[taler-docs] branch master updated: discuss how to deal with UPDATED (mu

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-docs] branch master updated: discuss how to deal with UPDATED (mu

From:	gnunet
Subject:	[taler-docs] branch master updated: discuss how to deal with UPDATED (mutable) tables during auditor replication
Date:	Wed, 06 Jan 2021 20:00:13 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository docs.

The following commit(s) were added to refs/heads/master by this push:
     new b1841f2  discuss how to deal with UPDATED (mutable) tables during 
auditor replication
     new 44931d7  Merge branch 'master' of git+ssh://git.taler.net/docs
b1841f2 is described below

commit b1841f2970d4f205774a0f0b667bd04770ca6c07
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Jan 6 20:00:07 2021 +0100

    discuss how to deal with UPDATED (mutable) tables during auditor replication
---
 design-documents/011-auditor-db-sync.rst | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/design-documents/011-auditor-db-sync.rst 
b/design-documents/011-auditor-db-sync.rst
index bf8f9a5..aba7b50 100644
--- a/design-documents/011-auditor-db-sync.rst
+++ b/design-documents/011-auditor-db-sync.rst
@@ -94,6 +94,34 @@ Proposed Solution
 * The canonical Postgres synchronization between exchange and the
   auditor's "ingress" database must use transport security.
 
+The above solution does not gracefully handle mutable tables on which
+the exchange performs UPDATE statements, as such updates will not bump
+the BIGSERIAL and thus would not be replicated by the helper.  Thus, we
+need to consider all tables that the exchange ever performs UPDATE on.
+Those are:
+
+* /reserves/ --- the exchange updates the remaining reserve balance;
+  here the auditor currently performs a sanity check against
+  its own reserve balance calculation.  The proposed way to address
+  this is to make this sanity check optional and to be only used if
+  the auditor auditor runs against the "primary" exchange database
+  (like an internal audit).  This is acceptable, as an inaccurate
+  reserve balance is mostly used to raise an early warning and not
+  indicative of any actualized financial gains or losses from the
+  exchange.
+* /deposits/ --- the exchange updates the /tiny/ and /done/ bit
+  fields. /tiny/ can be trivially established by the auditor, and
+  we can simply avoid the auditor considering that bit. /done/
+  was so far only used to enrich the reporting.  The proposed way
+  to address the uses of both fields is thus to only use them in
+  internal audits (against the primary exchange database). Both
+  can be safely ignored by the external audit.
+* /prewire/ --- the exchange updates the /finished/ and /failed/
+  bits. The entire table is not used by the auditor and its
+  main values cannot be validated by the auditor anyway.
+* /auditors/ --- the exchange updates the /is_active/ and /last_change/
+  fields.  The entire table is of no concern to the auditor.
+
 
 Alternatives
 ============

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-docs] branch master updated: discuss how to deal with UPDATED (mutable) tables during auditor replication, gnunet <=

Prev by Date: [libeufin] branch master updated: Introducing global clock.
Next by Date: [libmicrohttpd] branch master updated: return timeout of 0 if cleanup is pending
Previous by thread: [libeufin] branch master updated: Introducing global clock.
Next by thread: [libmicrohttpd] branch master updated: return timeout of 0 if cleanup is pending
Index(es):
- Date
- Thread