exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE

control (8675B)


      1 Source: taler-exchange
      2 Section: net
      3 Priority: optional
      4 Maintainer: Christian Grothoff <grothoff@gnu.org>
      5 Build-Depends:
      6  meson,
      7  ninja-build,
      8  bash,
      9  gcc,
     10  debhelper-compat (= 12),
     11  gettext,
     12  libgnunet-dev (>=0.27.0),
     13  libcurl4-gnutls-dev (>=7.35.0) | libcurl4-openssl-dev (>= 7.35.0),
     14  libgcrypt20-dev (>=1.8),
     15  libgnutls28-dev (>=3.2.12),
     16  libjansson-dev (>= 2.13),
     17  libltdl-dev (>=2.2),
     18  libmicrohttpd-dev (>=0.9.71),
     19  libpq-dev (>=15),
     20  libsodium-dev (>=1.0.11),
     21  libunistring-dev (>=0.9.2),
     22  po-debconf,
     23  texinfo (>=5.2),
     24  zlib1g-dev
     25 Standards-Version: 4.5.0
     26 Vcs-Git: https://salsa.debian.org/debian/taler-exchange.git
     27 Vcs-Browser: https://salsa.debian.org/debian/taler-exchange
     28 Homepage: https://taler.net/
     29 
     30 Package: libtalerexchange
     31 Architecture: any
     32 Pre-Depends:
     33  ${misc:Pre-Depends}
     34 Depends:
     35  lsb-base,
     36  netbase,
     37  ${misc:Depends},
     38  ${shlibs:Depends}
     39 Description: shared libraries to talk to a GNU Taler exchange
     40  GNU Taler is the privacy-preserving digital payment system from the GNU
     41  project. This package contains the shared C libraries used by clients
     42  and services to interact with a Taler exchange via its REST API, to parse
     43  and verify exchange-issued cryptographic objects (denomination keys,
     44  signing keys, deposit confirmations, ...) and to handle Taler amounts.
     45  .
     46  Also included is taler-exchange-config, the command-line tool to read
     47  and edit Taler configuration files, along with the base configuration
     48  fragments and documentation shared by all Taler exchange components.
     49  Every other taler-exchange-* and taler-auditor* package depends on this
     50  one.
     51 
     52 Package: taler-terms-generator
     53 Architecture: any
     54 Pre-Depends:
     55  ${misc:Pre-Depends}
     56 Depends:
     57  libtalerexchange,
     58  lsb-base,
     59  pandoc,
     60  groff,
     61  ghostscript,
     62  ${misc:Depends}
     63 Description: generator for GNU Taler terms of service and privacy policy
     64  taler-terms-generator converts a reStructuredText source document into
     65  the bundle of HTML, Markdown, plain-text, EPUB and PDF renderings (and
     66  multiple languages) that a Taler service expects to find on disk in
     67  order to answer the /terms and /pp REST endpoints with the appropriate
     68  content negotiation.
     69  .
     70  It is useful for GNU Taler exchange, merchant and auditor operators who
     71  wish to publish or update their legal documents. Pandoc, groff and
     72  Ghostscript are pulled in as runtime dependencies to perform the
     73  conversions.
     74 
     75 Package: taler-exchange-database
     76 Architecture: any
     77 Pre-Depends:
     78  ${misc:Pre-Depends}
     79 Depends:
     80  lsb-base,
     81  netbase,
     82  ${misc:Depends},
     83  ${shlibs:Depends}
     84 Description: database initialisation tool for the GNU Taler exchange
     85  GNU Taler is the privacy-preserving digital payment system from the GNU
     86  project. This package contains taler-exchange-dbinit together with the
     87  SQL resource files it loads. The tool creates the schema, indices,
     88  customisation hooks and (optionally) the auditor notification triggers
     89  used by the exchange and the auditor in their PostgreSQL database, and
     90  supports incremental garbage collection and shard-lock recovery after
     91  crashes.
     92  .
     93  Both taler-exchange and taler-auditor depend on this package, as the
     94  two services share a database layout and the same setup tooling. A
     95  PostgreSQL server (>= 15) is required at runtime.
     96 
     97 Package: taler-exchange
     98 Architecture: any
     99 Pre-Depends:
    100  ${misc:Pre-Depends}
    101 Depends:
    102  libtalerexchange (= ${binary:Version}),
    103  taler-exchange-database (= ${binary:Version}),
    104  adduser,
    105  lsb-base,
    106  netbase,
    107  zstd,
    108  ucf,
    109  ${misc:Depends},
    110  ${shlibs:Depends}
    111 Recommends:
    112   taler-exchange-offline (= ${binary:Version}),
    113   taler-terms-generator,
    114   taler-exchange-typst,
    115   taler-exchange-aml-webui,
    116   taler-exchange-kyc-webui,
    117   apache2 | nginx | httpd,
    118   robocop,
    119   postgresql (>=15.0)
    120 Description: GNU Taler payment system - exchange operator daemons
    121  GNU Taler is the privacy-preserving digital payment system from the GNU
    122  project. The exchange is the central service operated by a payment
    123  service provider or bank to issue and redeem digital coins for a given
    124  currency; at least one exchange must be operated per currency.
    125  .
    126  This package ships the daemons required to run an exchange in
    127  production:
    128   * taler-exchange-httpd, the public REST frontend talked to by wallets
    129     and merchant backends;
    130   * taler-exchange-secmod-rsa, -cs and -eddsa, the security modules that
    131     hold the online signing keys and communicate with the HTTPD over
    132     UNIX-domain sockets;
    133   * taler-exchange-aggregator, -transfer, -wirewatch and -closer, which
    134     drive the interaction with the bank (aggregating deposits, executing
    135     outgoing wire transfers, observing incoming transfers, and refunding
    136     abandoned reserves);
    137   * taler-exchange-expire, -sanctionscheck and the KYC/AML pipeline
    138     helpers (taler-exchange-kyc-* converters and triggers).
    139  .
    140  Running an exchange additionally requires the air-gapped offline-signing
    141  tool packaged as taler-exchange-offline (recommended). It is also
    142  recommended to run a taler-auditor to check the operation and determine
    143  expected balance in the escrow account and profits from fees.
    144 
    145 Package: taler-exchange-offline
    146 Architecture: any
    147 Pre-Depends:
    148  ${misc:Pre-Depends}
    149 Depends:
    150  libtalerexchange (= ${binary:Version}),
    151  adduser,
    152  lsb-base,
    153  netbase,
    154  ${misc:Depends},
    155  ${shlibs:Depends}
    156 Description: air-gapped signing tool for the GNU Taler exchange master key
    157  A GNU Taler exchange uses a long-term offline master key to sign its
    158  online signing keys, denomination keys, fee structure, bank account
    159  details, auditor and partner-exchange registrations, AML staff entries
    160  and key-revocation messages. The corresponding master public key forms
    161  the root of the Taler PKI embedded in consumer wallets and merchant
    162  backends, so the private key must be protected with great care.
    163  .
    164  This package contains taler-exchange-offline, the command-line tool
    165  used to set up the master key, download future signing material from a
    166  running exchange, inspect and sign it offline, and upload the resulting
    167  signatures back to the exchange. It is recommended to install
    168  this package on a dedicated machine that is never connected to the
    169  Internet; it also must be installed on some online system to
    170  download key material from the exchange and to upload signatures and
    171  configuration data to the exchange.
    172 
    173 Package: taler-exchange-typst
    174 Architecture: any
    175 Depends:
    176  pdftk
    177 Recommends:
    178  typst
    179 Description: Typst templates for GNU Taler exchange PDF generation
    180  This package ships the Typst templates that the GNU Taler
    181  exchange uses to render PDF artefacts (such as receipts and reports)
    182  from structured data.
    183  .
    184  The pdftk dependency is required at runtime to assemble the resulting
    185  PDFs; the typst compiler itself is recommended but kept optional as
    186  distros still often lack a native Typst package and thus operators
    187  are likely to supply a locally built or vendored Typst compiler.
    188 
    189 Package: taler-auditor
    190 Architecture: any
    191 Pre-Depends:
    192  ${misc:Pre-Depends}
    193 Depends:
    194  libtalerexchange (= ${binary:Version}),
    195  taler-exchange-database (= ${binary:Version}),
    196  taler-auditor-webui,
    197  adduser,
    198  zstd,
    199  lsb-base,
    200  netbase,
    201  ${misc:Depends},
    202  ${shlibs:Depends}
    203 Description: GNU Taler payment system - independent auditor
    204  GNU Taler is the privacy-preserving digital payment system from the GNU
    205  project. An auditor is an independent third party (or the exchange
    206  operator themselves) that verifies the correct operation
    207  of a Taler exchange: it checks all cryptographic signatures recorded in
    208  the exchange's database, recomputes balances, and reconciles the
    209  reported state against the bank account, alerting the operator to any
    210  inconsistencies and computing expected balance, revenue and risk
    211  exposure.
    212  .
    213  This package provides the taler-auditor incremental audit tool, the
    214  long-running taler-auditor-httpd REST service, the taler-auditor-sync
    215  helper that maintains a safe replica of the exchange database, and the
    216  corresponding helper daemons. The offline-signing tool used
    217  by the auditor is also included.
    218 
    219 Package: libtalerexchange-dev
    220 Section: libdevel
    221 Architecture: any
    222 Depends:
    223  libtalerexchange (= ${binary:Version}),
    224  libgnunet-dev (>=0.27.0),
    225  libgcrypt20-dev (>=1.8),
    226  libmicrohttpd-dev (>=0.9.71),
    227  ${misc:Depends},
    228  ${shlibs:Depends}
    229 Description: GNU Taler exchange client libraries - development files
    230  This package contains the C header files, static libraries and
    231  pkg-config files needed to build software against the GNU Taler
    232  exchange client libraries shipped in libtalerexchange.
    233  .
    234  It also installs taler-fakebank-run, an in-memory implementation of the
    235  Taler Wire Gateway API used by the Taler test suite. The fake bank is
    236  not suitable for production use: all transaction state is kept in RAM
    237  and lost on shutdown.