aboutsummaryrefslogtreecommitdiff
path: root/developers.html.j2
blob: 56e38781f056739ee9a2ad86570154bfc00368b7 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
{% extends "common/base.j2" %}
{% block body_content %}
<div class="jumbotron">
  <div class="text-center">
    <h1>{{ _("Taler for developers") }}</h1>
  </div>
</div>

<div class="container">
  <div class="row">
    <div class="col-lg-6">
      <h2>{{ _("Free") }}</h2>

      <p>
        {% trans %}
               GNU Taler is free software implementing an open
               protocol. Anybody is welcome to integrate our reference
               implementation into their applications.  Different
               components of Taler are being made available under
               different licenses. The Affero GPLv3+ is used for the
               exchange, the LGPLv3+ is used for reference code
               demonstrating integration with merchant platforms, and
               licenses like GPLv3+ are used for
               wallets and related customer-facing software.  We are
               open for constructive suggestions for maximizing the
               adoption of this payment platform.
         {% endtrans %}
      </p>

    </div>
    <div class="col-lg-6">
      <h2>{{ _("RESTful") }}</h2>

      <p>
        {% trans %}
               Taler is designed to work on the Internet.  To
               ensure that Taler payments can work with
               restrictive network setups, Taler uses a RESTful
               protocol over HTTP or HTTPS. Taler's security does
               not depend upon the use of HTTPS, but obviously
               merchants may choose to offer HTTPS for consistency
               and because it generally is better for privacy
               compared to HTTP.  Taler uses JSON to encode
               structure data, making it easy to integrate Taler
               with existing Web applications.  Taler's protocol
               is documented in
               detail at <a href="https://api.taler.net/">api.taler.net</a>.
        {% endtrans %}
      </p>
    </div>
  </div>
</div>

<div class="container-fluid c_acronym">
<div class="container">
  <div class="row">
    <div class="col-lg-4">
      <h2>{{ _("Code") }}</h2>

      <p>
        {% trans %}
               Taler is currently primarily developed by a
               research team at <a href="http://www.inria.fr/">Inria</a> and
               <a href="https://gnunet.org/">GNUnet</a>. However,
               contributions from anyone are welcome.  Our Git
               repositories can be cloned using the Git and HTTP
               access methods against <tt>git.taler.net</tt> with
               the name of the respective repository. A list of
               repositories can be found in
               our <a href="https://git.taler.net/">GitWeb</a>.
         {% endtrans %}
     </p>
    </div>
    <div class="col-lg-4">
      <h2>{{ _("Documentation") }}</h2>

      <p>
        {% trans %}
               In addition to this website, the <a
               href="https://git.taler.net/">documented code</a> and
               the <a href="https://api.taler.net/">API
               documentation</a>.  Technical papers can be found in
               our <a href="bibliography.html">bibliography</a>.
       {% endtrans %}
      </p>
    </div>
     <div class="col-lg-4">
      <h2>{{ _("Discussion") }}</h2>

      <p>
        {% trans %}
               We have a mailing list for developer discussions.
               You can subscribe to or read the list archive at
               <a href="http://lists.gnu.org/mailman/listinfo/taler">http://lists.gnu.org/mailman/listinfo/taler</a>.
        {% endtrans %}
      </p>
    </div>
  </div>
  <div class="row">
    <div class="col-lg-4">
      <h2>{{ _("Regression Testing") }}</h2>

      <p>
         {% trans %}
               We have <a href="https://buildbot.net/">Buildbot</a>
               automation tests to detect regressions and check for
               portability at <a
               href="https://buildbot.taler.net/">buildbot.taler.net</a>.
        {% endtrans %}
       </p>
    </div>
    <div class="col-lg-4" note="not yet operational">
      <h2>{{ _("Code Coverage Analysis") }}</h2>

      <p>
         {% trans %}
               We use
               <a href="http://ltp.sourceforge.net/coverage/lcov.php">LCOV</a>
               to analyze the code coverage of our tests, the
               results are available
               at <a href="https://lcov.taler.net/">lcov.taler.net</a>.
        {% endtrans %}
      </p>
    </div>
    <div class="col-lg-4">
      <h2>{{ _("Performance Analysis") }}</h2>

      <p>
         {% trans %}
               We
               use <a href="https://gnunet.org/gauger">Gauger</a>
               for performance regression analysis of the exchange
               backend
               at <a href="https://gauger.taler.net/">gauger.taler.net</a>.
        {% endtrans %}
      </p>
    </div>
  </div>
</div>
</div>

<div class="container">

  <div class="col-lg-12">
    <h2 id="overview">{{ _("Taler system overview") }}</h2>

    <p>
        {% trans %}
             The Taler system consists of protocols executed among
             a number of actors as illustrated in the illustration on the right.
             Typical transactions involve the following steps:
        {% endtrans %}
     </p>

      <img src="{{ url('images/system.svg') }}" alt="system overview" style="float: right; margin: 50px 5px 5px 5px;" width="50%">
      <ol>
         <li>
               {% trans %}
                   A customer instructs his <b>bank</b> to
                   transfer funds from his account to the Taler
                   exchange (top left).  In the subject of the
                   transaction, he includes an authentication
                   token from his electronic <b>wallet</b>. In
                   Taler terminology, the customer creates a
                   reserve at the exchange.
               {% endtrans %}
            </li>

         <li>
               {% trans %}
                   Once the exchange has received the wire
                   transfer, it allows the customer's electronic
                   wallet to <b>withdraw</b> electronic coins.
                   The electronic coins are digital
                   representations of the original currency from
                   the transfer. It is important to note that the
                   exchange does not learn the &quot;serial
                   numbers&quot; of the coins created in this
                   process, so it cannot tell later which customer
                   purchased what at which merchant.  The use of
                   Taler does not change the currency or the total
                   value of the funds (except for fees which the
                   exchange may charge for the service).
               {% endtrans %}
            </li>

         <li>
               {% trans %}
                   Once the customer has the digital coins in his
                   wallet, the wallet can be used to <b>spend</b>
                   the coins with merchant portals that support
                   the Taler payment system and accept the
                   respective exchange as a business partner
                   (bottom arrow). This creates a digital contract
                   signed by the customer's coins and the
                   merchant.  If necessary, the customer can later
                   use this digitally signed contract in a court
                   of law to prove the exact terms of the contract
                   and that he paid the respective amount. The
                   customer does not learn the banking details of
                   the merchant, and Taler does not require the
                   merchant to learn the identity of the
                   customer. Naturally, the customer can spend any
                   fraction of his digital coins (the system takes
                   care of customers getting change).
               {% endtrans %}
            </li>

         <li>
               {% trans %}
                   Merchants receiving digital
                   coins <b>deposit</b> the respective claims
                   that resulted from the contract signing with
                   the customer at the exchange to redeem the
                   coins.  The deposit step does not reveal the
                   details of the contract between the customer
                   and the merchant or the identity of the
                   customer to the exchange in any way. However,
                   the exchange does learn the identity of the
                   merchant via the provided bank routing
                   information.  The merchant can, for example
                   when compelled by the state for taxation,
                   provide information linking the individual
                   deposit to the respective contract signed by
                   the customer. Thus, the exchange's database
                   allows the state to enforce that merchants pay
                   applicable taxes (and do not engage in illegal
                   contracts).
               {% endtrans %}
            </li>

         <li>
               {% trans %}
                   Finally, the exchange transfers funds
                   corresponding to the digital coins redeemed by
                   the merchants to the merchant's <b>bank</b>
                   account. The exchange may combine multiple
                   small transactions into one larger bank
                   transfer.  The merchant can query the exchange
                   about the relationship between the bank
                   transfers and the individual claims that were
                   deposited.
               {% endtrans %}
            </li>

         <li>
               {% trans %}
                   Most importantly, the exchange keeps
                   cryptographic proofs that allow it to
                   demonstrate that it is operating correctly to
                   third parties.  The system requires an
                   external <b>auditor</b>, such as a
                   government-appointed financial regulatory body,
                   to frequently verify the exchange's databases
                   and check that its bank balance matches the
                   total value of the remaining coins in
                   circulation.
               {% endtrans %}
            </li>

         <li>
               {% trans %}
                   Without the auditor, the exchange operators
                   could embezzle funds they are holding in
                   reserve. Customers and merchants cannot cheat
                   each other or the exchange. If any party's
                   computers are compromised, the financial damage
                   is limited to the respective party and
                   proportional to the funds they have in
                   circulation during the period of the
                   compromise.
               {% endtrans %}
            </li>
      </ol>
    <p></p>
  </div>
</div> <!-- /container -->
{% endblock body_content %}