| | 94 | |
| | 95 | #6 Wallet to Wallet |
| | 96 | |
| | 97 | Wallet S - sends a coin |
| | 98 | Wallet R - receives the coin |
| | 99 | |
| | 100 | * (Wallet S locates Wallet R) |
| | 101 | (S knows how much to send) |
| | 102 | |
| | 103 | * S tells Wallet S what sum to send to Wallet R |
| | 104 | |
| | 105 | * Wallet S needs to compute a splitting of sum into coins (units) |
| | 106 | |
| | 107 | * Wallet S sends blanks of coins (without signature!) to Wallet R |
| | 108 | (Wallet S now needs to wait a while) |
| | 109 | |
| | 110 | * Wallet R validates the blanks |
| | 111 | - do we have the "currency description document" |
| | 112 | - do we trust the issuer (do we have a valid public key) |
| | 113 | - checks blanks against cdd |
| | 114 | |
| | 115 | * If blanks are invalid, the transfer is declined by Wallet R |
| | 116 | (later: cdd transfer between wallets) |
| | 117 | |
| | 118 | * Wallet R shows proposed transfer to user R |
| | 119 | |
| | 120 | * user R decides whether to |
| | 121 | - accept transfer |
| | 122 | - accept transfer without double spending checking |
| | 123 | - decline transfer |
| | 124 | |
| | 125 | |
| | 126 | if dsdb is reuired (normal case): |
| | 127 | |
| | 128 | * Wallet R prepares for coin exchange with IS, by creating blanks of same sum (see #3) |
| | 129 | |
| | 130 | * Wallet R DSDB lookup |
| | 131 | - parse cdd for issuer service location |
| | 132 | - parse blanks for necessary minting key ids |
| | 133 | - start session with authenticated issuer service (IS) (secured and authenticated by transport layer, e.g. SSL) |
| | 134 | - get session id (from transport layer) |
| | 135 | - get all missing minting key certs |
| | 136 | - IS sends key certs or rejects a key id (unknown, outdated) |
| | 137 | - lock list of coin serial numbers at IS (DSDB) |
| | 138 | - IS either accepts with locking time or rejects with list of rejected serials + reason (locked, spent) |
| | 139 | |
| | 140 | (this part pauses, session is kept) |
| | 141 | |
| | 142 | * Wallet R tells Wallet S accept or reject with reason (unknown, outdated, locked, spent) for each rejected blank |
| | 143 | (if one blank is rejected the whole transfer has to be rejected) |
| | 144 | |
| | 145 | * Wallet S sends coins to Wallet R (= blanks + signature) |
| | 146 | |
| | 147 | * Wallet R checks that the coins match the blanks and that signatures are valid |
| | 148 | |
| | 149 | * Wallet R accepts transaction or rejects with reason (unknown, invalid) for each rejected coin |
| | 150 | |
| | 151 | * Wallet R terminates session with Wallet S |
| | 152 | |
| | 153 | (in case of rejection Wallet S needs to do emergency meassures, quickly trying to exchange coins with IS |
| | 154 | itself etc.) |
| | 155 | |
| | 156 | |
| | 157 | if dsdb is reuired (normal case): |
| | 158 | |
| | 159 | * in case of reject in the checking phase delete the blanks, otherwise |
| | 160 | |
| | 161 | * Wallet R sends buy request (blanks + coins) (Wallet R continues as in #4 and #8) |
| | 162 | |
| | 163 | * IS has to check if sum of blanks and coins are equal |
| | 164 | |
| | 165 | |
| | 166 | #7 Redeeming Coins |
| | 167 | |
| | 168 | * Wallet locks serials at IS (see above) |
| | 169 | |
| | 170 | * Wallet sends coins + target to IS |
| | 171 | |
| | 172 | - target can be an account |
| | 173 | |
| | 174 | * continue with #8 |
| | 175 | |
| | 176 | |
| | 177 | #8 Accepting coins |
| | 178 | |
| | 179 | * IS checks: |
| | 180 | - if minting keys are still valid |
| | 181 | - if serial is still valid (against DSDB) |
| | 182 | - if signature is valid |
| | 183 | |
| | 184 | * IS rejects with reason (key id unknown, coin outdated, coin spent, signature invalid) per coin or |
| | 185 | |
| | 186 | * (IS tries to service target, rejects with reason if not possible) |
| | 187 | |
| | 188 | * IS enters serials into DSDB |
| | 189 | |
| | 190 | * IS sends accept to Wallet |
| | 191 | |
| | 192 | |
