[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: discuss how to deal with UPDATED (mu
From: |
gnunet |
Subject: |
[taler-docs] branch master updated: discuss how to deal with UPDATED (mutable) tables during auditor replication |
Date: |
Wed, 06 Jan 2021 20:00:13 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new b1841f2 discuss how to deal with UPDATED (mutable) tables during
auditor replication
new 44931d7 Merge branch 'master' of git+ssh://git.taler.net/docs
b1841f2 is described below
commit b1841f2970d4f205774a0f0b667bd04770ca6c07
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Jan 6 20:00:07 2021 +0100
discuss how to deal with UPDATED (mutable) tables during auditor replication
---
design-documents/011-auditor-db-sync.rst | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/design-documents/011-auditor-db-sync.rst
b/design-documents/011-auditor-db-sync.rst
index bf8f9a5..aba7b50 100644
--- a/design-documents/011-auditor-db-sync.rst
+++ b/design-documents/011-auditor-db-sync.rst
@@ -94,6 +94,34 @@ Proposed Solution
* The canonical Postgres synchronization between exchange and the
auditor's "ingress" database must use transport security.
+The above solution does not gracefully handle mutable tables on which
+the exchange performs UPDATE statements, as such updates will not bump
+the BIGSERIAL and thus would not be replicated by the helper. Thus, we
+need to consider all tables that the exchange ever performs UPDATE on.
+Those are:
+
+* /reserves/ --- the exchange updates the remaining reserve balance;
+ here the auditor currently performs a sanity check against
+ its own reserve balance calculation. The proposed way to address
+ this is to make this sanity check optional and to be only used if
+ the auditor auditor runs against the "primary" exchange database
+ (like an internal audit). This is acceptable, as an inaccurate
+ reserve balance is mostly used to raise an early warning and not
+ indicative of any actualized financial gains or losses from the
+ exchange.
+* /deposits/ --- the exchange updates the /tiny/ and /done/ bit
+ fields. /tiny/ can be trivially established by the auditor, and
+ we can simply avoid the auditor considering that bit. /done/
+ was so far only used to enrich the reporting. The proposed way
+ to address the uses of both fields is thus to only use them in
+ internal audits (against the primary exchange database). Both
+ can be safely ignored by the external audit.
+* /prewire/ --- the exchange updates the /finished/ and /failed/
+ bits. The entire table is not used by the auditor and its
+ main values cannot be validated by the auditor anyway.
+* /auditors/ --- the exchange updates the /is_active/ and /last_change/
+ fields. The entire table is of no concern to the auditor.
+
Alternatives
============
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: discuss how to deal with UPDATED (mutable) tables during auditor replication,
gnunet <=