04 06:48 Christian Grothoff Assigned To => Christian Grothoff
2016-05-04 06:48 Christian Grothoff Status confirmed => assigned
2016-05-05 17:44 Christian Grothoff Target Version 0.3 => 0.4
2016-05-26 21:56 Christian Grothoff Target Version 0.4 => 0.3
2016-05-31 19:08 Christian Grothoff Priority low => normal
2016-09-23 17:48 Christian Grothoff Category exchange => auditor
2016-09-26 15:22 Christian Grothoff Relationship added child of 0003775
2016-09-26 15:22 Christian Grothoff Relationship deleted child of 0003989
2017-03-08 13:14 Christian Grothoff Relationship added parent of 0004498
2017-03-18 23:16 Christian Grothoff Relationship added related to 0004840
2017-03-18 23:30 Christian Grothoff Relationship added parent of 0004852
2017-03-18 23:41 Christian Grothoff Relationship deleted child of 0003775
2017-03-18 23:41 Christian Grothoff Relationship added parent of 0003775
2017-03-19 07:43 Christian Grothoff Note Added: 0011948
2017-03-19 07:50 Christian Grothoff Note Added: 0011950
2017-03-19 08:39 Christian Grothoff Summary handle "emergency" where denomination key is overdrawn => handle "emergency" where denomination key is overdrawn (/payback)
2017-03-19 08:39 Christian Grothoff Note Added: 0011951
2017-03-19 10:40 Christian Grothoff Relationship added related to 0004751
2017-03-20 04:44 Christian Grothoff Category auditor => exchange API (C)
2017-03-29 14:41 Christian Grothoff Note Added: 0011986
2017-03-29 15:43 Christian Grothoff Note Added: 0011990
2017-03-29 16:40 Christian Grothoff Note Added: 0011991
2017-03-29 16:54 Christian Grothoff Note Added: 0011992
2017-03-29 17:02 Christian Grothoff Note Added: 0011993
2017-04-01 23:23 Christian Grothoff Note Edited: 0011993 View Revisions
2017-04-01 23:36 Christian Grothoff Note Edited: 0011993 View Revisions
2017-04-01 23:44 Christian Grothoff Note Added: 0012005
2017-04-02 00:05 Christian Grothoff Note Added: 0012006
2017-04-02 00:15 Christian Grothoff Relationship deleted parent of 0004852
2017-04-02 18:18 Christian Grothoff Note Added: 0012017
2017-04-02 22:35 Christian Grothoff Note Added: 0012018
2017-04-03 16:37 Christian Grothoff Note Added: 0012019
2017-04-03 22:46 Christian Grothoff Note Added: 0012020
2017-04-03 22:46 Christian Grothoff Note Added: 0012021
2017-04-04 17:06 Christian Grothoff Note Added: 0012022
2017-04-04 17:10 Christian Grothoff Note Added: 0012023
2017-04-07 22:40 Christian Grothoff Note Added: 0012025
2017-04-08 20:26 Christian Grothoff Note Added: 0012026
2017-04-08 22:01 Christian Grothoff Note Added: 0012027
2017-04-08 22:53 Christian Grothoff Note Added: 0012028
2017-04-10 16:50 Christian Grothoff Note Added: 0012029
2017-04-10 17:58 Christian Grothoff Relationship deleted related to 0004840
2017-04-16 16:58 Christian Grothoff Note Added: 0012039
2017-05-02 14:42 Christian Grothoff Status assigned => resolved
2017-05-02 14:42 Christian Grothoff Resolution open => fixed
2017-05-02 14:42 Christian Grothoff Fixed in Version => 0.3
2017-05-02 14:42 Christian Grothoff Note Added: 0012094
2017-06-06 14:18 Christian Grothoff Status resolved => closed