[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated: fix #8095
|
From: |
gnunet |
|
Subject: |
[taler-exchange] branch master updated: fix #8095 |
|
Date: |
Tue, 16 Jan 2024 13:27:36 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new 6bfc96f4 fix #8095
6bfc96f4 is described below
commit 6bfc96f4cefceb5735e3bbccbe8f2e0fa6f51b6d
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Jan 16 13:27:28 2024 +0100
fix #8095
---
src/include/taler_exchange_service.h | 11 ++++++++---
src/lib/exchange_api_batch_withdraw2.c | 4 ++--
2 files changed, 10 insertions(+), 5 deletions(-)
diff --git a/src/include/taler_exchange_service.h
b/src/include/taler_exchange_service.h
index b2e51334..8a59f157 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -1,6 +1,6 @@
/*
This file is part of TALER
- Copyright (C) 2014-2023 Taler Systems SA
+ Copyright (C) 2014-2024 Taler Systems SA
TALER is free software; you can redistribute it and/or modify it under the
terms of the GNU Affero General Public License as published by the Free
Software
@@ -2591,7 +2591,8 @@ typedef void
/**
* Withdraw multiple coins from the exchange using a
/reserves/$RESERVE_PUB/batch-withdraw
* request. This API is typically used by a wallet to withdraw many coins
from a
- * reserve.
+ * reserve. The blind signatures are unblinded and verified before being
returned
+ * to the caller at @a res_cb.
*
* Note that to ensure that no money is lost in case of hardware
* failures, the caller must have committed (most of) the arguments to
@@ -2688,7 +2689,11 @@ struct TALER_EXCHANGE_Withdraw2Handle;
/**
* Withdraw a coin from the exchange using a /reserves/$RESERVE_PUB/withdraw
* request. This API is typically used by a merchant to withdraw a tip
- * where the blinding factor is unknown to the merchant.
+ * where the blinding factor is unknown to the merchant. Note that unlike
+ * the #TALER_EXCHANGE_withdraw() API, this API neither unblinds the signatures
+ * nor can it verify that the exchange signatures are valid, so these tasks
+ * are left to the caller. Wallets probably should use
#TALER_EXCHANGE_withdraw()
+ * which integrates these steps.
*
* Note that to ensure that no money is lost in case of hardware
* failures, the caller must have committed (most of) the arguments to
diff --git a/src/lib/exchange_api_batch_withdraw2.c
b/src/lib/exchange_api_batch_withdraw2.c
index a512fed1..ff149646 100644
--- a/src/lib/exchange_api_batch_withdraw2.c
+++ b/src/lib/exchange_api_batch_withdraw2.c
@@ -89,8 +89,8 @@ struct TALER_EXCHANGE_BatchWithdraw2Handle
/**
* We got a 200 OK response for the /reserves/$RESERVE_PUB/batch-withdraw
operation.
* Extract the coin's signature and return it to the caller. The signature we
- * get from the exchange is for the blinded value. Thus, we first must
- * unblind it and then should verify its validity against our coin's hash.
+ * get from the exchange is for the blinded value. As we do not have the
+ * blinding factor, the signature CANNOT be verified.
*
* If everything checks out, we return the unblinded signature
* to the application via the callback.
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-exchange] branch master updated: fix #8095,
gnunet <=