taler
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] denomination manipulation

From: Jeff Burdges
Subject: Re: [Taler] denomination manipulation
Date: Thu, 26 Nov 2015 09:14:51 -0500 
On Thu, 2015-11-26 at 08:42 -0500, Jeff Burdges wrote:
> On Thu, 2015-11-26 at 14:24 +0100, Christian Grothoff wrote:
> > As Florian writes, it is entirely the wallet which makes the choice
> > as to which denominations to withdraw. So your basic assumption
> > when
> > starting this thread was that the mint gets to choose, but that is
> > wrong, so your attack does not work.
> 
> In the demo the mint chooses thought, right?  

Also, we're offering the /keys API call under the same domain as other
mint functions, so the mint knows the user's identity when they offer
this information, and they would anyways if they've few customers.

I'd imagine merchants can also be identified when they access /keys, as
they do not usually come from tor exit nodes. 

It's therefore possible to offer different denomination keys to
different users, and offer merchants the union of all denomination key
sets.

Ideally, one should host the different mint API calls on different 1
-hop onion services, thereby forcing customers and merchants to access
the mint over Tor. 

Jeff

Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to
[Prev in Thread] Current Thread [Next in Thread]