Re: [Taler] Exchange Terms of Service

[Sebastian Javier Marchano]

> No. That's way too complex for the exchange. The exchange has a process
> for how the ToS should be generated, the user should stick to that. I've
> just now extended the process so that the exchange actually supports
> text/markdown as a mime type and generates one from the RST specs. But
> we should not complicate the exchange logic with a markdown parser.
> That's too far.

ACK, Maybe we can somehow expose the wallet validation as a cli and the exchange operator can use that.

> No, I don't think so. Storing the ToS locally likely would make the
> wallet DB significantly larger (which also creates more traffic for
> backups!), and it's pretty rare that a user would really want to read
> the ToS offline after having agreed to them.  Not to mention exchanges
> are likely to offer the ToS in multiple languages, and switching between
> them might also be desirable. So this one I don't see as a positive
> change, just extra code and data for no important use-case.

If the wallet and exchange has a conflict regarding the ToS the content is important so the wallet user does not depend on someone storing the tos. 

Empty wallet size, almost 2mb

Wallet with some coins, 5.5 mb

This is a small wallet without purchases.

tos size is less than 20k

Gzipped version ~ 6K

I think size would not be a problem.

--
Sebastian

On Fri, 6 Jan 2023 at 18:30, Christian Grothoff <grothoff@gnunet.org> wrote:

On 1/6/23 19:55, Sebastian Javier Marchano wrote:
> I agree with your expectations, maybe something to fix before the 9.2
> release.
>
> 1.- wallet core should request text/markdown

Agreed.

> 2.- add documentation about missing section

Agreed. In fact, the entire ToS generation process seriously lacks
documentation. But more importantly, it's still not very usable in the
first place! We should probably unify the update-pp/update-tos scripts
into some kind of taler-exchange-generate-terms.sh script that we can
ship and that takes a RST file and translations and generates correct
ToS on demand. But, I don't see this as terribly urgent.

> 3.- exchange should check and fail fast if ToS has the wrong format

No. That's way too complex for the exchange. The exchange has a process
for how the ToS should be generated, the user should stick to that. I've
just now extended the process so that the exchange actually supports
text/markdown as a mime type and generates one from the RST specs. But
we should not complicate the exchange logic with a markdown parser.
That's too far.

> 4.- wallet-ui should keep fist section open of ToS

Agreed.

> Also, more importantly and not yet implemented, users should be able to
> access the ToS any time offline even if the exchange has updated the ToS.
> If the exchange has updated the ToS, should the user be able to access old
> and new ToS? Since it may have coins based on previous rules.

No, I don't think so. Storing the ToS locally likely would make the
wallet DB significantly larger (which also creates more traffic for
backups!), and it's pretty rare that a user would really want to read
the ToS offline after having agreed to them.  Not to mention exchanges
are likely to offer the ToS in multiple languages, and switching between
them might also be desirable. So this one I don't see as a positive
change, just extra code and data for no important use-case.


My 2 cents

Christian