View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0009639Talerexchangepublic2025-03-19 16:532025-03-29 15:31
ReporterFlorian Dold Assigned ToFlorian Dold  
PrioritynormalSeverityminorReproducibilityhave not tried
Status assignedResolutionopen 
Target Version1.0 stretch goals 
Summary0009639: spec and implement transaction risk monitoring
DescriptionWhat we likely need for this is:
* batch jobs that compute risk metrics (possibly caching metrics from previous run for perf) and stores HIGH_RISK_TRANSACTION property + to_investigate flag for account
  * How/where is this implemented? In the exchange via C code or via external script that connects to the DB and runs SQL?
  * Maybe SQL queries are enough? Do we need any logic other than that?

Anything else?
TagsNo tags attached.

Relationships

parent of 0009371 assignedoec Design and implement a unified /withdraw endpoint for age-withdraw and batch-withdraw 
Not all the children of this issue are yet resolved or closed.

Activities

Christian Grothoff

2025-03-25 12:35

manager   ~0024303

9d280c23b..91a67046e contains a first implementation, including a TOPS-customization for the TOPS AML-investigation trigger. The code is completely *untested* (to the point of possibly crashing once Postgres tries to run it), but should give a good idea of the design.
Todo:
- proper spec/design document
- test it :-)
Note that it also soft-depends on Oec's branch being merged first, as that'll make it easy to get the deposited amounts properly.

Christian Grothoff

2025-03-28 06:49

manager   ~0024325

DD59 now exists, and Oec's branch was merged. Final touches & testing are left!

Christian Grothoff

2025-03-29 15:31

manager   ~0024332

This is largely done, except I don't have a good way to trigger the TOPS rule and thus cannot test that reasonably well right now.

Florian: can you build us an integration test where:
0) System is configured with KYC (for deposit/aggregate/bank accounts, so you can trigger that)
1) taler-exchange-dbinit -e tops is run to setup the DB (with TOPS statistics + TmeR monitoring)
2) deposits happen and KYC is triggered
3) KYC is satisfied and the account is opened and allowed to keep going (we only to TmeR on "open accounts")
4) then timetravel to + 2 months, and in that future deposit 2x of what was previously deposited (raises suspicion)
5) check if to_investigate was set / AML officer was tasked to investigate

Issue History

Date Modified Username Field Change
2025-03-19 16:53 Florian Dold New Issue
2025-03-19 16:53 Florian Dold Status new => assigned
2025-03-19 16:53 Florian Dold Assigned To => Christian Grothoff
2025-03-19 16:56 Florian Dold Description Updated
2025-03-19 16:57 Florian Dold Description Updated
2025-03-25 12:35 Christian Grothoff Note Added: 0024303
2025-03-25 12:36 Christian Grothoff Relationship added parent of 0009371
2025-03-28 06:49 Christian Grothoff Note Added: 0024325
2025-03-29 15:31 Christian Grothoff Note Added: 0024332
2025-03-29 15:31 Christian Grothoff Assigned To Christian Grothoff => Florian Dold