exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE

control (8597B)

      1 Source: taler-exchange
      2 Section: net
      3 Priority: optional
      4 Maintainer: Christian Grothoff <grothoff@gnu.org>
      5 Build-Depends:
      6  meson,
      7  ninja-build,
      8  bash,
      9  gcc,
     10  debhelper-compat (= 12),
     11  gettext,
     12  libgnunet-dev (>=0.27.0),
     13  libcurl4-gnutls-dev (>=7.35.0) | libcurl4-openssl-dev (>= 7.35.0),
     14  libgcrypt20-dev (>=1.8),
     15  libgnutls28-dev (>=3.2.12),
     16  libjansson-dev (>= 2.13),
     17  libltdl-dev (>=2.2),
     18  libmicrohttpd-dev (>=0.9.71),
     19  libpq-dev (>=15),
     20  libsodium-dev (>=1.0.11),
     21  libunistring-dev (>=0.9.2),
     22  po-debconf,
     23  texinfo (>=5.2),
     24  zlib1g-dev
     25 Standards-Version: 4.5.0
     26 Vcs-Git: https://salsa.debian.org/debian/taler-exchange.git
     27 Vcs-Browser: https://salsa.debian.org/debian/taler-exchange
     28 Homepage: https://taler.net/
     29 
     30 Package: libtalerexchange
     31 Architecture: any
     32 Pre-Depends:
     33  ${misc:Pre-Depends}
     34 Depends:
     35  lsb-base,
     36  netbase,
     37  ${misc:Depends},
     38  ${shlibs:Depends}
     39 Description: shared libraries to talk to a GNU Taler exchange
     40  GNU Taler is the privacy-preserving digital payment system from the GNU
     41  project. This package contains the shared C libraries used by clients
     42  and services to interact with a Taler exchange via its REST API, to parse
     43  and verify exchange-issued cryptographic objects (denomination keys,
     44  signing keys, deposit confirmations, ...) and to handle Taler amounts.
     45  .
     46  Also included is taler-exchange-config, the command-line tool to read
     47  and edit Taler configuration files, along with the base configuration
     48  fragments and documentation shared by all Taler exchange components.
     49  Every other taler-exchange-* and taler-auditor* package depends on this
     50  one.
     51 
     52 Package: taler-terms-generator
     53 Architecture: any
     54 Pre-Depends:
     55  ${misc:Pre-Depends}
     56 Depends:
     57  libtalerexchange,
     58  lsb-base,
     59  pandoc,
     60  groff,
     61  ghostscript,
     62  ${misc:Depends}
     63 Description: generator for GNU Taler terms of service and privacy policy
     64  taler-terms-generator converts a reStructuredText source document into
     65  the bundle of HTML, Markdown, plain-text, EPUB and PDF renderings (and
     66  multiple languages) that a Taler service expects to find on disk in
     67  order to answer the /terms and /pp REST endpoints with the appropriate
     68  content negotiation.
     69  .
     70  It is useful for GNU Taler exchange, merchant and auditor operators who
     71  wish to publish or update their legal documents. Pandoc, groff and
     72  Ghostscript are pulled in as runtime dependencies to perform the
     73  conversions.
     74 
     75 Package: taler-exchange-database
     76 Architecture: any
     77 Pre-Depends:
     78  ${misc:Pre-Depends}
     79 Depends:
     80  lsb-base,
     81  netbase,
     82  ${misc:Depends},
     83  ${shlibs:Depends}
     84 Description: database initialisation tool for the GNU Taler exchange
     85  GNU Taler is the privacy-preserving digital payment system from the GNU
     86  project. This package contains taler-exchange-dbinit together with the
     87  SQL resource files it loads. The tool creates the schema, indices,
     88  customisation hooks and (optionally) the auditor notification triggers
     89  used by the exchange and the auditor in their PostgreSQL database, and
     90  supports incremental garbage collection and shard-lock recovery after
     91  crashes.
     92  .
     93  Both taler-exchange and taler-auditor depend on this package, as the
     94  two services share a database layout and the same setup tooling. A
     95  PostgreSQL server (>= 15) is required at runtime.
     96 
     97 Package: taler-exchange
     98 Architecture: any
     99 Pre-Depends:
    100  ${misc:Pre-Depends}
    101 Depends:
    102  libtalerexchange (= ${binary:Version}),
    103  taler-exchange-database (= ${binary:Version}),
    104  adduser,
    105  lsb-base,
    106  netbase,
    107  zstd,
    108  ucf,
    109  ${misc:Depends},
    110  ${shlibs:Depends}
    111 Recommends:
    112   taler-exchange-offline (= ${binary:Version}),
    113   taler-terms-generator,
    114   taler-exchange-typst,
    115   apache2 | nginx | httpd,
    116   robocop,
    117   postgresql (>=15.0)
    118 Description: GNU Taler payment system - exchange operator daemons
    119  GNU Taler is the privacy-preserving digital payment system from the GNU
    120  project. The exchange is the central service operated by a payment
    121  service provider or bank to issue and redeem digital coins for a given
    122  currency; at least one exchange must be operated per currency.
    123  .
    124  This package ships the daemons required to run an exchange in
    125  production:
    126   * taler-exchange-httpd, the public REST frontend talked to by wallets
    127     and merchant backends;
    128   * taler-exchange-secmod-rsa, -cs and -eddsa, the security modules that
    129     hold the online signing keys and communicate with the HTTPD over
    130     UNIX-domain sockets;
    131   * taler-exchange-aggregator, -transfer, -wirewatch and -closer, which
    132     drive the interaction with the bank (aggregating deposits, executing
    133     outgoing wire transfers, observing incoming transfers, and refunding
    134     abandoned reserves);
    135   * taler-exchange-expire, -sanctionscheck and the KYC/AML pipeline
    136     helpers (taler-exchange-kyc-* converters and triggers).
    137  .
    138  Running an exchange additionally requires the air-gapped offline-signing
    139  tool packaged as taler-exchange-offline (recommended). It is also
    140  recommended to run a taler-auditor to check the operation and determine
    141  expected balance in the escrow account and profits from fees.
    142 
    143 Package: taler-exchange-offline
    144 Architecture: any
    145 Pre-Depends:
    146  ${misc:Pre-Depends}
    147 Depends:
    148  libtalerexchange (= ${binary:Version}),
    149  adduser,
    150  lsb-base,
    151  netbase,
    152  ${misc:Depends},
    153  ${shlibs:Depends}
    154 Description: air-gapped signing tool for the GNU Taler exchange master key
    155  A GNU Taler exchange uses a long-term offline master key to sign its
    156  online signing keys, denomination keys, fee structure, bank account
    157  details, auditor and partner-exchange registrations, AML staff entries
    158  and key-revocation messages. The corresponding master public key forms
    159  the root of the Taler PKI embedded in consumer wallets and merchant
    160  backends, so the private key must be protected with great care.
    161  .
    162  This package contains taler-exchange-offline, the command-line tool
    163  used to set up the master key, download future signing material from a
    164  running exchange, inspect and sign it offline, and upload the resulting
    165  signatures back to the exchange. It is recommended to install
    166  this package on a dedicated machine that is never connected to the
    167  Internet; it also must be installed on some online system to
    168  download key material from the exchange and to upload signatures and
    169  configuration data to the exchange.
    170 
    171 Package: taler-exchange-typst
    172 Architecture: any
    173 Depends:
    174  pdftk
    175 Recommends:
    176  typst
    177 Description: Typst templates for GNU Taler exchange PDF generation
    178  This package ships the Typst templates that the GNU Taler
    179  exchange uses to render PDF artefacts (such as receipts and reports)
    180  from structured data.
    181  .
    182  The pdftk dependency is required at runtime to assemble the resulting
    183  PDFs; the typst compiler itself is recommended but kept optional as
    184  distros still often lack a native Typst package and thus operators
    185  are likely to supply a locally built or vendored Typst compiler.
    186 
    187 Package: taler-auditor
    188 Architecture: any
    189 Pre-Depends:
    190  ${misc:Pre-Depends}
    191 Depends:
    192  libtalerexchange (= ${binary:Version}),
    193  taler-exchange-database (= ${binary:Version}),
    194  adduser,
    195  zstd,
    196  lsb-base,
    197  netbase,
    198  ${misc:Depends},
    199  ${shlibs:Depends}
    200 Description: GNU Taler payment system - independent auditor
    201  GNU Taler is the privacy-preserving digital payment system from the GNU
    202  project. An auditor is an independent third party (or the exchange
    203  operator themselves) that verifies the correct operation
    204  of a Taler exchange: it checks all cryptographic signatures recorded in
    205  the exchange's database, recomputes balances, and reconciles the
    206  reported state against the bank account, alerting the operator to any
    207  inconsistencies and computing expected balance, revenue and risk
    208  exposure.
    209  .
    210  This package provides the taler-auditor incremental audit tool, the
    211  long-running taler-auditor-httpd REST service, the taler-auditor-sync
    212  helper that maintains a safe replica of the exchange database, and the
    213  corresponding helper daemons. The offline-signing tool used
    214  by the auditor is also included.
    215 
    216 Package: libtalerexchange-dev
    217 Section: libdevel
    218 Architecture: any
    219 Depends:
    220  libtalerexchange (= ${binary:Version}),
    221  libgnunet-dev (>=0.27.0),
    222  libgcrypt20-dev (>=1.8),
    223  libmicrohttpd-dev (>=0.9.71),
    224  ${misc:Depends},
    225  ${shlibs:Depends}
    226 Description: GNU Taler exchange client libraries - development files
    227  This package contains the C header files, static libraries and
    228  pkg-config files needed to build software against the GNU Taler
    229  exchange client libraries shipped in libtalerexchange.
    230  .
    231  It also installs taler-fakebank-run, an in-memory implementation of the
    232  Taler Wire Gateway API used by the Taler test suite. The fake bank is
    233  not suitable for production use: all transaction state is kept in RAM
    234  and lost on shutdown.