[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: DD48: do not permanently brick walle
From: |
gnunet |
Subject: |
[taler-docs] branch master updated: DD48: do not permanently brick wallets when an exchange is badly configured |
Date: |
Mon, 11 Dec 2023 19:31:00 +0100 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new 86663682 DD48: do not permanently brick wallets when an exchange is
badly configured
86663682 is described below
commit 866636826187d5fb02ba96a2ed534ae14857a0e1
Author: Florian Dold <florian@dold.me>
AuthorDate: Mon Dec 11 19:30:56 2023 +0100
DD48: do not permanently brick wallets when an exchange is badly configured
---
design-documents/048-wallet-exchange-lifecycle.rst | 28 +++++++++++++++++-----
1 file changed, 22 insertions(+), 6 deletions(-)
diff --git a/design-documents/048-wallet-exchange-lifecycle.rst
b/design-documents/048-wallet-exchange-lifecycle.rst
index b3df4d8a..75ec3afb 100644
--- a/design-documents/048-wallet-exchange-lifecycle.rst
+++ b/design-documents/048-wallet-exchange-lifecycle.rst
@@ -67,14 +67,24 @@ Update Status
~~~~~~~~~~~~~
* ``initial``: Not updated, no need to update
-* ``initial(update)``: Update pending, possibly with error
+* ``initial-update``: Update pending, possibly with error
* ``suspended``: Exchange was manually disabled, should not be contacted
anymore, but record is kept in the wallet. Mostly useful for testing.
-* ``failed``: Updating the exchange info failed permanently, the exchange is
- not usable for any operations.
-* ``outdated(update)``
+* ``unavailable-update``: The exchange is currently unavailable to be used for
withdrawals,
+ but it is possible that the exchange starts working again in the future.
+ The wallet will re-try contacting the exchange. The wallet will still try
+ operations that *spend* coins, but the user might be warned about the bad
+ exchange status.
+
+ Examples:
+
+ * The exchange updated to a new protocol version that is incompatible with
the wallet
+ * The exchange advertises a new master public key. This might be a temporary
+ configuration issue or malicious attack.
+ * The exchange only advertises outdated denomination keys, making new
withdrawals
+ impossible.
* ``ready``: Exchange is useable.
-* ``ready(update)``: Exchange is useable, but currently being updated.
+* ``ready-update``: Exchange is useable, but currently being updated.
ToS Status
~~~~~~~~~~
@@ -125,4 +135,10 @@ Definition of Done
Discussion / Q&A
================
-(This should be filled in with results from discussions on mailing lists /
personal communication.)
+* Should there be a "permanently failed" update state?
+
+ * dold => I don't think so, as it means that temporary configuration issues
on the side of the
+ exchange might *permanently* brick users' wallets.
+ The wallet should always re-try contacting the exchange and of course
possibly report
+ information to the auditor.
+
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: DD48: do not permanently brick wallets when an exchange is badly configured,
gnunet <=