Re: [Taler] denomination manipulation

[Florian Dold]

On 11/27/2015 05:06 PM, Jeff Burdges wrote:
> On Fri, 2015-11-27 at 07:56 +0100, Christian Grothoff wrote:
> So the question is : Why does the wallet fetch /keys?  
> 
> It's always because the customer visits a mint's web page that
> identifies itself, yes?  That gives the mint control over when this
> happens.  In particular, if a mint asks that customers login before
> revealing itself to the wallet, then that's potentially problematic,
> depending upon the mint's userbase size. 

I'm not sure anymore what your hypothetical attack boils down to.  The
/keys request is completely independent of being logged in somewhere.

There's no concept of logging into a mint with Taler anyways. You might
want to log into a bank (to create a reserve) though, which might or
might not support Taler natively.

The wallet just needs the information given by /keys so that it can
construct the multiset of denomination keys given to the mint (together
with coin blanks etc.) when the user wants to withdraw coins.

How and when the wallet receives this information does not matter, as
long as it's reasonably recent.  The response to /keys is signed by the
mint's master key and the request does not have any parameters, so it's
easy to have it mirrored somewhere (maybe even with a QR code hash in a
newspaper) or just access it via Tor.

> We cannot necessarily control this outright, but we can influence it by
> making the Taler browser icon useful as soon as a customer visits a
> mint page.  If clicked, it could offer information like the wallet's
> balance, information about the mint, maybe an option to login to the
> mint, etc.  This would encourage mints to identify themselves to the
> wallet quickly.

The wallet always knows the balance anyways, there's no need to contact
the mint (except maybe when you're using two wallets and share coins
between them, did some partial spending, and lost one wallet).

- Florian