[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] Exchange Terms of Service

From: Christian Grothoff
Subject: Re: [Taler] Exchange Terms of Service
Date: Sun, 8 Jan 2023 10:07:42 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.6.0

On 1/7/23 20:17, Florian Jung via Taler wrote:
Empty wallet size, almost 2mb
Wallet with some coins, 5.5 mb
This is a small wallet without purchases.

On my Android, an almost pristine wallet with no coins but that has seen an 
exchange takes 200kb of data, while a wallet that was in use for four days 
takes 650kB.

Ok, that seems way more reasonable, of course depending on the 'use'.

Howevery this does not yet account for the 82MB (!!) that the app itself (i.e. 
executable+assets) consumes.

Yes, we're in the process of reducing that dramatically.

I really don't think that storing some 100kB of ToS does any bad here.

For how long? For how many exchanges? In which languages? In which file formats? And ultimately: why? I'm not sure "because I want to study ToS while offline" is truly a plausible thing. Especially since of course the wallet can choose to _cache_ this information. But I'd not require it to _store_ it (in the sense of guaranteed persistence and inclusion in backups). And similarly, a regulated payment service that just changes their public ToS and hopes nobody will call them out?
I don't see it.

OTOH, I also could imagine a scenario where the wallet only stores a signed 
hash of what ToS have been accepted, and the auditor makes it mandatory to not 
depublicize old ToS versions.

After all, we have to trust the exchange/auditor that they don't break contract 
regarding our escrowed money, so it seems easy to me that we can trust them to 
not delete old ToS (or to be punished for doing so) as long we store a hash.

Actually, the current *protocol* goes a step further: the hash is _not_ considered to matter, only the ETag (see HTTP cache control headers)!

The reason is two-fold: (1) we have different formats of the same ToS (TXT, HTML, PDF, ...) and it shouldn't matter how the ToS was rendered as long as the content was the same. So by using the ETag instead of the hash we can tell that these are the same ToS even if the hash does not match due to a format change. Furthermore, (2) there could be editorial changes (like fixing spelling, commas, etc.) that do not warrant requiring users to explicitly re-accept the ToS.

So by keeping the ETag an exchange is actually _allowed_ to make "minor" (from a legal perspective) changes to the ToS without having the wallets ask users to accept the updated ToS. What is considered a "major" change that requires end-users to re-accept is a legal question, not one we can technically anbswer. So it requires a manual answer (by the admin changing the ETag). And yes, you'd expect internal oversight, auditors and regulators to take a keen interest in such changes.

Now, some of this may not apply 100% for local/regional deployments without regulatory oversight, but there I'd again expect that the operators are well-known in the community and that social enforcement at a local/regional level will equally work.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]