summaryrefslogtreecommitdiff
path: root/developers.html
blob: 963b8f457c2036fd04413fd4522cc83f9dd5a431 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
<html lang="{{ _('en') }}"><head>
    <meta charset="utf-8">
    <title>{{ _("GNU Taler") }} - {{ _("Developers") }}</title>
    <meta name="description" content="">
      <!--# include file="common/header.inc" -->
  </head>
  <body class="en" onload="loadLang();">
    <div class="container">
      <!--# include file="common/navigation.inc" -->
      <!-- Jumbotron -->
      <div class="jumbotron">
        <h1>{{ _("Taler for developers") }}</h1>
      </div>

      <!-- Example row of columns -->
      <div class="row">
        <div class="col-lg-6">
          <h2>{{ _("Free") }}</h2>

          <p>{{ _("Taler is free software implementing an open
            protocol. Anybody is welcome to inspect our code and
            integrate our reference implementation into their
            applications.  Different components of Taler are being
            made available under different licenses. The Affero
            GPLv3+ is used for the exchange, the LGPLv3+ is used for
            reference code demonstrating integration with merchant
            platforms, and licenses like Apache/Mozilla/GPLv3+ are
            used for wallets and related customer-facing software.
            We are open for constructive suggestions for maximizing
            the adoption of this libre payment platform.
          ") }}</p>
        </div>
        <div class="col-lg-6">
          <h2>{{ _("RESTful") }}</h2>

	  <p>{{ _("Taler is designed to work on the Internet.  To
	    ensure that Taler payments can work with restrictive
	    network setups, Taler uses a RESTful protocol over HTTP or
	    HTTPS. Taler's security does not depend upon the use of
	    HTTPS, but obviously merchants may choose to offer HTTPS
	    for consistency and because it generally is better for
	    privacy compared to HTTP.  Taler uses JSON to encode
	    structure data, making it easy to integrate Taler with
	    existing Web applications.  Taler's protocol is documented
	    in detail <a href='https://api.taler.net/'>here</a>.
          ") }}</p>
        </div>
      </div>
      <div class="row">
        <div class="col-lg-4">
          <h2>{{ _("Code") }}</h2>

	  <p>{{ _("Taler is currently primarily developed by a
	    research team at Inria and TU Munich. However,
	    contributions from anyone are welcome.  Our Git
	    repositories can be cloned using the Git and HTTP access
	    methods against <tt>git.taler.net</tt> with the name of
	    the respective repository. A list of public repositories
	    can be found in
	    our <a href='https://git.taler.net/'>GitWeb</a>.
          ") }}</p>
        </div>
        <div class="col-lg-4">
          <h2>{{ _("Documentation") }}</h2>

          <p>{{ _("In addition to this website,
            the <a href='https://git.taler.net/'>documented
            code</a> and the <a href='https://api.taler.net/'>API
            documentation</a>, we are in the process of preparing a
            comprehensive design document which will be published here
            soon.
          ") }}</p>
        </div>
         <div class="col-lg-4">
          <h2>{{ _("Discussion") }}</h2>

          <p>{{ _("We have a mailinglist for developer discussions.
            You can subscribe to it or read the list archive at
            <a href='http://lists.gnu.org/mailman/listinfo/taler'>http://lists.gnu.org/mailman/listinfo/taler</a>.") }}</p>
        </div>
      </div>

      <div class="row">
        <div class="col-lg-4">
          <h2>{{ _("Regression Testing") }}</h2>

          <p>{{ _("We
            have <a href='https://buildbot.net/'>Buildbot</a>
            automation tests to detect regressions and check for
            portability at
            <a href='https://buildbot.taler.net/'>buildbot.taler.net</a>.
          ") }}</p>
        </div>
        <div class="col-lg-4" note="not yet operational">
          <h2>{{ _("Code Coverage Analysis") }}</h2>

          <p>{{ _("We
            use <a href='http://ltp.sourceforge.net/coverage/lcov.php'>LCOV</a>
            to analyze the code coverage of our tests, the results are
            available
            at <a href='https://lcov.taler.net/'>lcov.taler.net</a>.
          ") }}</p>
        </div>
        <div class="col-lg-4">
          <h2>{{ _("Performance Analysis") }}</h2>

          <p>{{ _("We
            use <a href='https://gnunet.org/gauger'>Gauger</a> for
            performance regression analysis of the exchange backend
            at <a href='https://gauger.taler.net/'>gauger.taler.net</a>.
          ") }}</p>
        </div>
      </div>

      <div class="col-lg-12">
        <h2 id="overview">{{ _("Taler system overview") }}</h2>

        <p>{{ _("The Taler system consists of protocols executed
          among a number of actors with the help
          of <a href='https://www.fsf.org/'>Free Software</a> as
          illustrated in the illustration on the right.  Typical
          transactions involve the following steps:
        ") }}</p>

          <img src="images/system.svg" alt="system overview" style="float: right; margin: 50px 5px 5px 5px;" width="50%">
          <ol>
             <li>{{ _("A customer instructs his <b>bank</b> to
               transfer funds from his account to the Taler exchange
               (top left).  In the subject of the transaction, he
               includes an authentication token from his
               electronic <b>wallet</b>. In Taler terminology, the
               customer creates a reserve at the exchange.
             ") }}</li>

             <li>{{ _("Once the exchange has received the
               transfer, it allows the customer's electronic wallet
               to <b>withdraw</b> electronic coins.  The electronic
               coins are digital representations of the original
               currency from the transfer. It is important to note
               that the exchange does not learn the &quot;serial numbers&quot;
               of the coins created in this process, so it cannot tell
               later which customer purchased what at which merchant.
               The use of Taler does not change the currency or the
               total value of the funds (except for fees which the
               exchange may charge for the service).
             ") }}</li>

             <li>{{ _("Once the customer has the digital coins in
               his wallet, the wallet can be used to <b>spend</b> the
               coins with merchant portals that support the Taler
               payment system and accept the respective exchange as a
               business partner (bottom arrow). This creates a digital
               contract signed by the customer's coins and the
               merchant.  If necessary, the customer can later use
               this digitally signed contract in a court of law to
               prove the exact terms of the contract and that he paid
               the respective amount. The customer does not learn the
               banking details of the merchant, and Taler does not
               require the merchant to learn the identity of the
               customer. Naturally, the customer can spend any
               fraction of his digital coins (the system takes care of
               customers getting change).
             ") }}</li>

             <li>{{ _("Merchants receiving digital
               coins <b>deposit</b> the respective receipts that
               resulted from the contract signing with the customer at
               the exchange to redeem the coins.  The deposit step
               does not reveal the details of the contract between the
               customer and the merchant or the identity of the
               customer to the exchange in any way. However, the
               exchange does learn the identity of the merchant via
               the provided bank routing information.  The merchant
               can, for example when compelled by the state for
               taxation, provide information linking the individual
               deposit to the respective contract signed by the
               customer. Thus, the exchange's database allows the
               state to enforce that merchants pay applicable taxes
               (and do not engage in illegal contracts).
             ") }}</li>

             <li>{{ _("Finally, the exchange transfers funds
               corresponding to the digital coins redeemed by the
               merchants to the merchant's <b>bank</b> account. The
               exchange may combine multiple small transactions into
               one larger bank transfer.  The merchant can query the
               exchange about the relationship between the bank
               transfers and the individual claims that were
               deposited.
             ") }}</li>

             <li>{{ _("Most importantly, the exchange keeps
               cryptographic proofs that allow it to demonstrate that
               it is operating correctly to third parties.  The system
               requires an external <b>auditor</b>, such as a
               government-appointed financial regulatory body, to
               frequently verify the exchange's databases and check that
               its bank balance matches the total value of the
               remaining coins in circulation.
             ") }}</li>

             <li>{{ _("Without the auditor, the exchange operators
               could embezzle funds they are holding in
               reserve. Customers and merchants cannot cheat each
               other or the exchange. If any party's computers are
               compromised, the financial damage is limited to the
               respective party and proportional to the funds they
               have in circulation during the period of the
               compromise.
             ") }}</li>
          </ol>
        <p></p>
      </div>
      <!--# include file="common/footer.inc" -->
    </div> <!-- /container -->
  </body>
</html>