[taler-docs] branch master updated: DD48: do not permanently brick walle

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-docs] branch master updated: DD48: do not permanently brick walle

From:	gnunet
Subject:	[taler-docs] branch master updated: DD48: do not permanently brick wallets when an exchange is badly configured
Date:	Mon, 11 Dec 2023 19:31:00 +0100

This is an automated email from the git hooks/post-receive script.

dold pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new 86663682 DD48: do not permanently brick wallets when an exchange is 
badly configured
86663682 is described below

commit 866636826187d5fb02ba96a2ed534ae14857a0e1
Author: Florian Dold <florian@dold.me>
AuthorDate: Mon Dec 11 19:30:56 2023 +0100

    DD48: do not permanently brick wallets when an exchange is badly configured
---
 design-documents/048-wallet-exchange-lifecycle.rst | 28 +++++++++++++++++-----
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/design-documents/048-wallet-exchange-lifecycle.rst 
b/design-documents/048-wallet-exchange-lifecycle.rst
index b3df4d8a..75ec3afb 100644
--- a/design-documents/048-wallet-exchange-lifecycle.rst
+++ b/design-documents/048-wallet-exchange-lifecycle.rst
@@ -67,14 +67,24 @@ Update Status
 ~~~~~~~~~~~~~
 
 * ``initial``: Not updated, no need to update
-* ``initial(update)``: Update pending, possibly with error
+* ``initial-update``: Update pending, possibly with error
 * ``suspended``: Exchange was manually disabled, should not be contacted
   anymore, but record is kept in the wallet. Mostly useful for testing.
-* ``failed``: Updating the exchange info failed permanently, the exchange is
-  not usable for any operations.
-* ``outdated(update)``
+* ``unavailable-update``: The exchange is currently unavailable to be used for 
withdrawals,
+  but it is possible that the exchange starts working again in the future.
+  The wallet will re-try contacting the exchange.  The wallet will still try
+  operations that *spend* coins, but the user might be warned about the bad
+  exchange status.
+
+  Examples:
+
+   * The exchange updated to a new protocol version that is incompatible with 
the wallet
+   * The exchange advertises a new master public key. This might be a temporary
+     configuration issue or malicious attack.
+   * The exchange only advertises outdated denomination keys, making new 
withdrawals
+     impossible.
 * ``ready``: Exchange is useable.
-* ``ready(update)``: Exchange is useable, but currently being updated.
+* ``ready-update``: Exchange is useable, but currently being updated.
 
 ToS Status
 ~~~~~~~~~~
@@ -125,4 +135,10 @@ Definition of Done
 Discussion / Q&A
 ================
 
-(This should be filled in with results from discussions on mailing lists / 
personal communication.)
+* Should there be a "permanently failed" update state?
+
+  * dold => I don't think so, as it means that temporary configuration issues 
on the side of the
+    exchange might *permanently* brick users' wallets.
+    The wallet should always re-try contacting the exchange and of course 
possibly report
+    information to the auditor.
+

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-docs] branch master updated: DD48: do not permanently brick wallets when an exchange is badly configured, gnunet <=

Prev by Date: [taler-wallet-core] branch master updated (acef3baeb -> 055645e17)
Next by Date: [taler-docs] branch master updated: reset state note
Previous by thread: [taler-wallet-core] branch master updated (acef3baeb -> 055645e17)
Next by thread: [taler-docs] branch master updated: reset state note
Index(es):
- Date
- Thread