[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-docs] branch master updated: more DD23 updates
|
From: |
gnunet |
|
Subject: |
[taler-docs] branch master updated: more DD23 updates |
|
Date: |
Mon, 22 Apr 2024 21:20:56 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository docs.
The following commit(s) were added to refs/heads/master by this push:
new 8076c1f7 more DD23 updates
8076c1f7 is described below
commit 8076c1f79719d2eac5c28afd165deb9ccd988c90
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Mon Apr 22 21:16:17 2024 +0200
more DD23 updates
---
design-documents/023-taler-kyc.rst | 79 +++++++++++++++++++-------------------
1 file changed, 39 insertions(+), 40 deletions(-)
diff --git a/design-documents/023-taler-kyc.rst
b/design-documents/023-taler-kyc.rst
index 6b2629c4..8b9b6054 100644
--- a/design-documents/023-taler-kyc.rst
+++ b/design-documents/023-taler-kyc.rst
@@ -1713,20 +1713,19 @@ on GET ``/deposits/`` with the respective
legitimization requirement row.
CREATE TABLE wire_targets
(wire_target_serial_id BIGSERIAL UNIQUE
- ,h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=64),
- ,target_token BYTEA UNIQUE CHECK (LENGTH(target_token)=32)
- ,target_pub BYTEA CHECK (LENGTH(target_pub)=32)
+ ,wire_target_h_payto BYTEA PRIMARY KEY CHECK
(LENGTH(wire_target_h_payto)=32),
+ ,target_token BYTEA UNIQUE CHECK (LENGTH(target_token)=32) DEFAULT
gen_random_bytes(32)
+ ,target_pub BYTEA CHECK (LENGTH(target_pub)=32) DEFAULT NULL
,payto_uri STRING NOT NULL
- ,PRIMARY KEY (h_payto,target_pub)
)
- PARTITION BY HASH (h_payto);
+ PARTITION BY HASH (wire_target_h_payto);
COMMENT ON TABLE wire_targets
IS 'All recipients of money via the exchange';
COMMENT ON COLUMN wire_targets.h_payto
IS 'Unsalted hash of payto_uri';
COMMENT ON COLUMN wire_targets.target_token
- IS 'high-entropy random value that is used as a token to authorize access
to the KYC process (without requiring a signature by target_priv); NULL if KYC
is not allowed for the account (legacy)';
+ IS 'high-entropy random value that is used as a token to authorize access
to the KYC process (without requiring a signature by target_priv)';
COMMENT ON COLUMN wire_targets.target_pub
IS 'Public key (reserve_pub or merchant_pub) associated with the account;
NULL if KYC is not allowed for the account (if there was no incoming KYC wire
transfer yet); updated, thus NOT available to the auditor';
COMMENT ON COLUMN wire_targets.payto_uri
@@ -1737,36 +1736,36 @@ on GET ``/deposits/`` with the respective
legitimization requirement row.
,target_token BYTEA NOT NULL UNIQUE CHECK (LENGTH(target_token)=32)
REFERENCES wire_targets (target_token)
,start_time INT8 NOT NULL
- ,jmeasures VARCHAR[] NOT NULL
+ ,jmeasures TEXT NOT NULL
,display_priority INT4 NOT NULL
,is_finished BOOL NOT NULL DEFAULT(FALSE)
)
- PARTITION BY HASH (h_payto);
+ PARTITION BY HASH (target_token);
- COMMENT ON COLUMN legitimization_requirements.target_token
+ COMMENT ON COLUMN legitimization_measures.target_token
IS 'Used to uniquely identify the account and as a symmetric access
control mechanism for the SPA';
- COMMENT ON COLUMN legitimization_requirements.start_time
+ COMMENT ON COLUMN legitimization_measures.start_time
IS 'Time when the measure was triggered (by decision or rule)';
- COMMENT ON COLUMN legitimization_requirements.jmeasures
+ COMMENT ON COLUMN legitimization_measures.jmeasures
IS 'JSON object of type LegitimizationMeasures with KYC/AML measures for
the account encoded';
- COMMENT ON COLUMN legitimization_requirements.display_priority
+ COMMENT ON COLUMN legitimization_measures.display_priority
IS 'Display priority of the rule that triggered this measure; if in the
meantime another rule also triggers, the measure is only replaced if the new
rule has a higher display priority';
- COMMENT ON COLUMN legitimization_requirements.is_finished
+ COMMENT ON COLUMN legitimization_measures.is_finished
IS 'Set to TRUE if this set of measures was processed; used to avoid
indexing measures that are done';
CREATE INDEX ON legitimization_measures (target_token)
- WHERE NOT finished;
+ WHERE NOT is_finished;
CREATE TABLE legitimization_outcomes
(outcome_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY
,h_payto BYTEA CHECK (LENGTH(h_payto)=32)
- REFERENCES wire_targets (h_payto)
+ REFERENCES wire_targets (wire_target_h_payto)
,decision_time INT8 NOT NULL DEFAULT(0)
,expiration_time INT8 NOT NULL DEFAULT(0)
,jproperties TEXT,
,to_investigate BOOL NOT NULL
,is_active BOOL NOT NULL DEFAULT(TRUE)
- ,jnew_rules NOT NULL TEXT
+ ,jnew_rules TEXT NOT NULL
)
PARTITION BY HASH (h_payto);
@@ -1777,7 +1776,7 @@ on GET ``/deposits/`` with the respective legitimization
requirement row.
COMMENT ON COLUMN legitimization_outcomes.decision_time
IS 'when was this outcome decided';
COMMENT ON COLUMN legitimization_outcomes.expiration_time
- IS 'time when the decision expires and the expiration new_rules should be
applied';
+ IS 'time when the decision expires and the expiration jnew_rules should be
applied';
COMMENT ON COLUMN legitimization_outcomes.jproperties
IS 'JSON object of type AccountProperties, such as PEP status, business
domain, risk assessment, etc.';
COMMENT ON COLUMN legitimization_outcomes.to_investigate
@@ -1791,15 +1790,15 @@ on GET ``/deposits/`` with the respective
legitimization requirement row.
ON legitimization_outcomes(h_payto)
WHERE is_active;
- CREATE TABLE kyc_setups
- (kyc_setup_serial_id BIGSERIAL UNIQUE
+ CREATE TABLE legitimization_processes
+ (legitimization_process_serial_id BIGSERIAL UNIQUE
,h_payto BYTEA NOT NULL CHECK (LENGTH(h_payto)=64)
- REFERENCES wire_targets (h_payto)
+ REFERENCES wire_targets (wire_target_h_payto)
,start_time INT8 NOT NULL
,expiration_time INT8 NOT NULL DEFAULT (0)
,legitimization_measure_serial_id BIGINT
REFERENCES legitimization_measures (legitimization_measure_serial_id)
- ,measure_index INT8
+ ,measure_index INT4
,provider_section VARCHAR NOT NULL
,provider_user_id VARCHAR DEFAULT NULL
,provider_legitimization_id VARCHAR DEFAULT NULL
@@ -1808,35 +1807,35 @@ on GET ``/deposits/`` with the respective
legitimization requirement row.
)
PARTITION BY HASH (h_payto);
- COMMENT ON TABLE kyc_setups
+ COMMENT ON TABLE legitimization_processes
IS 'here we track KYC processes we initiated with external providers; the
main reason is so that we do not initiate a second process when an equivalent
one is still active; note that h_payto, provider_section, jcontext must match
and the process must not be finished or expired for an existing redirect_url to
be re-used; given that clients may voluntarily initiate KYC processes, there
may not always be a legitimization_measure that triggered the setup';
- COMMENT ON COLUMN kyc_setups.h_payto
+ COMMENT ON COLUMN legitimization_processes.h_payto
IS 'foreign key linking the entry to the wire_targets table, NOT a primary
key (multiple KYC setups are possible per wire target)';
- COMMENT ON COLUMN kyc_setups.start_time
+ COMMENT ON COLUMN legitimization_processes.start_time
IS 'when was the legitimization process initiated';
- COMMENT ON COLUMN kyc_setups.expiration_time
+ COMMENT ON COLUMN legitimization_processes.expiration_time
IS 'when does the process expire (and needs to be manually set up again)';
- COMMENT ON COLUMN kyc_setups.measure_index
+ COMMENT ON COLUMN legitimization_processes.measure_index
IS 'index of the measure in legitimization_measures that was selected for
this KYC setup; NULL if legitimization_measure_serial_id is NULL; enables
determination of the context data provided to the external process';
- COMMENT ON COLUMN kyc_setups.provider_section
+ COMMENT ON COLUMN legitimization_processes.provider_section
IS 'Configuration file section with details about this provider';
- COMMENT ON COLUMN kyc_setups.provider_user_id
+ COMMENT ON COLUMN legitimization_processes.provider_user_id
IS 'Identifier for the user at the provider that was used for the
legitimization. NULL if provider is unaware.';
- COMMENT ON COLUMN kyc_setups.provider_legitimization_id
+ COMMENT ON COLUMN legitimization_processes.provider_legitimization_id
IS 'Identifier for the specific legitimization process at the provider.
NULL if legitimization was not started.';
- COMMENT ON COLUMN kyc_setups.legitimization_measure_serial_id
+ COMMENT ON COLUMN legitimization_processes.legitimization_measure_serial_id
IS 'measure that enabled this setup, NULL if client voluntarily initiated
the process';
- COMMENT ON COLUMN kyc_setups.redirect_url
+ COMMENT ON COLUMN legitimization_processes.redirect_url
IS 'Where the user should be redirected for this external KYC process';
- COMMENT ON COLUMN kyc_setups.finished
+ COMMENT ON COLUMN legitimization_processes.finished
IS 'set to TRUE when the specific legitimization process is finished';
CREATE TABLE kyc_attributes
(kyc_attributes_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY
,h_payto BYTEA PRIMARY KEY CHECK (LENGTH(h_payto)=32)
- REFERENCES wire_targets (h_payto)
- ,kyc_setup_serial_id INT8
- REFERENCES kyc_setups (kyc_setup_serial_id)
+ REFERENCES wire_targets (wire_target_h_payto)
+ ,legitimization_process_serial_id INT8
+ REFERENCES legitimization_processes (legitimization_process_serial_id)
DEFAULT NULL
,collection_time INT8 NOT NULL
,expiration_time INT8 NOT NULL
@@ -1847,8 +1846,8 @@ on GET ``/deposits/`` with the respective legitimization
requirement row.
COMMENT ON COLUMN kyc_attributes.h_payto
IS 'identifies the account this is about';
- COMMENT ON COLUMN kyc_attributes.kyc_setup_serial_id
- IS 'serial ID of the KYC setup that resulted in these attributes, NULL if
the attributes are from a form directly supplied by the account owner';
+ COMMENT ON COLUMN kyc_attributes.legitimization_process_serial_id
+ IS 'serial ID of the legitimization process that resulted in these
attributes, NULL if the attributes are from a form directly supplied by the
account owner via a form';
COMMENT ON COLUMN kyc_attributes.collection_time
IS 'when were these attributes collected';
COMMENT ON COLUMN kyc_attributes.expiration_time
@@ -1862,7 +1861,7 @@ on GET ``/deposits/`` with the respective legitimization
requirement row.
(aml_history_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY
,h_payto BYTEA CHECK (LENGTH(h_payto)=32)
REFERENCES wire_targets (h_payto)
- ,legitimization_outcome INT8 NOT NULL
+ ,outcome_serial_id INT8 NOT NULL
REFERENCES legitimization_outcomes (outcome_serial_id)
,justification TEXT NOT NULL
,decider_pub BYTEA CHECK (LENGTH(decider_pub)=32)
@@ -1870,13 +1869,13 @@ on GET ``/deposits/`` with the respective
legitimization requirement row.
COMMENT ON TABLE aml_history
IS 'Records decisions by AML staff with the respective signature and
free-form justification.';
- COMMENT ON COLUMN aml_history.legitimization_outcome
+ COMMENT ON COLUMN aml_history.outcome_serial_id
IS 'Actual outcome for the account (included in what decider_sig signs
over)';
COMMENT ON COLUMN aml_history.decider_sig
IS 'Signature key of the staff member affirming the AML decision; of type
AML_DECISION';
CREATE TABLE kyc_events
- (event_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY
+ (kyc_event_serial_id BIGINT GENERATED BY DEFAULT AS IDENTITY
,event_timestamp INT8 NOT NULL
,event_type TEXT NOT NULL);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-docs] branch master updated: more DD23 updates,
gnunet <=