diff options
author | Florian Dold <florian@dold.me> | 2023-09-06 18:35:43 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2023-09-06 18:35:43 +0200 |
commit | cd9c3a143bc1ad88ce77d53c212a90f60660069a (patch) | |
tree | a38d78af1e5bf96d666de09691b6418f9c295762 | |
parent | 6affe04fe6919767181274891fd948688dedd700 (diff) |
remove deprecated auditor trust management
-rw-r--r-- | packages/taler-util/src/wallet-types.ts | 11 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/db.ts | 81 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/internal-wallet-state.ts | 4 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/operations/balance.ts | 2 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/operations/exchanges.ts | 51 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/operations/pay-peer-push-credit.ts | 1 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/operations/withdraw.ts | 104 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/wallet-api-types.ts | 3 | ||||
-rw-r--r-- | packages/taler-wallet-core/src/wallet.ts | 39 |
9 files changed, 51 insertions, 245 deletions
diff --git a/packages/taler-util/src/wallet-types.ts b/packages/taler-util/src/wallet-types.ts index 0070b18e4..353fb900d 100644 --- a/packages/taler-util/src/wallet-types.ts +++ b/packages/taler-util/src/wallet-types.ts @@ -1465,22 +1465,11 @@ export interface ExchangeWithdrawalDetails { selectedDenoms: DenomSelectionState; /** - * Does the wallet know about an auditor for - * the exchange that the reserve. - */ - isAudited: boolean; - - /** * Did the user already accept the current terms of service for the exchange? */ termsOfServiceAccepted: boolean; /** - * The exchange is trusted directly. - */ - isTrusted: boolean; - - /** * The earliest deposit expiration of the selected coins. */ earliestDepositExpiration: TalerProtocolTimestamp; diff --git a/packages/taler-wallet-core/src/db.ts b/packages/taler-wallet-core/src/db.ts index 0c51a68c9..4c0a6168d 100644 --- a/packages/taler-wallet-core/src/db.ts +++ b/packages/taler-wallet-core/src/db.ts @@ -139,8 +139,6 @@ export const CURRENT_DB_CONFIG_KEY = "currentMainDbName"; */ export const WALLET_DB_MINOR_VERSION = 10; - - /** * Format of the operation status code: xyznnn * @@ -294,61 +292,6 @@ export interface ReserveBankInfo { } /** - * Record that indicates the wallet trusts - * a particular auditor. - */ -export interface AuditorTrustRecord { - /** - * Currency that we trust this auditor for. - */ - currency: string; - - /** - * Base URL of the auditor. - */ - auditorBaseUrl: string; - - /** - * Public key of the auditor. - */ - auditorPub: string; - - /** - * UIDs for the operation of adding this auditor - * as a trusted auditor. - * - * (Used for backup/sync merging and tombstones.) - */ - uids: string[]; -} - -/** - * Record to indicate trust for a particular exchange. - */ -export interface ExchangeTrustRecord { - /** - * Currency that we trust this exchange for. - */ - currency: string; - - /** - * Canonicalized exchange base URL. - */ - exchangeBaseUrl: string; - - /** - * Master public key of the exchange. - */ - exchangeMasterPub: string; - - /** - * UIDs for the operation of adding this exchange - * as trusted. - */ - uids: string[]; -} - -/** * Status of a denomination. */ export enum DenominationVerificationStatus { @@ -2451,30 +2394,6 @@ export const WalletStoresV1 = { describeContents<ConfigRecord>({ keyPath: "key" }), {}, ), - auditorTrust: describeStore( - "auditorTrust", - describeContents<AuditorTrustRecord>({ - keyPath: ["currency", "auditorBaseUrl"], - }), - { - byAuditorPub: describeIndex("byAuditorPub", "auditorPub"), - byUid: describeIndex("byUid", "uids", { - multiEntry: true, - }), - }, - ), - exchangeTrust: describeStore( - "exchangeTrust", - describeContents<ExchangeTrustRecord>({ - keyPath: ["currency", "exchangeBaseUrl"], - }), - { - byExchangeMasterPub: describeIndex( - "byExchangeMasterPub", - "exchangeMasterPub", - ), - }, - ), denominations: describeStore( "denominations", describeContents<DenominationRecord>({ diff --git a/packages/taler-wallet-core/src/internal-wallet-state.ts b/packages/taler-wallet-core/src/internal-wallet-state.ts index a189c9cb3..20f8a7511 100644 --- a/packages/taler-wallet-core/src/internal-wallet-state.ts +++ b/packages/taler-wallet-core/src/internal-wallet-state.ts @@ -107,10 +107,6 @@ export interface ExchangeOperations { }>, exchangeBaseUrl: string, ): Promise<ExchangeDetailsRecord | undefined>; - getExchangeTrust( - ws: InternalWalletState, - exchangeInfo: ExchangeEntryRecord, - ): Promise<TrustInfo>; updateExchangeFromUrl( ws: InternalWalletState, baseUrl: string, diff --git a/packages/taler-wallet-core/src/operations/balance.ts b/packages/taler-wallet-core/src/operations/balance.ts index 0fcab0542..9c08a57bf 100644 --- a/packages/taler-wallet-core/src/operations/balance.ts +++ b/packages/taler-wallet-core/src/operations/balance.ts @@ -281,7 +281,7 @@ export async function getAcceptableExchangeBaseUrls( const acceptableExchangeUrls = new Set<string>(); const depositableExchangeUrls = new Set<string>(); await ws.db - .mktx((x) => [x.exchanges, x.exchangeDetails, x.auditorTrust]) + .mktx((x) => [x.exchanges, x.exchangeDetails]) .runReadOnly(async (tx) => { // FIXME: We should have a DB index to look up all exchanges // for a particular auditor ... diff --git a/packages/taler-wallet-core/src/operations/exchanges.ts b/packages/taler-wallet-core/src/operations/exchanges.ts index 311a71a6e..690bc3cec 100644 --- a/packages/taler-wallet-core/src/operations/exchanges.ts +++ b/packages/taler-wallet-core/src/operations/exchanges.ts @@ -972,54 +972,3 @@ export async function getExchangePaytoUri( )}`, ); } - -/** - * Check if and how an exchange is trusted and/or audited. - */ -export async function getExchangeTrust( - ws: InternalWalletState, - exchangeInfo: ExchangeEntryRecord, -): Promise<TrustInfo> { - let isTrusted = false; - let isAudited = false; - - return await ws.db - .mktx((x) => [ - x.exchanges, - x.exchangeDetails, - x.exchangeTrust, - x.auditorTrust, - ]) - .runReadOnly(async (tx) => { - const exchangeDetails = await getExchangeDetails( - tx, - exchangeInfo.baseUrl, - ); - - if (!exchangeDetails) { - throw Error(`exchange ${exchangeInfo.baseUrl} details not available`); - } - const exchangeTrustRecord = - await tx.exchangeTrust.indexes.byExchangeMasterPub.get( - exchangeDetails.masterPublicKey, - ); - if ( - exchangeTrustRecord && - exchangeTrustRecord.uids.length > 0 && - exchangeTrustRecord.currency === exchangeDetails.currency - ) { - isTrusted = true; - } - - for (const auditor of exchangeDetails.auditors) { - const auditorTrustRecord = - await tx.auditorTrust.indexes.byAuditorPub.get(auditor.auditor_pub); - if (auditorTrustRecord && auditorTrustRecord.uids.length > 0) { - isAudited = true; - break; - } - } - - return { isTrusted, isAudited }; - }); -} diff --git a/packages/taler-wallet-core/src/operations/pay-peer-push-credit.ts b/packages/taler-wallet-core/src/operations/pay-peer-push-credit.ts index 47e9eaddd..afeeb2c6b 100644 --- a/packages/taler-wallet-core/src/operations/pay-peer-push-credit.ts +++ b/packages/taler-wallet-core/src/operations/pay-peer-push-credit.ts @@ -465,7 +465,6 @@ async function handlePendingMerge( x.reserves, x.exchanges, x.exchangeDetails, - x.exchangeTrust, ]) .runReadWrite(async (tx) => { const peerInc = await tx.peerPushPaymentIncoming.get( diff --git a/packages/taler-wallet-core/src/operations/withdraw.ts b/packages/taler-wallet-core/src/operations/withdraw.ts index d8ce0a9a2..2b76613e7 100644 --- a/packages/taler-wallet-core/src/operations/withdraw.ts +++ b/packages/taler-wallet-core/src/operations/withdraw.ts @@ -119,7 +119,6 @@ import { import { getExchangeDetails, getExchangePaytoUri, - getExchangeTrust, updateExchangeFromUrl, } from "./exchanges.js"; import { @@ -722,7 +721,9 @@ interface WithdrawalBatchResult { batchResp: ExchangeWithdrawBatchResponse; } enum AmlStatus { - normal= 0, pending = 1, fronzen = 2, + normal = 0, + pending = 1, + fronzen = 2, } async function handleKycRequired( @@ -769,7 +770,9 @@ async function handleKycRequired( const kycStatus = await kycStatusRes.json(); logger.info(`kyc status: ${j2s(kycStatus)}`); kycUrl = kycStatus.kyc_url; - } else if (kycStatusRes.status === HttpStatusCode.UnavailableForLegalReasons) { + } else if ( + kycStatusRes.status === HttpStatusCode.UnavailableForLegalReasons + ) { const kycStatus = await kycStatusRes.json(); logger.info(`aml status: ${j2s(kycStatus)}`); amlStatus = kycStatus.aml_status; @@ -805,11 +808,15 @@ async function handleKycRequired( requirementRow: uuidResp.requirement_row, }; wg2.kycUrl = kycUrl; - wg2.status = amlStatus === AmlStatus.normal || amlStatus === undefined ? WithdrawalGroupStatus.PendingKyc : - amlStatus === AmlStatus.pending ? WithdrawalGroupStatus.PendingAml : - amlStatus === AmlStatus.fronzen ? WithdrawalGroupStatus.SuspendedAml : - assertUnreachable(amlStatus); - + wg2.status = + amlStatus === AmlStatus.normal || amlStatus === undefined + ? WithdrawalGroupStatus.PendingKyc + : amlStatus === AmlStatus.pending + ? WithdrawalGroupStatus.PendingAml + : amlStatus === AmlStatus.fronzen + ? WithdrawalGroupStatus.SuspendedAml + : assertUnreachable(amlStatus); + await tx.withdrawalGroups.put(wg2); const newTxState = computeWithdrawalTransactionStatus(wg2); return { @@ -919,31 +926,31 @@ async function processPlanchetExchangeBatchRequest( // FIXME: handle individual error codes better! - const reqUrl = new URL( - `reserves/${withdrawalGroup.reservePub}/batch-withdraw`, - withdrawalGroup.exchangeBaseUrl, - ).href; + const reqUrl = new URL( + `reserves/${withdrawalGroup.reservePub}/batch-withdraw`, + withdrawalGroup.exchangeBaseUrl, + ).href; - try { - const resp = await ws.http.postJson(reqUrl, batchReq); - if (resp.status === HttpStatusCode.UnavailableForLegalReasons) { - await handleKycRequired(ws, withdrawalGroup, resp, 0, requestCoinIdxs); - } - const r = await readSuccessResponseJsonOrThrow( - resp, - codecForWithdrawBatchResponse(), - ); - return { - coinIdxs: requestCoinIdxs, - batchResp: r, - }; - } catch (e) { - await storeCoinError(e, requestCoinIdxs[0]); - return { - batchResp: { ev_sigs: [] }, - coinIdxs: [], - }; + try { + const resp = await ws.http.postJson(reqUrl, batchReq); + if (resp.status === HttpStatusCode.UnavailableForLegalReasons) { + await handleKycRequired(ws, withdrawalGroup, resp, 0, requestCoinIdxs); } + const r = await readSuccessResponseJsonOrThrow( + resp, + codecForWithdrawBatchResponse(), + ); + return { + coinIdxs: requestCoinIdxs, + batchResp: r, + }; + } catch (e) { + await storeCoinError(e, requestCoinIdxs[0]); + return { + batchResp: { ev_sigs: [] }, + coinIdxs: [], + }; + } } async function processPlanchetVerifyAndStoreCoin( @@ -1410,10 +1417,12 @@ async function processWithdrawalGroupPendingKyc( logger.info(`kyc status: ${j2s(kycStatus)}`); // FIXME: do we need to update the KYC url, or does it always stay constant? return { ready: false }; - } else if (kycStatusRes.status === HttpStatusCode.UnavailableForLegalReasons) { + } else if ( + kycStatusRes.status === HttpStatusCode.UnavailableForLegalReasons + ) { const kycStatus = await kycStatusRes.json(); logger.info(`aml status: ${j2s(kycStatus)}`); - return {ready : false} + return { ready: false }; } else { throw Error( `unexpected response from kyc-check (${kycStatusRes.status})`, @@ -1709,11 +1718,6 @@ export async function getExchangeWithdrawalInfo( exchangeWireAccounts.push(account.payto_uri); } - const { isTrusted, isAudited } = await ws.exchangeOps.getExchangeTrust( - ws, - exchange, - ); - let hasDenomWithAgeRestriction = false; logger.trace("computing earliest deposit expiration"); @@ -1792,8 +1796,6 @@ export async function getExchangeWithdrawalInfo( exchangePaytoUris: paytoUris, exchangeWireAccounts, exchangeVersion: exchangeDetails.protocolVersionRange || "unknown", - isAudited, - isTrusted, numOfferedDenoms: possibleDenoms.length, selectedDenoms, // FIXME: delete this field / replace by something we can display to the user @@ -2210,8 +2212,6 @@ export interface PrepareCreateWithdrawalGroupResult { withdrawalGroup: WithdrawalGroupRecord; transactionId: string; creationInfo?: { - isTrusted: boolean; - isAudited: boolean; amount: AmountJson; canonExchange: string; exchangeDetails: ExchangeDetailsRecord; @@ -2306,10 +2306,6 @@ export async function internalPrepareCreateWithdrawalGroup( logger.trace(exchangeDetails); throw Error("exchange not updated"); } - const { isAudited, isTrusted } = await getExchangeTrust( - ws, - exchangeInfo.exchange, - ); const transactionId = constructTransactionIdentifier({ tag: TransactionType.Withdrawal, withdrawalGroupId: withdrawalGroup.withdrawalGroupId, @@ -2319,8 +2315,6 @@ export async function internalPrepareCreateWithdrawalGroup( withdrawalGroup, transactionId, creationInfo: { - isAudited, - isTrusted, canonExchange, amount, exchangeDetails, @@ -2339,7 +2333,6 @@ export async function internalPerformCreateWithdrawalGroup( withdrawalGroups: typeof WalletStoresV1.withdrawalGroups; reserves: typeof WalletStoresV1.reserves; exchanges: typeof WalletStoresV1.exchanges; - exchangeTrust: typeof WalletStoresV1.exchangeTrust; }>, prep: PrepareCreateWithdrawalGroupResult, ): Promise<PerformCreateWithdrawalGroupResult> { @@ -2347,7 +2340,7 @@ export async function internalPerformCreateWithdrawalGroup( if (!prep.creationInfo) { return { withdrawalGroup, transitionInfo: undefined }; } - const { isAudited, isTrusted, amount, canonExchange, exchangeDetails } = + const { amount, canonExchange, exchangeDetails } = prep.creationInfo; await tx.withdrawalGroups.add(withdrawalGroup); @@ -2363,15 +2356,6 @@ export async function internalPerformCreateWithdrawalGroup( await tx.exchanges.put(exchange); } - if (!isAudited && !isTrusted) { - await tx.exchangeTrust.put({ - currency: amount.currency, - exchangeBaseUrl: canonExchange, - exchangeMasterPub: exchangeDetails.masterPublicKey, - uids: [encodeCrock(getRandomBytes(32))], - }); - } - const oldTxState = { major: TransactionMajorState.None, minor: undefined, @@ -2417,7 +2401,6 @@ export async function internalCreateWithdrawalGroup( x.reserves, x.exchanges, x.exchangeDetails, - x.exchangeTrust, ]) .runReadWrite(async (tx) => { return await internalPerformCreateWithdrawalGroup(ws, tx, prep); @@ -2563,7 +2546,6 @@ export async function createManualWithdrawal( x.withdrawalGroups, x.exchanges, x.exchangeDetails, - x.exchangeTrust, ]) .runReadOnly(async (tx) => { return await getFundingPaytoUris(tx, withdrawalGroup.withdrawalGroupId); diff --git a/packages/taler-wallet-core/src/wallet-api-types.ts b/packages/taler-wallet-core/src/wallet-api-types.ts index 72cd37b10..d89ad257a 100644 --- a/packages/taler-wallet-core/src/wallet-api-types.ts +++ b/packages/taler-wallet-core/src/wallet-api-types.ts @@ -121,7 +121,7 @@ import { DeleteStoredBackupRequest, TestingSetTimetravelRequest, } from "@gnu-taler/taler-util"; -import { AuditorTrustRecord, WalletContractData } from "./db.js"; +import { WalletContractData } from "./db.js"; import { AddBackupProviderRequest, AddBackupProviderResponse, @@ -260,7 +260,6 @@ export interface WalletConfig { */ builtin: { exchanges: string[]; - auditors: AuditorTrustRecord[]; }; /** diff --git a/packages/taler-wallet-core/src/wallet.ts b/packages/taler-wallet-core/src/wallet.ts index 9a3b8f235..7a1bd5a4f 100644 --- a/packages/taler-wallet-core/src/wallet.ts +++ b/packages/taler-wallet-core/src/wallet.ts @@ -199,7 +199,6 @@ import { downloadTosFromAcceptedFormat, getExchangeDetails, getExchangeRequestTimeout, - getExchangeTrust, provideExchangeRecordInTx, updateExchangeFromUrl, updateExchangeFromUrlHandler, @@ -527,7 +526,7 @@ async function runTaskLoop( */ async function fillDefaults(ws: InternalWalletState): Promise<void> { await ws.db - .mktx((x) => [x.config, x.auditorTrust, x.exchanges, x.exchangeDetails]) + .mktx((x) => [x.config, x.exchanges, x.exchangeDetails]) .runReadWrite(async (tx) => { const appliedRec = await tx.config.get("currencyDefaultsApplied"); let alreadyApplied = appliedRec ? !!appliedRec.value : false; @@ -535,10 +534,6 @@ async function fillDefaults(ws: InternalWalletState): Promise<void> { logger.trace("defaults already applied"); return; } - logger.info("importing default exchanges and auditors"); - for (const c of ws.config.builtin.auditors) { - await tx.auditorTrust.put(c); - } for (const baseUrl of ws.config.builtin.exchanges) { await addPresetExchangeEntry(tx, baseUrl); const now = AbsoluteTime.now(); @@ -1558,24 +1553,11 @@ async function dispatchRequestInternal<Op extends WalletApiOperation>( return {}; } case WalletApiOperation.ListCurrencies: { - return await ws.db - .mktx((x) => [x.auditorTrust, x.exchangeTrust]) - .runReadOnly(async (tx) => { - const trustedAuditors = await tx.auditorTrust.iter().toArray(); - const trustedExchanges = await tx.exchangeTrust.iter().toArray(); - return { - trustedAuditors: trustedAuditors.map((x) => ({ - currency: x.currency, - auditorBaseUrl: x.auditorBaseUrl, - auditorPub: x.auditorPub, - })), - trustedExchanges: trustedExchanges.map((x) => ({ - currency: x.currency, - exchangeBaseUrl: x.exchangeBaseUrl, - exchangeMasterPub: x.exchangeMasterPub, - })), - }; - }); + // FIXME: Remove / change to scoped currency approach. + return { + trustedAuditors: [], + trustedExchanges: [], + }; } case WalletApiOperation.WithdrawFakebank: { const req = codecForWithdrawFakebankRequest().decode(payload); @@ -1780,14 +1762,6 @@ export class Wallet { public static defaultConfig: Readonly<WalletConfig> = { builtin: { exchanges: ["https://exchange.demo.taler.net/"], - auditors: [ - { - currency: "KUDOS", - auditorPub: "BW9DC48PHQY4NH011SHHX36DZZ3Q22Y6X7FZ1VD1CMZ2PTFZ6PN0", - auditorBaseUrl: "https://auditor.demo.taler.net/", - uids: ["5P25XF8TVQP9AW6VYGY2KV47WT5Y3ZXFSJAA570GJPX5SVJXKBVG"], - }, - ], }, features: { allowHttp: false, @@ -1860,7 +1834,6 @@ class InternalWalletStateImpl implements InternalWalletState { exchangeOps: ExchangeOperations = { getExchangeDetails, - getExchangeTrust, updateExchangeFromUrl, }; |