gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-docs] branch master updated: Added section on exchange trust and


From: gnunet
Subject: [taler-docs] branch master updated: Added section on exchange trust and regional currencies
Date: Tue, 28 Jul 2020 21:20:37 +0200

This is an automated email from the git hooks/post-receive script.

torsten-grote pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new f8d2c17  Added section on exchange trust and regional currencies
f8d2c17 is described below

commit f8d2c175ac4e17b23d7f49b7f6c282c8bb48fab1
Author: Torsten Grote <t@grobox.de>
AuthorDate: Tue Jul 28 16:20:20 2020 -0300

    Added section on exchange trust and regional currencies
---
 .../002-wallet-exchange-management.rst             | 34 ++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/design-documents/002-wallet-exchange-management.rst 
b/design-documents/002-wallet-exchange-management.rst
index b3deee0..33d9857 100644
--- a/design-documents/002-wallet-exchange-management.rst
+++ b/design-documents/002-wallet-exchange-management.rst
@@ -363,3 +363,37 @@ Alternatives
 * The UI could directly access the wallet's DB for more flexible access to the
   required data.  But this would make the UI less robust against changes in 
wallet-core.
 
+
+Trust
+=====
+
+Ideally, exchanges come with auditors that are trusted by the wallet and 
therefore the user.
+An exchange responsible for a three-letter currency is required to have an 
auditor,
+as these currencies are assumed to be legal tender in a nation state.
+
+If an exchange and/or an auditor are controlled by an attacker, they can steal 
user's funds.
+Therefore, users should only use "official" auditors responsible for their 
currency.
+As users should not be expected to know which auditors are official
+nor perform technical verification steps, the wallet ships with auditors 
pre-installed.
+
+However, it should be possible to add a custom auditor,
+in case the wallet is outdated or does not have a desired auditor for other 
reasons.
+Since adding custom auditors is dangerous
+and can be used to trick users into using malicious exchanges,
+this operation should be accompanied by appropriate warnings and security 
confirmations.
+
+Taler also supports regional currencies which can have between 4 and 12 
letters.
+These are not required to have an auditor, but using one is encouraged.
+Regional currencies should be shown separate from real currencies in the 
wallet's balance sheet
+and be accompanied by their exchange
+to allow for the fact that different regions or organisations chose the same 
currency code,
+but uses different exchanges to handle the currency.
+
+Open Question: What happens if a regional currency wants to use more than one 
exchange?
+
+When withdrawing money to a regional currency exchange,
+the user should be made aware of the fact that the currency of the exchange is 
not official.
+A warning should be shown if a currency does not have an auditor
+or the auditor is not trusted by the users.
+If the user expressed trust for a regional currency's auditor,
+no further warnings will be shown for the given currency.

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]