[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: Added section on exchange trust and
From: |
gnunet |
Subject: |
[taler-docs] branch master updated: Added section on exchange trust and regional currencies |
Date: |
Tue, 28 Jul 2020 21:20:37 +0200 |
This is an automated email from the git hooks/post-receive script.
torsten-grote pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new f8d2c17 Added section on exchange trust and regional currencies
f8d2c17 is described below
commit f8d2c175ac4e17b23d7f49b7f6c282c8bb48fab1
Author: Torsten Grote <t@grobox.de>
AuthorDate: Tue Jul 28 16:20:20 2020 -0300
Added section on exchange trust and regional currencies
---
.../002-wallet-exchange-management.rst | 34 ++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/design-documents/002-wallet-exchange-management.rst
b/design-documents/002-wallet-exchange-management.rst
index b3deee0..33d9857 100644
--- a/design-documents/002-wallet-exchange-management.rst
+++ b/design-documents/002-wallet-exchange-management.rst
@@ -363,3 +363,37 @@ Alternatives
* The UI could directly access the wallet's DB for more flexible access to the
required data. But this would make the UI less robust against changes in
wallet-core.
+
+Trust
+=====
+
+Ideally, exchanges come with auditors that are trusted by the wallet and
therefore the user.
+An exchange responsible for a three-letter currency is required to have an
auditor,
+as these currencies are assumed to be legal tender in a nation state.
+
+If an exchange and/or an auditor are controlled by an attacker, they can steal
user's funds.
+Therefore, users should only use "official" auditors responsible for their
currency.
+As users should not be expected to know which auditors are official
+nor perform technical verification steps, the wallet ships with auditors
pre-installed.
+
+However, it should be possible to add a custom auditor,
+in case the wallet is outdated or does not have a desired auditor for other
reasons.
+Since adding custom auditors is dangerous
+and can be used to trick users into using malicious exchanges,
+this operation should be accompanied by appropriate warnings and security
confirmations.
+
+Taler also supports regional currencies which can have between 4 and 12
letters.
+These are not required to have an auditor, but using one is encouraged.
+Regional currencies should be shown separate from real currencies in the
wallet's balance sheet
+and be accompanied by their exchange
+to allow for the fact that different regions or organisations chose the same
currency code,
+but uses different exchanges to handle the currency.
+
+Open Question: What happens if a regional currency wants to use more than one
exchange?
+
+When withdrawing money to a regional currency exchange,
+the user should be made aware of the fact that the currency of the exchange is
not official.
+A warning should be shown if a currency does not have an auditor
+or the auditor is not trusted by the users.
+If the user expressed trust for a regional currency's auditor,
+no further warnings will be shown for the given currency.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: Added section on exchange trust and regional currencies,
gnunet <=