[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 01/05: [age-withdraw] simplify lib-API
|
From: |
gnunet |
|
Subject: |
[taler-exchange] 01/05: [age-withdraw] simplify lib-API |
|
Date: |
Thu, 20 Jul 2023 18:16:03 +0200 |
This is an automated email from the git hooks/post-receive script.
oec pushed a commit to branch master
in repository exchange.
commit 2eb3ff1f64f4eecb6f70c57c37469547757bc84b
Author: Özgür Kesim <oec-taler@kesim.org>
AuthorDate: Tue Jul 18 13:34:27 2023 +0200
[age-withdraw] simplify lib-API
---
src/include/taler_exchange_service.h | 94 ++++++++----
src/lib/exchange_api_age_withdraw.c | 86 +++++------
src/lib/exchange_api_age_withdraw_reveal.c | 109 +------------
src/lib/notizen.md | 236 +++++++++++++++++++++++++++++
4 files changed, 337 insertions(+), 188 deletions(-)
diff --git a/src/include/taler_exchange_service.h
b/src/include/taler_exchange_service.h
index 1902eb29..32c5cc41 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -2670,7 +2670,7 @@ struct TALER_EXCHANGE_AgeWithdrawCoinInput
* The master secret from which we derive all other relevant values for
* the coin: private key, nonces (if applicable) and age restriction
*/
- const struct TALER_PlanchetMasterSecretP secrets[TALER_CNC_KAPPA];
+ struct TALER_PlanchetMasterSecretP secrets[TALER_CNC_KAPPA];
/**
* The denomination of the coin. Must support age restriction, i.e
@@ -2679,6 +2679,42 @@ struct TALER_EXCHANGE_AgeWithdrawCoinInput
const struct TALER_EXCHANGE_DenomPublicKey *denom_pub;
};
+
+/**
+ * All the details about a coin that are generated during age-withdrawal and
+ * that may be needed for future operations on the coin.
+ */
+struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails
+{
+ /**
+ * Private key of the coin.
+ */
+ struct TALER_CoinSpendPrivateKeyP coin_priv;
+
+ /**
+ * Value used to blind the key for the signature.
+ * Needed for recoup operations.
+ */
+ union TALER_DenominationBlindingKeyP blinding_key;
+
+ /**
+ * The age commitment, proof for the coin, derived from the
+ * Master secret and maximum age in the originating request
+ */
+ struct TALER_AgeCommitmentProof age_commitment_proof;
+
+ /**
+ * The hash of the age commitment
+ */
+ struct TALER_AgeCommitmentHash h_age_commitment;
+
+ /**
+ * Values contributed from the exchange during the
+ * withdraw protocol.
+ */
+ struct TALER_ExchangeWithdrawValues alg_values;
+};
+
/**
* @brief A handle to a /reserves/$RESERVE_PUB/age-withdraw request
*/
@@ -2705,39 +2741,38 @@ struct TALER_EXCHANGE_AgeWithdrawResponse
struct
{
/**
- * Index that should not be revealed during the age-withdraw reveal
phase.
- * The struct TALER_PlanchetMasterSecretP * from the request
- * with this index are the ones to keep.
+ * Index that should not be revealed during the age-withdraw reveal
+ * phase.
*/
uint8_t noreveal_index;
/**
- * The commitment of the call to /age-withdraw
+ * The commitment of the age-withdraw request, needed for the
+ * subsequent call to /age-withdraw/$ACH/reveal
*/
struct TALER_AgeWithdrawCommitmentHashP h_commitment;
/**
- * The algorithm specific values (for CS) need for the coins that were
- * retrieved from /csr-withdraw.
+ * The number of elements in @e coins, each referring to
+ * TALER_CNC_KAPPA elements
*/
- struct TALER_ExchangeWithdrawValues *alg_values;
+ size_t num_coins;
/**
- * Number of elements in @e alg_values, same as number coin
candidates.from
- * the request.
+ * The computed details of the non-revealed @e num_coins coins to keep.
*/
- size_t num_alg_values;
+ const struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails *coins;
/**
- * Signature of the exchange over the origina TALER_AgeWithdrawRequestPS
+ * The array of blinded hashes of the non-revealed
+ * (kappa - 1)*@e num_coins coins, needed for the reveal step;
*/
- struct TALER_ExchangeSignatureP exchange_sig;
+ const struct TALER_BlindedCoinHashP *blinded_coin_hs;
/**
- * Key used by the exchange for @e exchange_sig
+ * Key used by the exchange to sign the response.
*/
struct TALER_ExchangePublicKeyP exchange_pub;
-
} ok;
} details;
};
@@ -2809,7 +2844,6 @@ struct TALER_EXCHANGE_AgeWithdrawBlindedInput
* Blinded Planchets
*/
struct TALER_PlanchetDetail planchet_details[TALER_CNC_KAPPA];
-
};
/**
@@ -2840,19 +2874,16 @@ struct TALER_EXCHANGE_AgeWithdrawBlindedResponse
uint8_t noreveal_index;
/**
- * The commitment of the call to /age-withdraw
+ * The commitment of the call to age-withdraw, needed for the subsequent
+ * call to /age-withdraw/$ACH/reveal.
*/
struct TALER_AgeWithdrawCommitmentHashP h_commitment;
/**
- * Signature of the exchange over the origina TALER_AgeWithdrawRequestPS
- */
- struct TALER_ExchangeSignatureP exchange_sig;
-
- /**
- * Key used by the exchange for @e exchange_sig
+ * Key used by the exchange to sign the response.
*/
struct TALER_ExchangePublicKeyP exchange_pub;
+
} ok;
} details;
@@ -2964,12 +2995,12 @@ struct TALER_EXCHANGE_AgeWithdrawRevealResponse
unsigned int num_coins;
/**
- * Array of @e num_coins values about the coins obtained via the reveal
- * operation. The array give these coins in the same order (and should
- * have the same length) in which the original age-withdraw request
- * specified the respective denomination keys.
+ * Array of @e num_coins blinded denomination signatures, giving each
+ * coin its value and validity. The array give these coins in the same
+ * order (and should have the same length) in which the original
+ * age-withdraw request specified the respective denomination keys.
*/
- const struct TALER_EXCHANGE_RevealedCoinInfo *revealed_coins;
+ const struct TALER_BlindedDenominationSignature *denom_sigs;
} ok;
} details;
@@ -2994,10 +3025,8 @@ typedef void
* @param exchange_url The base url of the exchange
* @param num_coins The number of elements in @e coin_inputs and @e alg_values
* @param coin_inputs The input for the coins to withdraw, same as in the
previous call to /age-withdraw
- * @param alg_values The algorithm specific parameters per coin, from the
result to the previous call to /age-withdraw
* @param noreveal_index The index into each of the kappa coin candidates,
that should not be revealed to the exchange
* @param h_commitment The commmitment from the previous call to /age-withdraw
- * @param max_age maximum age, as used in the to /age-withdraw
* @param res_cb A callback for the result, maybe NULL
* @param res_cb_cls A closure for @e res_cb, maybe NULL
* @return a handle for this request; NULL if the argument was invalid.
@@ -3010,10 +3039,8 @@ TALER_EXCHANGE_age_withdraw_reveal (
size_t num_coins,
const struct TALER_EXCHANGE_AgeWithdrawCoinInput coin_inputs[static
num_coins],
- const struct TALER_ExchangeWithdrawValues alg_values[static num_coins],
uint8_t noreveal_index,
const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
- uint8_t max_age,
TALER_EXCHANGE_AgeWithdrawRevealCallback res_cb,
void *res_cb_cls);
@@ -3034,7 +3061,8 @@ TALER_EXCHANGE_age_withdraw_reveal_cancel (
/**
* Information needed to melt (partially spent) coins to obtain fresh coins
* that are unlinkable to the original coin(s). Note that melting more than
- * one coin in a single request will make those coins linkable, so we only
melt one coin at a time.
+ * one coin in a single request will make those coins linkable, so we only melt
+ * one coin at a time.
*/
struct TALER_EXCHANGE_RefreshData
{
diff --git a/src/lib/exchange_api_age_withdraw.c
b/src/lib/exchange_api_age_withdraw.c
index b5da232e..4bbbe5a4 100644
--- a/src/lib/exchange_api_age_withdraw.c
+++ b/src/lib/exchange_api_age_withdraw.c
@@ -47,30 +47,9 @@ struct CoinCandidate
struct TALER_PlanchetMasterSecretP secret;
/**
- * Age commitment for the coin candidates, calculated from the @e ps and a
- * given maximum age
+ * The details derived form the master secrets
*/
- struct TALER_AgeCommitmentProof age_commitment_proof;
-
- /**
- * Age commitment for the coin.
- */
- struct TALER_AgeCommitmentHash h_age_commitment;
-
- /**
- * blinding secret
- */
- union TALER_DenominationBlindingKeyP blinding_key;
-
- /**
- * Private key of the coin we are withdrawing.
- */
- struct TALER_CoinSpendPrivateKeyP coin_priv;
-
- /**
- * Values of the @cipher selected
- */
- struct TALER_ExchangeWithdrawValues alg_values;
+ struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails details;
/**
* Hash of the public key of the coin we are signing.
@@ -340,11 +319,12 @@ reserve_age_withdraw_ok (
.hr.http_status = MHD_HTTP_OK,
.details.ok.h_commitment = awbh->h_commitment
};
+ struct TALER_ExchangeSignatureP exchange_sig;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_uint8 ("noreaveal_index",
&response.details.ok.noreveal_index),
GNUNET_JSON_spec_fixed_auto ("exchange_sig",
- &response.details.ok.exchange_sig),
+ &exchange_sig),
GNUNET_JSON_spec_fixed_auto ("exchange_pub",
&response.details.ok.exchange_pub)
};
@@ -363,7 +343,7 @@ reserve_age_withdraw_ok (
&awbh->h_commitment,
response.details.ok.noreveal_index,
&response.details.ok.exchange_pub,
- &response.details.ok.exchange_sig))
+ &exchange_sig))
{
GNUNET_break_op (0);
return GNUNET_SYSERR;
@@ -785,21 +765,25 @@ copy_results (
{
struct TALER_EXCHANGE_AgeWithdrawHandle *awh = cls;
uint8_t idx = awbr->details.ok.noreveal_index;
- struct TALER_ExchangeWithdrawValues alg_values[awh->num_coins];
+ struct TALER_EXCHANGE_AgeWithdrawCoinPrivateDetails coins[awh->num_coins];
+ struct TALER_BlindedCoinHashP blinded_coin_hs[awh->num_coins];
struct TALER_EXCHANGE_AgeWithdrawResponse resp = {
.hr = awbr->hr,
.details = {
.ok = { .noreveal_index = awbr->details.ok.noreveal_index,
.h_commitment = awbr->details.ok.h_commitment,
.exchange_pub = awbr->details.ok.exchange_pub,
- .exchange_sig = awbr->details.ok.exchange_sig,
- .num_alg_values = awh->num_coins,
- .alg_values = alg_values},
+ .num_coins = awh->num_coins,
+ .coins = coins,
+ .blinded_coin_hs = blinded_coin_hs},
},
};
for (size_t n = 0; n< awh->num_coins; n++)
- alg_values[n] = awh->coin_data[n].coin_candidates[idx].alg_values;
+ {
+ coins[n] = awh->coin_data[n].coin_candidates[idx].details;
+ blinded_coin_hs[n] = awh->coin_data[n].coin_candidates[idx].blinded_coin_h;
+ }
awh->callback (awh->callback_cls,
&resp);
@@ -915,22 +899,22 @@ csr_withdraw_done (
{
bool success = false;
/* Complete the initialization of the coin with CS denomination */
- can->alg_values = csrr->details.ok.alg_values;
+ can->details.alg_values = csrr->details.ok.alg_values;
TALER_planchet_setup_coin_priv (&can->secret,
- &can->alg_values,
- &can->coin_priv);
+ &can->details.alg_values,
+ &can->details.coin_priv);
TALER_planchet_blinding_secret_create (&can->secret,
- &can->alg_values,
- &can->blinding_key);
+ &can->details.alg_values,
+ &can->details.blinding_key);
/* This initializes the 2nd half of the
can->planchet_detail.blinded_planchet! */
do {
if (GNUNET_OK !=
TALER_planchet_prepare (&csr->denom_pub->key,
- &can->alg_values,
- &can->blinding_key,
- &can->coin_priv,
- &can->h_age_commitment,
+ &can->details.alg_values,
+ &can->details.blinding_key,
+ &can->details.coin_priv,
+ &can->details.h_age_commitment,
&can->h_coin_pub,
planchet))
{
@@ -1029,28 +1013,28 @@ prepare_coins (
&can->secret,
&input->denom_pub->key.age_mask,
awh->max_age,
- &can->age_commitment_proof));
+ &can->details.age_commitment_proof));
- TALER_age_commitment_hash (&can->age_commitment_proof.commitment,
- &can->h_age_commitment);
+ TALER_age_commitment_hash (&can->details.age_commitment_proof.commitment,
+ &can->details.h_age_commitment);
switch (input->denom_pub->key.cipher)
{
case TALER_DENOMINATION_RSA:
{
- can->alg_values.cipher = TALER_DENOMINATION_RSA;
+ can->details.alg_values.cipher = TALER_DENOMINATION_RSA;
TALER_planchet_setup_coin_priv (&can->secret,
- &can->alg_values,
- &can->coin_priv);
+ &can->details.alg_values,
+ &can->details.coin_priv);
TALER_planchet_blinding_secret_create (&can->secret,
- &can->alg_values,
- &can->blinding_key);
+ &can->details.alg_values,
+ &can->details.blinding_key);
FAIL_IF (GNUNET_OK !=
TALER_planchet_prepare (&cd->denom_pub.key,
- &can->alg_values,
- &can->blinding_key,
- &can->coin_priv,
- &can->h_age_commitment,
+ &can->details.alg_values,
+ &can->details.blinding_key,
+ &can->details.coin_priv,
+ &can->details.h_age_commitment,
&can->h_coin_pub,
planchet));
FAIL_IF (GNUNET_OK !=
diff --git a/src/lib/exchange_api_age_withdraw_reveal.c
b/src/lib/exchange_api_age_withdraw_reveal.c
index fcb551a9..df6f9198 100644
--- a/src/lib/exchange_api_age_withdraw_reveal.c
+++ b/src/lib/exchange_api_age_withdraw_reveal.c
@@ -47,19 +47,12 @@ struct TALER_EXCHANGE_AgeWithdrawRevealHandle
/* The age-withdraw commitment */
struct TALER_AgeWithdrawCommitmentHashP h_commitment;
- /* The maximum age */
- uint8_t max_age;
-
/* Number of coins */
size_t num_coins;
/* The @e num_coins * kappa coin secrets from the age-withdraw commitment */
const struct TALER_EXCHANGE_AgeWithdrawCoinInput *coins_input;
- /* The @e num_coins algorithm- and coin-specific parameters from the
- * previous call to /age-withdraw. */
- const struct TALER_ExchangeWithdrawValues *alg_values;
-
/* The url for the reveal request */
const char *request_url;
@@ -81,82 +74,6 @@ struct TALER_EXCHANGE_AgeWithdrawRevealHandle
};
-static enum GNUNET_GenericReturnValue
-reveal_coin (
- const struct TALER_PlanchetMasterSecretP *secret,
- const struct TALER_DenominationPublicKey *denom_pub,
- const struct TALER_ExchangeWithdrawValues *alg_values,
- const struct TALER_BlindedDenominationSignature *blind_sig,
- uint8_t max_age,
- struct TALER_EXCHANGE_RevealedCoinInfo *revealed_coin)
-{
- enum GNUNET_GenericReturnValue ret = GNUNET_SYSERR;
-
-#define BREAK_ON_FAILURE(call) \
- do { \
- if (GNUNET_OK != (call)) { GNUNET_break (0); break; } \
- } while(0)
-
- do {
- struct TALER_CoinPubHashP h_coin_pub;
- struct TALER_PlanchetDetail planchet_detail;
- const struct TALER_AgeCommitmentHash *hac = NULL;
- struct TALER_FreshCoin fresh_coin;
-
- TALER_planchet_setup_coin_priv (secret,
- alg_values,
- &revealed_coin->coin_priv);
-
- TALER_planchet_blinding_secret_create (secret,
- alg_values,
- &revealed_coin->bks);
-
- revealed_coin->age_commitment_proof = NULL;
- if (0 < max_age)
- {
- BREAK_ON_FAILURE (
- TALER_age_restriction_from_secret (
- secret,
- &denom_pub->age_mask,
- max_age,
- revealed_coin->age_commitment_proof));
-
- TALER_age_commitment_hash (
- &revealed_coin->age_commitment_proof->commitment,
- &revealed_coin->h_age_commitment);
-
- hac = &revealed_coin->h_age_commitment;
- }
-
- BREAK_ON_FAILURE (
- TALER_planchet_prepare (denom_pub,
- alg_values,
- &revealed_coin->bks,
- &revealed_coin->coin_priv,
- hac,
- &h_coin_pub,
- &planchet_detail));
-
- BREAK_ON_FAILURE (
- TALER_planchet_to_coin (denom_pub,
- blind_sig,
- &revealed_coin->bks,
- &revealed_coin->coin_priv,
- &revealed_coin->h_age_commitment,
- &h_coin_pub,
- alg_values,
- &fresh_coin));
-
- /* success */
- revealed_coin->sig = fresh_coin.sig;
- ret = GNUNET_OK;
- } while(0);
-
- return ret;
-#undef BREAK_ON_FAILURE
-}
-
-
/**
* We got a 200 OK response for the /age-withdraw/$ACH/reveal operation.
* Extract the signed blindedcoins and return it to the caller.
@@ -197,16 +114,14 @@ age_withdraw_reveal_ok (
}
{
- struct TALER_EXCHANGE_RevealedCoinInfo revealed_coins[awrh->num_coins];
+ struct TALER_BlindedDenominationSignature denom_sigs[awrh->num_coins];
/* Reconstruct the coins and unblind the signatures */
for (size_t n = 0; n < awrh->num_coins; n++)
{
- enum GNUNET_GenericReturnValue ret;
- struct TALER_BlindedDenominationSignature blinded_sig;
json_t *j_sig = json_array_get (j_sigs, n);
struct GNUNET_JSON_Specification spec[] = {
- GNUNET_JSON_spec_fixed_auto ("", &blinded_sig),
+ GNUNET_JSON_spec_fixed_auto ("", &denom_sigs[n]),
GNUNET_JSON_spec_end ()
};
@@ -218,19 +133,10 @@ age_withdraw_reveal_ok (
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
- ret = reveal_coin (&awrh->coins_input[n].secrets[awrh->noreveal_index],
- &awrh->coins_input[n].denom_pub->key,
- &awrh->alg_values[n],
- &blinded_sig,
- awrh->max_age,
- &revealed_coins[n]);
-
- if (GNUNET_OK != ret)
- return ret;
}
response.details.ok.num_coins = awrh->num_coins;
- response.details.ok.revealed_coins = revealed_coins;
+ response.details.ok.denom_sigs = denom_sigs;
awrh->callback (awrh->callback_cls,
&response);
/* Make sure the callback isn't called again */
@@ -510,24 +416,19 @@ TALER_EXCHANGE_age_withdraw_reveal (
size_t num_coins,
const struct TALER_EXCHANGE_AgeWithdrawCoinInput coins_input[static
num_coins],
- const struct TALER_ExchangeWithdrawValues alg_values[static num_coins],
uint8_t noreveal_index,
const struct TALER_AgeWithdrawCommitmentHashP *h_commitment,
- uint8_t max_age,
TALER_EXCHANGE_AgeWithdrawRevealCallback reveal_cb,
void *reveal_cb_cls)
{
struct TALER_EXCHANGE_AgeWithdrawRevealHandle *awrh =
GNUNET_new (struct TALER_EXCHANGE_AgeWithdrawRevealHandle);
awrh->noreveal_index = noreveal_index;
- awrh->callback = reveal_cb;
- awrh->callback_cls = reveal_cb_cls;
awrh->h_commitment = *h_commitment;
awrh->num_coins = num_coins;
awrh->coins_input = coins_input;
- awrh->alg_values = alg_values;
- awrh->max_age = max_age;
-
+ awrh->callback = reveal_cb;
+ awrh->callback_cls = reveal_cb_cls;
if (GNUNET_OK !=
prepare_url (exchange_url,
diff --git a/src/lib/notizen.md b/src/lib/notizen.md
new file mode 100644
index 00000000..835fad9e
--- /dev/null
+++ b/src/lib/notizen.md
@@ -0,0 +1,236 @@
+# Notes re: planchets and blinding
+
+## `TALER_denom_blind()`
+
+```
+Blind coin for blind signing with @a dk using blinding secret @a coin_bks.
+```
+
+- `@param[out] c_hash resulting hashed coin`
+- `@param[out] blinded_planchet planchet data to initialize`
+
+## `TALER_planchet_prepare()`
+
+Prepare a planchet for withdrawal. Creates and blinds a coin.
+
+- calls `TALER_denom_blind()!`
+- `@param[out] c_hash set to the hash of the public key of the coin (needed
later)`
+- `@param[out] pd set to the planchet detail for TALER_MERCHANT_tip_pickup()
and other withdraw operations, pd->blinded_planchet.cipher will be set to
cipher from @a dk`
+
+
+## `TALER_coin_ev_hash`
+
+Compute the hash of a blinded coin.
+
+- `@param blinded_planchet blinded planchet`
+- `@param denom_hash hash of the denomination publick key`
+- `@param[out] bch where to write the hash, type struct TALER_BlindedCoinHashP`
+
+**Where is this called!?**
+
+```
+taler-exchange-httpd_refreshes_reveal.c
+605: TALER_coin_ev_hash (&rrc->blinded_planchet,
+
+taler-exchange-httpd_recoup.c
+290: TALER_coin_ev_hash (&blinded_planchet,
+
+taler-exchange-httpd_withdraw.c
+581: TALER_coin_ev_hash (&wc.blinded_planchet,
+
+taler-exchange-httpd_age-withdraw_reveal.c
+350: ret = TALER_coin_ev_hash (&detail.blinded_planchet,
+
+taler-exchange-httpd_recoup-refresh.c
+284: TALER_coin_ev_hash (&blinded_planchet,
+
+taler-exchange-httpd_age-withdraw.c
+279: ret = TALER_coin_ev_hash (&awc->coin_evs[c],
+884: TALER_coin_ev_hash (&awc->coin_evs[i],
+
+taler-exchange-httpd_batch-withdraw.c
+832: TALER_coin_ev_hash (&pc->blinded_planchet,
+```
+
+
+## `TALER_coin_pub_hash`
+
+Compute the hash of a coin.
+
+- `@param coin_pub public key of the coin`
+- `@param age_commitment_hash hash of the age commitment vector. NULL, if no
age commitment was set`
+- `@param[out] coin_h where to write the hash`
+
+**Where is this called!?**
+
+### In `lib/crypto.c`, function `TALER_test_coin_valid`.
+
+```
+Check if a coin is valid; that is, whether the denomination key
+exists, is not expired, and the signature is correct.
+
+@param coin_public_info the coin public info to check for validity
+@param denom_pub denomination key, must match @a coin_public_info's
`denom_pub_hash`
+@return #GNUNET_YES if the coin is valid,
+ #GNUNET_NO if it is invalid
+ #GNUNET_SYSERR if an internal error occurred
+```
+
+It then calls `TALER_denom_pub_verify` on the result of `TALER_coin_pub_hash`
and the signature
+
+
+### In `util/denom.c`, function `TALER_denom_blind`
+
+## `TALER_EXCHANGE_batch_withdraw` vs `TALER_EXCHANGE_batch_withdraw2`
+
+### `TALER_EXCHANGE_batch_withdraw`
+
+```
+/**
+ * Withdraw multiple coins from the exchange using a
/reserves/$RESERVE_PUB/batch-withdraw
+ * request. This API is typically used by a wallet to withdraw many coins
from a
+ * reserve.
+ *
+ * Note that to ensure that no money is lost in case of hardware
+ * failures, the caller must have committed (most of) the arguments to
+ * disk before calling, and be ready to repeat the request with the
+ * same arguments in case of failures.
+ *
+ * @param curl_ctx The curl context to use
+ * @param exchange_url The base-URL of the exchange
+ * @param keys The /keys material from the exchange
+ * @param reserve_priv private key of the reserve to withdraw from
+ * @param wci_length number of entries in @a wcis
+ * @param wcis inputs that determine the planchets
+ * @param res_cb the callback to call when the final result for this request
is available
+ * @param res_cb_cls closure for @a res_cb
+ * @return NULL
+ * if the inputs are invalid (i.e. denomination key not with this
exchange).
+ * In this case, the callback is not called.
+ */
+struct TALER_EXCHANGE_BatchWithdrawHandle *
+TALER_EXCHANGE_batch_withdraw (
+ struct GNUNET_CURL_Context *curl_ctx,
+ const char *exchange_url,
+ const struct TALER_EXCHANGE_Keys *keys,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ unsigned int wci_length,
+ const struct TALER_EXCHANGE_WithdrawCoinInput wcis[static wci_length],
+ TALER_EXCHANGE_BatchWithdrawCallback res_cb,
+ void *res_cb_cls);
+```
+
+### `TALER_EXCHANGE_batch_withdraw2`
+
+```
+/**
+ * Withdraw a coin from the exchange using a
/reserves/$RESERVE_PUB/batch-withdraw
+ * request. This API is typically used by a merchant to withdraw a tip
+ * where the blinding factor is unknown to the merchant.
+ *
+ * Note that to ensure that no money is lost in case of hardware
+ * failures, the caller must have committed (most of) the arguments to
+ * disk before calling, and be ready to repeat the request with the
+ * same arguments in case of failures.
+ *
+ * @param curl_ctx The curl context to use
+ * @param exchange_url The base-URL of the exchange
+ * @param keys The /keys material from the exchange
+ * @param pds array of planchet details of the planchet to withdraw
+ * @param pds_length number of entries in the @a pds array
+ * @param reserve_priv private key of the reserve to withdraw from
+ * @param res_cb the callback to call when the final result for this request
is available
+ * @param res_cb_cls closure for @a res_cb
+ * @return NULL
+ * if the inputs are invalid (i.e. denomination key not with this
exchange).
+ * In this case, the callback is not called.
+ */
+struct TALER_EXCHANGE_BatchWithdraw2Handle *
+TALER_EXCHANGE_batch_withdraw2 (
+ struct GNUNET_CURL_Context *curl_ctx,
+ const char *exchange_url,
+ const struct TALER_EXCHANGE_Keys *keys,
+ const struct TALER_ReservePrivateKeyP *reserve_priv,
+ unsigned int pds_length,
+ const struct TALER_PlanchetDetail pds[static pds_length],
+ TALER_EXCHANGE_BatchWithdraw2Callback res_cb,
+ void *res_cb_cls);
+```
+
+### Differences
+
+| batch_withdraw | batch_withdraw2 |
+|------------------------------------|------------------------|
+| `TALER_EXCHANGE_WithdrawCoinInput` | `TALER_PlanchetDetail` |
+
+
+```
+struct TALER_EXCHANGE_WithdrawCoinInput
+{
+ /**
+ * Denomination of the coin.
+ */
+ const struct TALER_EXCHANGE_DenomPublicKey *pk;
+
+ /**
+ * Master key material for the coin.
+ */
+ const struct TALER_PlanchetMasterSecretP *ps;
+
+ /**
+ * Age commitment for the coin.
+ */
+ const struct TALER_AgeCommitmentHash *ach;
+
+};
+```
+
+
+```
+struct TALER_PlanchetDetail
+{
+ /**
+ * Hash of the denomination public key.
+ */
+ struct TALER_DenominationHashP denom_pub_hash;
+
+ /**
+ * The blinded planchet
+ */
+ struct TALER_BlindedPlanchet {
+ /**
+ * Type of the sign blinded message
+ */
+ enum TALER_DenominationCipher cipher;
+
+ /**
+ * Details, depending on @e cipher.
+ */
+ union
+ {
+ /**
+ * If we use #TALER_DENOMINATION_CS in @a cipher.
+ */
+ struct TALER_BlindedCsPlanchet cs_blinded_planchet;
+
+ /**
+ * If we use #TALER_DENOMINATION_RSA in @a cipher.
+ */
+ struct TALER_BlindedRsaPlanchet rsa_blinded_planchet;
+
+ } details;
+ } blinded_planchet;
+};
+
+```
+
+
+
+## TODOs
+
+### Update documentation
+
+- [x] batch-withdraw needs error code for AgeRestrictionRequired
+- [x] withdraw needs error code for AgeRestrictionRequired
+
+
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
- [taler-exchange] branch master updated (2f8e3d31 -> db9fb04e), gnunet, 2023/07/20
- [taler-exchange] 05/05: Merge branch 'age-withdraw', after implementing testing-commands, gnunet, 2023/07/20
- [taler-exchange] 03/05: Merge branch 'master' into age-withdraw, gnunet, 2023/07/20
- [taler-exchange] 01/05: [age-withdraw] simplify lib-API,
gnunet <=
- [taler-exchange] 04/05: [age-withdraw] Added testing commands for age-withdraw and -reveal, gnunet, 2023/07/20
- [taler-exchange] 02/05: -first steps towards testing age-withdraw, gnunet, 2023/07/20