Re: [Taler] Exchange Terms of Service

[Florian Jung]

 On 1/7/23 15:21, Sebastian Javier Marchano wrote: 
>    
>  ACK, Maybe we can somehow expose the wallet validation as a cli and the exchange operator can use that. 
>   
 
 I agree that there should be a comprehensive linting tool. Lint checks I wish I had are: 
 
 - Check that the setup uses HTTPS, because android apps block HTTP traffic by default. 
 
 - Check the correct ToS formatting. 
 
 - Check that bank transfer in and out work properly (I had Nexus crash in pathological situations) 
 
 - Ensure that the /keys endpoint reports the correct exchange base url. (If it doesn't, everything seems to work on the first glance vut p2p fails) 
 
 
>    Empty wallet size, almost 2mb 
>  Wallet with some coins, 5.5 mb 
>  This is a small wallet without purchases. 
>   
 
 On my Android, an almost pristine wallet with no coins but that has seen an exchange takes 200kb of data, while a wallet that was in use for four days takes 650kB. 
 
 Howevery this does not yet account for the 82MB (!!) that the app itself (i.e. executable+assets) consumes. 
 
 I really don't think that storing some 100kB of ToS does any bad here. OTOH, I also could imagine a scenario where the wallet only stores a signed hash of what ToS have been accepted, and the auditor makes it mandatory to not depublicize old ToS versions. 
 
 After all, we have to trust the exchange/auditor that they don't break contract regarding our escrowed money, so it seems easy to me that we can trust them to not delete old ToS (or to be punished for doing so) as long we store a hash. 
 
 Cheers, 
 Florian