View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005188||Taler||merchant backend API (C)||public||2017-11-30 17:17||2018-04-15 20:34|
|Reporter||Florian Dold||Assigned To||Marcello Stanisci|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Product Version||git (master)|
|Target Version||0.5||Fixed in Version||0.5|
|Summary||0005188: merchant should not store reserve private keys as strings in the configuration|
|Description||This is bad because:|
1. For all other private keys we have files that we reference in the configuration.
2. It's not possible to use gnunet-ecc to get the public key from a private key that's in base32crockford encoding.
3. We never want private keys to ever linger around in command line histories or command line arguments at all.
|Tags||No tags attached.|
9f1ca1783f92c9f4e8ad795a5329dc60f78261b5 implements this in the merchant, basically changing the configuration option from tip_reserve_priv to tip_reserve_priv_filename and expecting the file to contain the private key. The documentation was also updated.
I made corresponding changes to the deployment in 4fbc4e6..11d307b, but did not test those yet (on a train...), maybe Florian or Marcello could make sure the deployment still works?
||(Assigning to Marcello to re-test deployment and/or put in the 'basic' level of funding for the tipping reserve.)|
||Oh, also, I noticed that the reserve is funded via reservemod. That kind-of works, but it is awkward in that it'll cause the taler-wire-auditor to fail when it compares bank records to exchange records. It would be better if we could trigger an /admin/add/incomming at the bank instead, and have the bank trigger (soon via taler-exchange-wirewatch - i.e. the exchange polls the bank's /history) the exchange's balance modification.|
Oh, and having a command-line tool to trigger such a wire transfer at the bank might be neat. I'll file a separate feature report for that. => 0005195
||Tried while deploying the 'demo' setup; works. Other issues discussed here have dedicate bug numbers now, closing this.|
|2017-11-30 17:17||Florian Dold||New Issue|
|2017-11-30 17:17||Florian Dold||Status||new => assigned|
|2017-11-30 17:17||Florian Dold||Assigned To||=> Christian Grothoff|
|2017-11-30 17:20||Christian Grothoff||Product Version||=> git (master)|
|2017-12-07 07:43||Christian Grothoff||Note Added: 0012630|
|2017-12-07 07:43||Christian Grothoff||Assigned To||Christian Grothoff => Marcello Stanisci|
|2017-12-07 07:44||Christian Grothoff||Note Added: 0012631|
|2017-12-07 07:45||Christian Grothoff||Note Added: 0012632|
|2017-12-07 07:47||Christian Grothoff||Note Added: 0012633|
|2017-12-07 07:51||Christian Grothoff||Note Edited: 0012633|
|2017-12-11 13:37||Marcello Stanisci||Status||assigned => resolved|
|2017-12-11 13:37||Marcello Stanisci||Resolution||open => fixed|
|2017-12-11 13:37||Marcello Stanisci||Note Added: 0012662|
|2017-12-14 15:39||Christian Grothoff||Fixed in Version||=> 0.5|
|2018-04-15 20:34||Christian Grothoff||Status||resolved => closed|