[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] 01/02: update response
From: |
gnunet |
Subject: |
[taler-exchange] 01/02: update response |
Date: |
Sun, 12 Jul 2020 18:23:48 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit 4d298f9bea8a98acc5d4b7d738af02313b203658
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Sun Jul 12 10:22:35 2020 +0200
update response
---
doc/audit/response-202005.tex | 19 ++++++++++++-------
doc/prebuilt | 2 +-
2 files changed, 13 insertions(+), 8 deletions(-)
diff --git a/doc/audit/response-202005.tex b/doc/audit/response-202005.tex
index b07e053e..5d90b4c7 100644
--- a/doc/audit/response-202005.tex
+++ b/doc/audit/response-202005.tex
@@ -15,9 +15,8 @@
\section{Abstract}
-This is the preliminary response to the source code audit report CodeBlau
-created for GNU Taler in Q2/Q3 2020. A final response with more details is
-expected later this year.
+This is the response to the source code audit report CodeBlau
+created for GNU Taler in Q2/Q3 2020.
\section{Management Summary}
@@ -44,10 +43,16 @@ We appreciate CodeBlau's extensive list of checks the Taler
auditor performs,
which was previously not documented adequately by us. We agree that the
auditor still needs more comprehensive documentation.
-As for issue \#6416, we agree with the analysis and the proposed fix, even if
-the implications are not fully clear. It has not yet been implemented as we
-want to carefully review all of the SQL statements implicated in the
-resolution and ensure we fully understand the implications.
+As for issue \#6416, we agree with the analysis. However, the proposed fix
+of making the primary key include the denomination would create other problems,
+such as the exchange sometimes not having the denomination key (link, refund)
+and the code in various places relying on the assumption of the coin's
+public key being unique. Furthermore, allowing coin key re-use may validate
+a terrible practice. We thus decided it is better to ``fail early'', and
+modified the code to check that the coin public key is ``unique'' during
+deposit, refresh and recoup and ensured that the exchange returns a proof
+of non-uniqueness in case of a violation. The test suite was extended to
+cover the corner case.
\section{Issues in GNUnet}
diff --git a/doc/prebuilt b/doc/prebuilt
index eef86710..ca53235c 160000
--- a/doc/prebuilt
+++ b/doc/prebuilt
@@ -1 +1 @@
-Subproject commit eef86710c7deade01361f8985fd9a6fe6a21e8ff
+Subproject commit ca53235ccfa0458ebf11c204888ca370e20ec3f5
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.