[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-exchange] branch master updated: The current recoup API is broken
|
From: |
gnunet |
|
Subject: |
[taler-exchange] branch master updated: The current recoup API is broken. I guess this is another example where "trivial" API changes turn out to have (multiple!) unexpected consequences. |
|
Date: |
Tue, 11 Jan 2022 12:47:58 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
The following commit(s) were added to refs/heads/master by this push:
new e7aeec04 The current recoup API is broken. I guess this is another
example where "trivial" API changes turn out to have (multiple!) unexpected
consequences.
e7aeec04 is described below
commit e7aeec04f4eb52caaa61b1ff9362f6fe0ffe0f2d
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Jan 11 12:47:35 2022 +0100
The current recoup API is broken. I guess this is another example where
"trivial" API changes turn out to have (multiple!) unexpected consequences.
The current "/recoup" API does not have clear idempotency semantics, as
we've discussed on the phone. This is already bad by itself, as it makes it
hard to write down what the API does other than "whatever the implementation
does".
However, it actually breaks correctness in this (admittedly kinda
contrived, but not impossible) case:
Say that we have a coin A obtained via withdrawal and a coin B obtained via
refreshing coin A. Now the denominations of A gets revoked..
The wallet does a recoup of A for EUR:1.
Now the denomination of B also gets revoked. The wallet recoups B
(incidentally also for EUR:1) and now A can be recouped again for EUR:1. But
now the exchange is in a state where it will refuse a legitimate recoup request
for A because the detection for an idempotent request kicks in.
This is IMHO bad API design, and the exchange should simply always recoup
the maximum amount.
Furthermore, we usually follow the principle of "API calls that take up DB
space are paid". With the current recoup API, I can do many tiny recoup
requests which the exchange then has to store, right?
I guess it would not be a big change to remove the "amount" value from the
recoup/recoup-refresh request bodies, right?
- Florian
---
contrib/gana | 2 +-
src/auditor/taler-helper-auditor-coins.c | 5 +-
src/auditor/taler-helper-auditor-reserves.c | 1 -
src/exchange/taler-exchange-httpd_recoup-refresh.c | 19 +--
src/exchange/taler-exchange-httpd_recoup.c | 19 +--
src/exchangedb/exchange-0001.sql | 172 +++++++++------------
src/exchangedb/plugin_exchangedb_postgres.c | 14 +-
src/exchangedb/test_exchangedb.c | 4 -
src/include/taler_crypto_lib.h | 6 -
src/include/taler_exchange_service.h | 4 -
src/include/taler_exchangedb_plugin.h | 4 -
src/include/taler_signatures.h | 6 +-
src/lib/exchange_api_common.c | 2 -
src/lib/exchange_api_recoup.c | 4 -
src/lib/exchange_api_recoup_refresh.c | 4 -
src/testing/testing_api_cmd_recoup.c | 1 -
src/testing/testing_api_cmd_recoup_refresh.c | 1 -
src/util/wallet_signatures.c | 12 --
18 files changed, 89 insertions(+), 191 deletions(-)
diff --git a/contrib/gana b/contrib/gana
index 9b8a7875..b0dd85e8 160000
--- a/contrib/gana
+++ b/contrib/gana
@@ -1 +1 @@
-Subproject commit 9b8a787580307cea5a38359c485d521cd8ece820
+Subproject commit b0dd85e8187f33a1f92dd5eb31082050d333e168
diff --git a/src/auditor/taler-helper-auditor-coins.c
b/src/auditor/taler-helper-auditor-coins.c
index a295a035..3473a828 100644
--- a/src/auditor/taler-helper-auditor-coins.c
+++ b/src/auditor/taler-helper-auditor-coins.c
@@ -1896,7 +1896,7 @@ refund_cb (void *cls,
* @param coin_blind blinding factor used to blind the coin
* @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop
*/
-static int
+static enum GNUNET_GenericReturnValue
check_recoup (struct CoinContext *cc,
const char *operation,
uint64_t rowid,
@@ -1962,7 +1962,6 @@ check_recoup (struct CoinContext *cc,
if (GNUNET_OK !=
TALER_wallet_recoup_verify (&coin->denom_pub_hash,
coin_blind,
- amount,
&coin->coin_pub,
coin_sig))
{
@@ -2084,7 +2083,7 @@ recoup_cb (void *cls,
* @param coin_blind blinding factor used to blind the coin
* @return #GNUNET_OK to continue to iterate, #GNUNET_SYSERR to stop
*/
-static int
+static enum GNUNET_GenericReturnValue
recoup_refresh_cb (void *cls,
uint64_t rowid,
struct GNUNET_TIME_Timestamp timestamp,
diff --git a/src/auditor/taler-helper-auditor-reserves.c
b/src/auditor/taler-helper-auditor-reserves.c
index b6b969fe..61019318 100644
--- a/src/auditor/taler-helper-auditor-reserves.c
+++ b/src/auditor/taler-helper-auditor-reserves.c
@@ -714,7 +714,6 @@ handle_recoup_by_reserve (
if (GNUNET_OK !=
TALER_wallet_recoup_verify (&coin->denom_pub_hash,
coin_blind,
- amount,
&coin->coin_pub,
coin_sig))
{
diff --git a/src/exchange/taler-exchange-httpd_recoup-refresh.c
b/src/exchange/taler-exchange-httpd_recoup-refresh.c
index acadc999..78a454c8 100644
--- a/src/exchange/taler-exchange-httpd_recoup-refresh.c
+++ b/src/exchange/taler-exchange-httpd_recoup-refresh.c
@@ -62,11 +62,6 @@ struct RecoupContext
*/
const struct TALER_CoinSpendSignatureP *coin_sig;
- /**
- * The amount requested to be recouped.
- */
- const struct TALER_Amount *requested_amount;
-
/**
* Unique ID of the coin in the known_coins table.
*/
@@ -118,7 +113,6 @@ recoup_refresh_transaction (void *cls,
qs = TEH_plugin->do_recoup_refresh (TEH_plugin->cls,
&pc->old_coin_pub,
pc->rrc_serial,
- pc->requested_amount,
pc->coin_bks,
&pc->coin->coin_pub,
pc->known_coin_id,
@@ -170,7 +164,6 @@ recoup_refresh_transaction (void *cls,
* @param coin information about the coin
* @param coin_bks blinding data of the coin (to be checked)
* @param coin_sig signature of the coin
- * @param requested_amount requested amount to be recouped
* @return MHD result code
*/
static MHD_RESULT
@@ -178,8 +171,7 @@ verify_and_execute_recoup_refresh (
struct MHD_Connection *connection,
const struct TALER_CoinPublicInfo *coin,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_CoinSpendSignatureP *coin_sig,
- const struct TALER_Amount *requested_amount)
+ const struct TALER_CoinSpendSignatureP *coin_sig)
{
struct RecoupContext pc;
const struct TEH_DenominationKey *dk;
@@ -237,7 +229,6 @@ verify_and_execute_recoup_refresh (
if (GNUNET_OK !=
TALER_wallet_recoup_refresh_verify (&coin->denom_pub_hash,
coin_bks,
- requested_amount,
&coin->coin_pub,
coin_sig))
{
@@ -279,7 +270,6 @@ verify_and_execute_recoup_refresh (
pc.coin_sig = coin_sig;
pc.coin_bks = coin_bks;
pc.coin = coin;
- pc.requested_amount = requested_amount;
{
MHD_RESULT mhd_ret = MHD_NO;
@@ -367,7 +357,6 @@ TEH_handler_recoup_refresh (struct MHD_Connection
*connection,
struct TALER_CoinPublicInfo coin;
union TALER_DenominationBlindingKeyP coin_bks;
struct TALER_CoinSpendSignatureP coin_sig;
- struct TALER_Amount amount;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
&coin.denom_pub_hash),
@@ -377,9 +366,6 @@ TEH_handler_recoup_refresh (struct MHD_Connection
*connection,
&coin_bks),
GNUNET_JSON_spec_fixed_auto ("coin_sig",
&coin_sig),
- TALER_JSON_spec_amount ("amount",
- TEH_currency,
- &amount),
GNUNET_JSON_spec_end ()
};
@@ -400,8 +386,7 @@ TEH_handler_recoup_refresh (struct MHD_Connection
*connection,
res = verify_and_execute_recoup_refresh (connection,
&coin,
&coin_bks,
- &coin_sig,
- &amount);
+ &coin_sig);
GNUNET_JSON_parse_free (spec);
return res;
}
diff --git a/src/exchange/taler-exchange-httpd_recoup.c
b/src/exchange/taler-exchange-httpd_recoup.c
index 28e81f9e..0deaa8bb 100644
--- a/src/exchange/taler-exchange-httpd_recoup.c
+++ b/src/exchange/taler-exchange-httpd_recoup.c
@@ -65,11 +65,6 @@ struct RecoupContext
*/
const struct TALER_CoinSpendSignatureP *coin_sig;
- /**
- * The amount requested to be recouped.
- */
- const struct TALER_Amount *requested_amount;
-
/**
* Unique ID of the withdraw operation in the reserves_out table.
*/
@@ -121,7 +116,6 @@ recoup_transaction (void *cls,
qs = TEH_plugin->do_recoup (TEH_plugin->cls,
&pc->reserve_pub,
pc->reserve_out_serial_id,
- pc->requested_amount,
pc->coin_bks,
&pc->coin->coin_pub,
pc->known_coin_id,
@@ -173,7 +167,6 @@ recoup_transaction (void *cls,
* @param coin information about the coin
* @param coin_bks blinding data of the coin (to be checked)
* @param coin_sig signature of the coin
- * @param requested_amount requested amount to be recouped
* @return MHD result code
*/
static MHD_RESULT
@@ -181,8 +174,7 @@ verify_and_execute_recoup (
struct MHD_Connection *connection,
const struct TALER_CoinPublicInfo *coin,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_CoinSpendSignatureP *coin_sig,
- const struct TALER_Amount *requested_amount)
+ const struct TALER_CoinSpendSignatureP *coin_sig)
{
struct RecoupContext pc;
const struct TEH_DenominationKey *dk;
@@ -239,7 +231,6 @@ verify_and_execute_recoup (
if (GNUNET_OK !=
TALER_wallet_recoup_verify (&coin->denom_pub_hash,
coin_bks,
- requested_amount,
&coin->coin_pub,
coin_sig))
{
@@ -281,7 +272,6 @@ verify_and_execute_recoup (
pc.coin_sig = coin_sig;
pc.coin_bks = coin_bks;
pc.coin = coin;
- pc.requested_amount = requested_amount;
{
MHD_RESULT mhd_ret = MHD_NO;
@@ -369,7 +359,6 @@ TEH_handler_recoup (struct MHD_Connection *connection,
struct TALER_CoinPublicInfo coin;
union TALER_DenominationBlindingKeyP coin_bks;
struct TALER_CoinSpendSignatureP coin_sig;
- struct TALER_Amount amount;
struct GNUNET_JSON_Specification spec[] = {
GNUNET_JSON_spec_fixed_auto ("denom_pub_hash",
&coin.denom_pub_hash),
@@ -379,9 +368,6 @@ TEH_handler_recoup (struct MHD_Connection *connection,
&coin_bks),
GNUNET_JSON_spec_fixed_auto ("coin_sig",
&coin_sig),
- TALER_JSON_spec_amount ("amount",
- TEH_currency,
- &amount),
GNUNET_JSON_spec_end ()
};
@@ -402,8 +388,7 @@ TEH_handler_recoup (struct MHD_Connection *connection,
res = verify_and_execute_recoup (connection,
&coin,
&coin_bks,
- &coin_sig,
- &amount);
+ &coin_sig);
GNUNET_JSON_parse_free (spec);
return res;
}
diff --git a/src/exchangedb/exchange-0001.sql b/src/exchangedb/exchange-0001.sql
index c1665b3b..51fd26ec 100644
--- a/src/exchangedb/exchange-0001.sql
+++ b/src/exchangedb/exchange-0001.sql
@@ -1508,8 +1508,6 @@ END $$;
CREATE OR REPLACE FUNCTION exchange_do_recoup_to_reserve(
IN in_reserve_pub BYTEA,
IN in_reserve_out_serial_id INT8,
- IN in_amount_val INT8,
- IN in_amount_frac INT4,
IN in_coin_blind BYTEA,
IN in_coin_pub BYTEA,
IN in_known_coin_id INT8,
@@ -1523,76 +1521,71 @@ CREATE OR REPLACE FUNCTION
exchange_do_recoup_to_reserve(
LANGUAGE plpgsql
AS $$
DECLARE
- tmp_val INT8; -- previous amount recouped
+ tmp_val INT8; -- amount recouped
DECLARE
- tmp_frac INT8; -- previous amount recouped
+ tmp_frac INT8; -- amount recouped
BEGIN
-- Shards: SELECT known_coins (by coin_pub)
-- SELECT recoup (by known_coin_id)
+-- UPDATE known_coins (by coin_pub)
-- UPDATE reserves (by reserve_pub)
-- INSERT recoup (by known_coin_id)
out_internal_failure=FALSE;
--- Check and update balance of the coin.
-UPDATE known_coins
- SET
- remaining_frac=remaining_frac-in_amount_frac
- + CASE
- WHEN remaining_frac < in_amount_frac
- THEN 100000000
- ELSE 0
- END,
- remaining_val=remaining_val-in_amount_val
- - CASE
- WHEN remaining_frac < in_amount_frac
- THEN 1
- ELSE 0
- END
- WHERE coin_pub=in_coin_pub
- AND ( (remaining_val > in_amount_val) OR
- ( (remaining_frac >= in_amount_frac) AND
- (remaining_val >= in_amount_val) ) );
+
+-- Check remaining balance of the coin.
+SELECT
+ remaining_frac
+ ,remaining_val
+ INTO
+ tmp_frac
+ ,tmp_val
+FROM known_coins
+ WHERE coin_pub=in_coin_pub;
IF NOT FOUND
THEN
- -- Check if we already recouped this coin before!
+ out_internal_failure=TRUE;
+ out_recoup_ok=FALSE;
+ RETURN;
+END IF;
+
+IF tmp_val + tmp_frac = 0
+THEN
+ -- Check for idempotency
SELECT
- amount_val
- ,amount_frac
- ,recoup_timestamp
- INTO
- tmp_val
- ,tmp_frac
- ,out_recoup_timestamp
+ recoup_timestamp
+ INTO
+ out_recoup_timestamp
FROM recoup
WHERE known_coin_id=in_known_coin_id;
- IF FOUND
- THEN
- -- Idempotent request, all OK!
- out_recoup_ok= (tmp_val = in_amount_val) AND
- (tmp_frac = in_amount_frac);
- RETURN;
- END IF;
-
- out_recoup_ok=FALSE;
+ out_recoup_ok=FOUND;
RETURN;
END IF;
+-- Update balance of the coin.
+UPDATE known_coins
+ SET
+ remaining_frac=0
+ ,remaining_val=0
+ WHERE coin_pub=in_coin_pub;
+
+
-- Credit the reserve and update reserve timers.
UPDATE reserves
SET
- current_balance_frac=current_balance_frac+in_amount_frac
+ current_balance_frac=current_balance_frac+tmp_frac
- CASE
- WHEN current_balance_frac+in_amount_frac >= 100000000
+ WHEN current_balance_frac+tmp_frac >= 100000000
THEN 100000000
ELSE 0
END,
- current_balance_val=current_balance_val+in_amount_val
+ current_balance_val=current_balance_val+tmp_val
+ CASE
- WHEN current_balance_frac+in_amount_frac >= 100000000
+ WHEN current_balance_frac+tmp_frac >= 100000000
THEN 1
ELSE 0
END,
@@ -1604,7 +1597,7 @@ UPDATE reserves
IF NOT FOUND
THEN
RAISE NOTICE 'failed to increase reserve balance from recoup';
- out_recoup_ok=FALSE;
+ out_recoup_ok=TRUE;
out_internal_failure=TRUE;
RETURN;
END IF;
@@ -1623,8 +1616,8 @@ VALUES
(in_known_coin_id
,in_coin_sig
,in_coin_blind
- ,in_amount_val
- ,in_amount_frac
+ ,tmp_val
+ ,tmp_frac
,in_recoup_timestamp
,in_reserve_out_serial_id);
@@ -1645,8 +1638,6 @@ END $$;
CREATE OR REPLACE FUNCTION exchange_do_recoup_to_coin(
IN in_old_coin_pub BYTEA,
IN in_rrc_serial INT8,
- IN in_amount_val INT8,
- IN in_amount_frac INT4,
IN in_coin_blind BYTEA,
IN in_coin_pub BYTEA,
IN in_known_coin_id INT8,
@@ -1658,9 +1649,9 @@ CREATE OR REPLACE FUNCTION exchange_do_recoup_to_coin(
LANGUAGE plpgsql
AS $$
DECLARE
- tmp_val INT8; -- previous amount recouped
+ tmp_val INT8; -- amount recouped
DECLARE
- tmp_frac INT8; -- previous amount recouped
+ tmp_frac INT8; -- amount recouped
BEGIN
-- Shards: UPDATE known_coins (by coin_pub)
@@ -1671,66 +1662,57 @@ BEGIN
out_internal_failure=FALSE;
--- Check and update balance of the coin.
-UPDATE known_coins
- SET
- remaining_frac=remaining_frac-in_amount_frac
- + CASE
- WHEN remaining_frac < in_amount_frac
- THEN 100000000
- ELSE 0
- END,
- remaining_val=remaining_val-in_amount_val
- - CASE
- WHEN remaining_frac < in_amount_frac
- THEN 1
- ELSE 0
- END
- WHERE coin_pub=in_coin_pub
- AND ( (remaining_val > in_amount_val) OR
- ( (remaining_frac >= in_amount_frac) AND
- (remaining_val >= in_amount_val) ) );
+
+-- Check remaining balance of the coin.
+SELECT
+ remaining_frac
+ ,remaining_val
+ INTO
+ tmp_frac
+ ,tmp_val
+FROM known_coins
+ WHERE coin_pub=in_coin_pub;
IF NOT FOUND
THEN
- -- Check if we already recouped this coin before!
+ out_internal_failure=TRUE;
+ out_recoup_ok=FALSE;
+ RETURN;
+END IF;
+
+IF tmp_val + tmp_frac = 0
+THEN
+ -- Check for idempotency
SELECT
- amount_val
- ,amount_frac
- ,recoup_timestamp
+ recoup_timestamp
INTO
- tmp_val
- ,tmp_frac
- ,out_recoup_timestamp
+ out_recoup_timestamp
FROM recoup_refresh
WHERE known_coin_id=in_known_coin_id;
-
- IF FOUND
- THEN
- -- Idempotent request, all OK!
- out_recoup_ok= (tmp_val = in_amount_val) AND
- (tmp_frac = in_amount_frac);
- RETURN;
- END IF;
-
- -- Insufficient balance, not idempotent.
- out_recoup_ok=FALSE;
+ out_recoup_ok=FOUND;
RETURN;
END IF;
+-- Update balance of the coin.
+UPDATE known_coins
+ SET
+ remaining_frac=0
+ ,remaining_val=0
+ WHERE coin_pub=in_coin_pub;
+
-- Credit the old coin.
UPDATE known_coins
SET
- remaining_frac=remaining_frac+in_amount_frac
+ remaining_frac=remaining_frac+tmp_frac
- CASE
- WHEN remaining_frac+in_amount_frac >= 100000000
+ WHEN remaining_frac+tmp_frac >= 100000000
THEN 100000000
ELSE 0
END,
- remaining_val=remaining_val+in_amount_val
+ remaining_val=remaining_val+tmp_val
+ CASE
- WHEN remaining_frac+in_amount_frac >= 100000000
+ WHEN remaining_frac+tmp_frac >= 100000000
THEN 1
ELSE 0
END
@@ -1740,7 +1722,7 @@ UPDATE known_coins
IF NOT FOUND
THEN
RAISE NOTICE 'failed to increase old coin balance from recoup';
- out_recoup_ok=FALSE;
+ out_recoup_ok=TRUE;
out_internal_failure=TRUE;
RETURN;
END IF;
@@ -1759,8 +1741,8 @@ VALUES
(in_known_coin_id
,in_coin_sig
,in_coin_blind
- ,in_amount_val
- ,in_amount_frac
+ ,tmp_val
+ ,tmp_frac
,in_recoup_timestamp
,in_rrc_serial);
diff --git a/src/exchangedb/plugin_exchangedb_postgres.c
b/src/exchangedb/plugin_exchangedb_postgres.c
index fc90f37a..a0bc14d5 100644
--- a/src/exchangedb/plugin_exchangedb_postgres.c
+++ b/src/exchangedb/plugin_exchangedb_postgres.c
@@ -636,8 +636,8 @@ prepare_statements (struct PostgresClosure *pg)
",out_recoup_ok AS recoup_ok"
",out_internal_failure AS internal_failure"
" FROM exchange_do_recoup_to_reserve"
- " ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11);",
- 11),
+ " ($1,$2,$3,$4,$5,$6,$7,$8,$9);",
+ 9),
/* Used in #postgres_do_recoup_refresh() to recoup a coin to a zombie
coin. */
GNUNET_PQ_make_prepare (
"call_recoup_refresh",
@@ -646,8 +646,8 @@ prepare_statements (struct PostgresClosure *pg)
",out_recoup_ok AS recoup_ok"
",out_internal_failure AS internal_failure"
" FROM exchange_do_recoup_to_coin"
- " ($1,$2,$3,$4,$5,$6,$7,$8,$9);",
- 9),
+ " ($1,$2,$3,$4,$5,$6,$7);",
+ 7),
/* Used in #postgres_get_withdraw_info() to
locate the response for a /reserve/withdraw request
using the hash of the blinded message. Used to
@@ -4674,7 +4674,6 @@ postgres_do_refund (
* @param cls the `struct PostgresClosure` with the plugin-specific state
* @param reserve_pub public key of the reserve to credit
* @param reserve_out_serial_id row in the reserves_out table justifying the
recoup
- * @param requested_amount the amount to be recouped
* @param coin_bks coin blinding key secret to persist
* @param coin_pub public key of the coin being recouped
* @param known_coin_id row of the @a coin_pub in the known_coins table
@@ -4689,7 +4688,6 @@ postgres_do_recoup (
void *cls,
const struct TALER_ReservePublicKeyP *reserve_pub,
uint64_t reserve_out_serial_id,
- const struct TALER_Amount *requested_amount,
const union TALER_DenominationBlindingKeyP *coin_bks,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
uint64_t known_coin_id,
@@ -4706,7 +4704,6 @@ postgres_do_recoup (
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (reserve_pub),
GNUNET_PQ_query_param_uint64 (&reserve_out_serial_id),
- TALER_PQ_query_param_amount (requested_amount),
GNUNET_PQ_query_param_auto_from_type (coin_bks),
GNUNET_PQ_query_param_auto_from_type (coin_pub),
GNUNET_PQ_query_param_uint64 (&known_coin_id),
@@ -4743,7 +4740,6 @@ postgres_do_recoup (
* @param cls the `struct PostgresClosure` with the plugin-specific state
* @param old_coin_pub public key of the old coin to credit
* @param rrc_serial row in the refresh_revealed_coins table justifying the
recoup-refresh
- * @param requested_amount the amount to be recouped
* @param coin_bks coin blinding key secret to persist
* @param coin_pub public key of the coin being recouped
* @param known_coin_id row of the @a coin_pub in the known_coins table
@@ -4758,7 +4754,6 @@ postgres_do_recoup_refresh (
void *cls,
const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
uint64_t rrc_serial,
- const struct TALER_Amount *requested_amount,
const union TALER_DenominationBlindingKeyP *coin_bks,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
uint64_t known_coin_id,
@@ -4771,7 +4766,6 @@ postgres_do_recoup_refresh (
struct GNUNET_PQ_QueryParam params[] = {
GNUNET_PQ_query_param_auto_from_type (old_coin_pub),
GNUNET_PQ_query_param_uint64 (&rrc_serial),
- TALER_PQ_query_param_amount (requested_amount),
GNUNET_PQ_query_param_auto_from_type (coin_bks),
GNUNET_PQ_query_param_auto_from_type (coin_pub),
GNUNET_PQ_query_param_uint64 (&known_coin_id),
diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c
index a0c648b2..6724e7b4 100644
--- a/src/exchangedb/test_exchangedb.c
+++ b/src/exchangedb/test_exchangedb.c
@@ -1766,7 +1766,6 @@ run (void *cls)
plugin->do_recoup_refresh (plugin->cls,
&deposit.coin.coin_pub,
rrc_serial,
- &value,
&coin_bks,
&new_coin.coin_pub,
new_known_coin_id,
@@ -1786,7 +1785,6 @@ run (void *cls)
struct TALER_EXCHANGEDB_KycStatus kyc;
bool recoup_ok;
bool internal_failure;
- struct TALER_Amount requested_amount;
struct GNUNET_TIME_Timestamp recoup_timestamp
= GNUNET_TIME_timestamp_get ();
@@ -1795,13 +1793,11 @@ run (void *cls)
plugin->reserves_get (plugin->cls,
&pre_reserve,
&kyc));
- requested_amount = value;
FAILIF (! TALER_amount_is_zero (&pre_reserve.balance));
FAILIF (GNUNET_DB_STATUS_SUCCESS_ONE_RESULT !=
plugin->do_recoup (plugin->cls,
&reserve_pub,
reserve_out_serial_id,
- &requested_amount,
&coin_blind,
&deposit.coin.coin_pub,
known_coin_id,
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h
index e608effa..f1fa0285 100644
--- a/src/include/taler_crypto_lib.h
+++ b/src/include/taler_crypto_lib.h
@@ -1839,7 +1839,6 @@ TALER_wallet_link_sign (const struct
TALER_DenominationHash *h_denom_pub,
*
* @param h_denom_pub hash of the denomiantion public key of the coin
* @param coin_bks blinding factor used when withdrawing the coin
- * @param requested_amount amount that is left to be recouped
* @param coin_pub coin key of the coin to be recouped
* @param coin_sig resulting signature
* @return #GNUNET_OK if the signature is valid
@@ -1848,7 +1847,6 @@ enum GNUNET_GenericReturnValue
TALER_wallet_recoup_verify (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig);
@@ -1866,7 +1864,6 @@ void
TALER_wallet_recoup_sign (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig);
@@ -1876,7 +1873,6 @@ TALER_wallet_recoup_sign (
*
* @param h_denom_pub hash of the denomiantion public key of the coin
* @param coin_bks blinding factor used when withdrawing the coin
- * @param requested_amount amount that is left to be recouped
* @param coin_pub coin key of the coin to be recouped
* @param coin_sig resulting signature
* @return #GNUNET_OK if the signature is valid
@@ -1885,7 +1881,6 @@ enum GNUNET_GenericReturnValue
TALER_wallet_recoup_refresh_verify (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig);
@@ -1903,7 +1898,6 @@ void
TALER_wallet_recoup_refresh_sign (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig);
diff --git a/src/include/taler_exchange_service.h
b/src/include/taler_exchange_service.h
index 6976293c..7fb5b4ec 100644
--- a/src/include/taler_exchange_service.h
+++ b/src/include/taler_exchange_service.h
@@ -2035,7 +2035,6 @@ typedef void
* @param pk kind of coin to pay back
* @param denom_sig signature over the coin by the exchange using @a pk
* @param ps secret internals of the original planchet
- * @param amount value remaining on the coin that is being recouped
* @param recoup_cb the callback to call when the final result for this
request is available
* @param recoup_cb_cls closure for @a recoup_cb
* @return NULL
@@ -2047,7 +2046,6 @@ TALER_EXCHANGE_recoup (struct TALER_EXCHANGE_Handle
*exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_DenominationSignature *denom_sig,
const struct TALER_PlanchetSecretsP *ps,
- const struct TALER_Amount *amount,
TALER_EXCHANGE_RecoupResultCallback recoup_cb,
void *recoup_cb_cls);
@@ -2097,7 +2095,6 @@ typedef void
* @param pk kind of coin to pay back
* @param denom_sig signature over the coin by the exchange using @a pk
* @param ps secret internals of the original planchet
- * @param amount value remaining on the coin that is being recouped
* @param recoup_cb the callback to call when the final result for this
request is available
* @param recoup_cb_cls closure for @a recoup_cb
* @return NULL
@@ -2110,7 +2107,6 @@ TALER_EXCHANGE_recoup_refresh (
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_DenominationSignature *denom_sig,
const struct TALER_PlanchetSecretsP *ps,
- const struct TALER_Amount *amount,
TALER_EXCHANGE_RecoupRefreshResultCallback recoup_cb,
void *recoup_cb_cls);
diff --git a/src/include/taler_exchangedb_plugin.h
b/src/include/taler_exchangedb_plugin.h
index 4aa80b67..5eb168e1 100644
--- a/src/include/taler_exchangedb_plugin.h
+++ b/src/include/taler_exchangedb_plugin.h
@@ -2596,7 +2596,6 @@ struct TALER_EXCHANGEDB_Plugin
* @param cls the `struct PostgresClosure` with the plugin-specific state
* @param reserve_pub public key of the reserve to credit
* @param reserve_out_serial_id row in the reserves_out table justifying the
recoup
- * @param requested_amount the amount to be recouped
* @param coin_bks coin blinding key secret to persist
* @param coin_pub public key of the coin being recouped
* @param known_coin_id row of the @a coin_pub in the known_coins table
@@ -2611,7 +2610,6 @@ struct TALER_EXCHANGEDB_Plugin
void *cls,
const struct TALER_ReservePublicKeyP *reserve_pub,
uint64_t reserve_out_serial_id,
- const struct TALER_Amount *requested_amount,
const union TALER_DenominationBlindingKeyP *coin_bks,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
uint64_t known_coin_id,
@@ -2628,7 +2626,6 @@ struct TALER_EXCHANGEDB_Plugin
* @param cls the `struct PostgresClosure` with the plugin-specific state
* @param old_coin_pub public key of the old coin to credit
* @param rrc_serial row in the refresh_revealed_coins table justifying the
recoup-refresh
- * @param requested_amount the amount to be recouped
* @param coin_bks coin blinding key secret to persist
* @param coin_pub public key of the coin being recouped
* @param known_coin_id row of the @a coin_pub in the known_coins table
@@ -2643,7 +2640,6 @@ struct TALER_EXCHANGEDB_Plugin
void *cls,
const struct TALER_CoinSpendPublicKeyP *old_coin_pub,
uint64_t rrc_serial,
- const struct TALER_Amount *requested_amount,
const union TALER_DenominationBlindingKeyP *coin_bks,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
uint64_t known_coin_id,
diff --git a/src/include/taler_signatures.h b/src/include/taler_signatures.h
index 947c7e83..3ad1121c 100644
--- a/src/include/taler_signatures.h
+++ b/src/include/taler_signatures.h
@@ -1507,6 +1507,7 @@ struct TALER_RecoupRequestPS
{
/**
* Purpose is #TALER_SIGNATURE_WALLET_COIN_RECOUP
+ * or #TALER_SIGNATURE_WALLET_COIN_RECOUP_REFRESH.
*/
struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
@@ -1520,11 +1521,6 @@ struct TALER_RecoupRequestPS
*/
union TALER_DenominationBlindingKeyP coin_blind;
- /**
- * How much of the coin's value will be recouped?
- */
- struct TALER_AmountNBO recoup_amount;
-
};
diff --git a/src/lib/exchange_api_common.c b/src/lib/exchange_api_common.c
index 7a719461..399eb280 100644
--- a/src/lib/exchange_api_common.c
+++ b/src/lib/exchange_api_common.c
@@ -726,7 +726,6 @@ TALER_EXCHANGE_verify_coin_history (
if (GNUNET_OK !=
TALER_wallet_recoup_verify (h_denom_pub,
&coin_bks,
- &recoup_amount,
coin_pub,
&coin_sig))
{
@@ -796,7 +795,6 @@ TALER_EXCHANGE_verify_coin_history (
if (GNUNET_OK !=
TALER_wallet_recoup_verify (h_denom_pub,
&coin_bks,
- &recoup_amount,
coin_pub,
&coin_sig))
{
diff --git a/src/lib/exchange_api_recoup.c b/src/lib/exchange_api_recoup.c
index 63e6480c..10f74ce6 100644
--- a/src/lib/exchange_api_recoup.c
+++ b/src/lib/exchange_api_recoup.c
@@ -285,7 +285,6 @@ TALER_EXCHANGE_recoup (struct TALER_EXCHANGE_Handle
*exchange,
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_DenominationSignature *denom_sig,
const struct TALER_PlanchetSecretsP *ps,
- const struct TALER_Amount *amount,
TALER_EXCHANGE_RecoupResultCallback recoup_cb,
void *recoup_cb_cls)
{
@@ -306,7 +305,6 @@ TALER_EXCHANGE_recoup (struct TALER_EXCHANGE_Handle
*exchange,
&h_denom_pub);
TALER_wallet_recoup_sign (&h_denom_pub,
&ps->blinding_key,
- amount,
&ps->coin_priv,
&coin_sig);
recoup_obj = GNUNET_JSON_PACK (
@@ -314,8 +312,6 @@ TALER_EXCHANGE_recoup (struct TALER_EXCHANGE_Handle
*exchange,
&h_denom_pub),
TALER_JSON_pack_denom_sig ("denom_sig",
denom_sig),
- TALER_JSON_pack_amount ("amount",
- amount),
GNUNET_JSON_pack_data_auto ("coin_sig",
&coin_sig),
GNUNET_JSON_pack_data_auto ("coin_blind_key_secret",
diff --git a/src/lib/exchange_api_recoup_refresh.c
b/src/lib/exchange_api_recoup_refresh.c
index 31a1859b..03f75664 100644
--- a/src/lib/exchange_api_recoup_refresh.c
+++ b/src/lib/exchange_api_recoup_refresh.c
@@ -287,7 +287,6 @@ TALER_EXCHANGE_recoup_refresh (
const struct TALER_EXCHANGE_DenomPublicKey *pk,
const struct TALER_DenominationSignature *denom_sig,
const struct TALER_PlanchetSecretsP *ps,
- const struct TALER_Amount *amount,
TALER_EXCHANGE_RecoupRefreshResultCallback recoup_cb,
void *recoup_cb_cls)
{
@@ -308,7 +307,6 @@ TALER_EXCHANGE_recoup_refresh (
&h_denom_pub);
TALER_wallet_recoup_refresh_sign (&h_denom_pub,
&ps->blinding_key,
- amount,
&ps->coin_priv,
&coin_sig);
recoup_obj = GNUNET_JSON_PACK (
@@ -316,8 +314,6 @@ TALER_EXCHANGE_recoup_refresh (
&h_denom_pub),
TALER_JSON_pack_denom_sig ("denom_sig",
denom_sig),
- TALER_JSON_pack_amount ("amount",
- amount),
GNUNET_JSON_pack_data_auto ("coin_sig",
&coin_sig),
GNUNET_JSON_pack_data_auto ("coin_blind_key_secret",
diff --git a/src/testing/testing_api_cmd_recoup.c
b/src/testing/testing_api_cmd_recoup.c
index 6290f255..7bd47737 100644
--- a/src/testing/testing_api_cmd_recoup.c
+++ b/src/testing/testing_api_cmd_recoup.c
@@ -318,7 +318,6 @@ recoup_run (void *cls,
denom_pub,
coin_sig,
&planchet,
- &ps->reserve_history.amount,
&recoup_cb,
ps);
GNUNET_assert (NULL != ps->ph);
diff --git a/src/testing/testing_api_cmd_recoup_refresh.c
b/src/testing/testing_api_cmd_recoup_refresh.c
index bf265cba..9287cdf3 100644
--- a/src/testing/testing_api_cmd_recoup_refresh.c
+++ b/src/testing/testing_api_cmd_recoup_refresh.c
@@ -309,7 +309,6 @@ recoup_refresh_run (void *cls,
denom_pub,
coin_sig,
&planchet,
- &ps->amount,
recoup_refresh_cb,
ps);
GNUNET_assert (NULL != ps->ph);
diff --git a/src/util/wallet_signatures.c b/src/util/wallet_signatures.c
index c46dd670..bc4903e0 100644
--- a/src/util/wallet_signatures.c
+++ b/src/util/wallet_signatures.c
@@ -157,7 +157,6 @@ enum GNUNET_GenericReturnValue
TALER_wallet_recoup_verify (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -168,8 +167,6 @@ TALER_wallet_recoup_verify (
.coin_blind = *coin_bks
};
- TALER_amount_hton (&pr.recoup_amount,
- requested_amount);
return GNUNET_CRYPTO_eddsa_verify (TALER_SIGNATURE_WALLET_COIN_RECOUP,
&pr,
&coin_sig->eddsa_signature,
@@ -181,7 +178,6 @@ void
TALER_wallet_recoup_sign (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -192,8 +188,6 @@ TALER_wallet_recoup_sign (
.coin_blind = *coin_bks
};
- TALER_amount_hton (&pr.recoup_amount,
- requested_amount);
GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
&pr,
&coin_sig->eddsa_signature);
@@ -204,7 +198,6 @@ enum GNUNET_GenericReturnValue
TALER_wallet_recoup_refresh_verify (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPublicKeyP *coin_pub,
const struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -215,8 +208,6 @@ TALER_wallet_recoup_refresh_verify (
.coin_blind = *coin_bks
};
- TALER_amount_hton (&pr.recoup_amount,
- requested_amount);
return GNUNET_CRYPTO_eddsa_verify
(TALER_SIGNATURE_WALLET_COIN_RECOUP_REFRESH,
&pr,
&coin_sig->eddsa_signature,
@@ -228,7 +219,6 @@ void
TALER_wallet_recoup_refresh_sign (
const struct TALER_DenominationHash *h_denom_pub,
const union TALER_DenominationBlindingKeyP *coin_bks,
- const struct TALER_Amount *requested_amount,
const struct TALER_CoinSpendPrivateKeyP *coin_priv,
struct TALER_CoinSpendSignatureP *coin_sig)
{
@@ -239,8 +229,6 @@ TALER_wallet_recoup_refresh_sign (
.coin_blind = *coin_bks
};
- TALER_amount_hton (&pr.recoup_amount,
- requested_amount);
GNUNET_CRYPTO_eddsa_sign (&coin_priv->eddsa_priv,
&pr,
&coin_sig->eddsa_signature);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-exchange] branch master updated: The current recoup API is broken. I guess this is another example where "trivial" API changes turn out to have (multiple!) unexpected consequences.,
gnunet <=