gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[donau] 10/10: adding code listings & commitment for aritfact

From: gnunet
Subject: [donau] 10/10: adding code listings & commitment for aritfact
Date: Thu, 23 Jan 2025 00:25:10 +0100 
This is an automated email from the git hooks/post-receive script.

tanja-lange pushed a commit to branch master
in repository donau.

commit 351b82403edd44c89f86999a420f76695401700f
Author: Tanja Lange <tanja@hyperelliptic.org>
AuthorDate: Thu Jan 23 00:24:32 2025 +0100

    adding code listings & commitment for aritfact
---
 doc/usenix-security-2025/paper/app-impl.tex | 186 ++++++++++++++++++++++++++++
 doc/usenix-security-2025/paper/ethic.tex    |  15 +--
 doc/usenix-security-2025/paper/threats.tex  |   2 +-
 3 files changed, 195 insertions(+), 8 deletions(-)

diff --git a/doc/usenix-security-2025/paper/app-impl.tex 
b/doc/usenix-security-2025/paper/app-impl.tex
new file mode 100644
index 0000000..28a8d45
--- /dev/null
+++ b/doc/usenix-security-2025/paper/app-impl.tex
@@ -0,0 +1,186 @@
+\section{Additional Details -- Implementation}\label{app-impl}
+
+This appendix describes the remaining implementation details such as APIs.
+
+\subsection{REST API} 
+
+The detailed REST API specification of the Donau back-end is publicly
+available and will be submitted as artifact.
+The following are
+the main API endpoints:
+
+\subsubsection{\texttt{/keys}}
+The \texttt{GET /keys} request returns all valid donation unit public keys
+offered by the Donau, as well as the Donau's current EdDSA public signing key.
+The following is an example response of a \texttt{curl 127.0.0.1:8080/keys}
+command. Some parts of the following example responses are truncated (denoted 
by
+the three dots '\texttt{...}') to make them more readable.
+
+\begin{verbatim}
+{
+  "version": "0:0:0",
+  "base_url": "http://localhost:8080/";,
+  "currency": "EUR",
+  "signkeys": [
+    {
+      "stamp_start": {
+        "t_s": 1717069556
+      },
+      "stamp_expire": {
+        "t_s": 1718279156
+      },
+      "key": "CFV2PY8164E231XZSQK30K8R6CBQ..."
+    },
+    {
+    ...
+    }
+    ],
+    "donation_units": [
+    {
+      "donation_unit_pub": {
+        "cipher": "RSA",
+        "rsa_public_key": "020000YC7XK99S..."
+      },
+      "year": 2024,
+      "lost": false,
+      "value": "EUR:5"
+    },
+    {
+      "donation_unit_pub": {
+        "cipher": "CS",
+        "cs_public_key": "7SKRQGBSEPBG24..."
+      },
+      "year": 2024,
+      "lost": false,
+      "value": "EUR:1"
+    },
+    {
+    ...
+    }
+    ]
+}
+\end{verbatim}
+
+\subsubsection{\texttt{/charities}}
+
+The following is an example response of a \texttt{curl 
127.0.0.1:8080/charities} command.
+There is only one charity named \texttt{example} registered with a donation 
limit of 10 euros.
+
+\begin{verbatim}
+{
+  "charities": [
+    {
+      "charity_pub": "ABETNXT9ZF606FRF3WD5...",
+      "url": "example.com",
+      "name": "example",
+      "max_per_year": "EUR:10",
+      "receipts_to_date": "EUR:0",
+      "current_year": 2024
+    }
+  ]
+}
+\end{verbatim}
+
+To insert a charity a \texttt{POST} request can be sent using
+\texttt{curl -d @charity.json -X POST http://127.0.0.1:8080/charities}.
+
+The following is an example of a
+\texttt{charity.json} entry
+
+\begin{verbatim}
+{
+  "charity_pub": "ABETNXT9ZF606FRF3WD5...",
+  "charity_name": "mycharity",
+  "charity_url": "mycharity.example.com",
+  "max_per_year": "EUR:1000",
+  "receipts_to_date": "EUR:0",
+  "current_year": 2024
+}
+\end{verbatim}
+
+The response consists of the charity ID generated by the database.
+\begin{verbatim}
+{
+  "charity-id": 1
+}
+\end{verbatim}
+
+
+\subsubsection{\texttt{/batch-issue}}
+
+The following is an example response of a \\
+\texttt{curl -d @issue.json -X POST http://127.0.0.1:8080/batch-issue/1}
+request showing a \texttt{issue.json} entry.
+The number at the end of the URL is the charity ID.
+
+
+
+\begin{verbatim}
+{
+  "budikeypairs": [
+  {
+    "h_donaton_unit_pub": "130C2KDHTAFDQFB8XED...",
+    "blinded_udi": {
+    "cipher": "RSA",
+    "rsa_blinded_identifier": "AXPTEE24W28S9XN..."
+    }
+  }
+  ],
+    "charity_sig": "JEJ0QMDXD416XKSK1SG0DETJEH...",
+  "year": 2024
+}
+\end{verbatim}
+
+\begin{verbatim}
+{
+   "blind_signatures": [
+     {
+      "blinded_signature": {
+      "cipher": "RSA",
+      "blinded_rsa_signature": "16XHNWSCDRVKHF..."
+       }
+     }
+   ],
+   "issued_amount: "EUR:15"
+}
+\end{verbatim}
+
+\subsubsection{\texttt{/batch-submit}}
+
+\begin{verbatim}
+{
+  "h_donor_tax_id": "N2NYR2SFNGZSS388R2SB0VK...",
+  "donation_year": 2024,
+  "donation_receipts": [
+  {
+    "h_donaton_unit_pub": "130C2KDHTAFDQFB8X...",
+    "nonce": "JEQC39G",
+    "donation_unit_sig":
+    {
+    "cipher": "RSA",
+    "rsa_signature":  "GQBXPNE4JT5W53T3CVP6E..."
+    }
+  }
+  ]
+}
+\end{verbatim}
+
+\subsubsection{\texttt{/donation-statement}}
+To obtain the donation statement, the donor submits a GET request for a 
specified year and taxpayer ID.
+
+The following is an example response of a \\
+\texttt{curl http://127.0.0.1:8080/donation-statement/$\backslash$} \\
+\hspace*{0.5cm} \ \texttt{2024/N2NYR2SFNGZSS388R2SB...} \\
+request.
+
+The last parameter of the URL is the \DI.
+
+\begin{verbatim}
+{
+  "total": "EUR:15",
+  "donation_statement": "C1JVDP25AR001W5AHMAZ...",
+  "donau_pub": "63f62b7901311c2187bfcde6304d1..."
+}
+\end{verbatim}
+
+
diff --git a/doc/usenix-security-2025/paper/ethic.tex 
b/doc/usenix-security-2025/paper/ethic.tex
index 7423e49..187c0f0 100644
--- a/doc/usenix-security-2025/paper/ethic.tex
+++ b/doc/usenix-security-2025/paper/ethic.tex
@@ -1,4 +1,4 @@
-\section*{Ethics considerations and compliance with the open science policy}
+\section{Ethics considerations}
 
 Ethical considerations are at the root of this project.
 At their essence, donations are ethical acts that empower third parties to act 
in a manner compatible with the value system of the donor.
@@ -7,23 +7,24 @@ explicitly linking them to the causes and institutions they 
support.
 This has a self-censoring or chilling effect, due to fear of potential future 
repercussions in complex and volatile political climates:
 information may linger inside of the bureaucratic system and later cause 
unforeseeable harm.
 Support for certain organizations and their linked causes
-can lead not only to stigmatisation but also to phyical harassement, or far 
worse.
+can lead not only to stigmatization but also to physical harassment, or far 
worse.
 Such concerns about real-world consequences of revealing one's support for 
various causes creates stress for donors,
 and the current approach to provide tax benefits for donations encroaches on 
the privacy of those who do not wish to reveal who they support.
 
 \input{threats}
 
-\subsection*{Administrative burden}
+\subsection{Administrative burden}
 The current mechanism also has discriminatory aspects.
-It places a higher bureaucratic cost on spreading an equivalent cumulative 
amount across smaller philanthropic causes -- denying intersectional interests 
donors may have, and disadvantaging smaller, early stage and more lean public 
causes. %XXX: "earlier stage"/"leaner"?
+It places a higher bureaucratic cost on spreading an equivalent cumulative 
amount across smaller philanthropic causes -- denying inter-sectional interests 
donors may have, and disadvantaging smaller, early stage and more lean public 
causes. %XXX: "earlier stage"/"leaner"?
 The latter notably includes ``niche'' causes linked to (combinations of) 
cultural, sexual, ethnic, religious and social minorities.
 Smaller causes often do not have the capacity to offer support for achieving 
fiscal compensation to their donors, reprieving their (latent) donor 
constituencies of the amplifying effects of such compensation and making them 
less attractive (and thus relatively less likely) to be supported. %XXX: This 
sentence does not make sense to me. "Reprieve" is not used correctly (I think), 
and it's too lacking in detail to understand whether it's referring to e.g., 
membership benefits, or something [...]
 
-The aim of this project is to simplify donating for all and offer 
non-discrimatory access to tax benefits and greater protection of privacy, 
leading to greater tax justice and a philanthropic climate.
+The aim of this project is to simplify donating for all and offer 
non-discriminatory access to tax benefits and greater protection of privacy, 
leading to greater tax justice and a philanthropic climate.
 We want to reverse the situation where people prefer not to claim the tax 
benefit to which they are entitled in order to protect themselves.
 
-\subsection*{Access to software}
-The associated software does not place any ethical dillema's upon the users.
+\section{Open science}
+\subsection{Access to software}
+The associated software does not place any ethical dilemmas upon the users.
 It is delivered as free/libre open source software, available under GNU
 Affero General Public license v3 or later in 
 \ifanonymous
diff --git a/doc/usenix-security-2025/paper/threats.tex 
b/doc/usenix-security-2025/paper/threats.tex
index 8fe9853..b5a1eef 100644
--- a/doc/usenix-security-2025/paper/threats.tex
+++ b/doc/usenix-security-2025/paper/threats.tex
@@ -1,4 +1,4 @@
-\subsection*{Money laundring}\label{sec:threats}
+\subsection{Money laundering}\label{sec:threats}
 
 \ifodd0
 

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]