View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006863 | Taler | mechant backend | public | 2021-05-14 15:47 | 2021-08-24 16:23 |
| Reporter | sebasjm | Assigned To | MS | ||
| Priority | high | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | git (master) | ||||
| Target Version | 0.8 | Fixed in Version | 0.8 | ||
| Summary | 0006863: Filling a reserve with 2 transactions just take the first | ||||
| Description | Im testing out reserve. I have created one with initial balance with X but then filling with X/2 twice. The reserve never received the second transfer, first I thought that might be a bug but it may be a design choice? If it is a bug I can create a test case for this. Does the initial value has a security concern? Has evaluated a reserve that can be filled through time? | ||||
| Tags | No tags attached. | ||||
|
|
Yes, there was a design choice made that a reserve can only ever receive one incoming transfer. Alas, we MAY need to revise this soon-ish, when we introduce KYC'ed accounts which may require us to review that 'unique' constraint... |
|
|
Just discussed this with Florian. We will continue to only allow a reserve to be filled _once_. Subsequent wire transfers with the same wire transfer subject will be rejected by LibEuFin (and _should_ be eventually rejected by the PyBank & fakebank). |
|
|
So this bug should now be read as: - pybank should reject wire transfers to exchange with duplicate reserve public key (if transaction with same reserve public key exists) - fakebank should do so, too |
|
|
29c6de2..749545b updates 'docs.git' to say: diff --git a/core/api-wire.rst b/core/api-wire.rst index f82ceaa..654d72f 100644 --- a/core/api-wire.rst +++ b/core/api-wire.rst @@ -345,6 +345,8 @@ exposed by bank gateways in production. Authentication failed, likely the credentials are wrong. :http:statuscode:`404 Not found`: The endpoint is wrong or the user name is unknown. The bank replies with an `ErrorDetail` object. + :http:statuscode:`409 Conflict`: + The 'reserve_pub' argument was used previously in another transfer, and the specification mandates that reserve public keys must not be reused. (note that this is in the DD13 branch). |
|
|
259a180b..4741f4ea implements the new spec in fakebank (returning 409 if a reserve public key is duplicated -- or the currency does not match). Also adds a test. The test_bank_api_with_pybank now fails. |
|
|
pybank implements this here: 3ab7d22b116e523c6934cc756f677e343d5e1cf8. test_bank_api_with_pybank passes again. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2021-05-14 15:47 | sebasjm | New Issue | |
| 2021-05-14 15:47 | sebasjm | Status | new => assigned |
| 2021-05-14 15:47 | sebasjm | Assigned To | => Christian Grothoff |
| 2021-05-14 15:51 | Christian Grothoff | Note Added: 0017850 | |
| 2021-05-17 16:53 | Christian Grothoff | Note Added: 0017867 | |
| 2021-05-17 16:54 | Christian Grothoff | Note Added: 0017868 | |
| 2021-05-18 21:08 | Christian Grothoff | Priority | normal => high |
| 2021-05-18 21:08 | Christian Grothoff | Target Version | git (master) => 0.9 |
| 2021-05-20 12:20 | Christian Grothoff | Note Added: 0017882 | |
| 2021-05-20 12:34 | Christian Grothoff | Note Added: 0017883 | |
| 2021-05-20 12:41 | Christian Grothoff | Assigned To | Christian Grothoff => MS |
| 2021-06-10 16:22 | MS | Note Added: 0017948 | |
| 2021-06-10 16:22 | MS | Status | assigned => resolved |
| 2021-06-10 16:22 | MS | Resolution | open => fixed |
| 2021-07-30 13:56 | Christian Grothoff | Fixed in Version | => 0.8 |
| 2021-07-30 13:59 | Christian Grothoff | Target Version | 0.9 => 0.8.1 |
| 2021-07-30 14:02 | Christian Grothoff | Target Version | 0.8.1 => 0.8 |
| 2021-08-24 16:23 | Christian Grothoff | Status | resolved => closed |
