The GNU Project has released the free electronic payment system GNU Taler 0.8. A feature of the system is that buyers are provided with anonymity, but sellers are not anonymous to ensure transparency in tax reporting, i.e. the system does not allow tracking information about where the user spends money, but provides tools for tracking the receipt of funds (the sender remains anonymous), which solves the problems inherent in BitCoin with tax audits. The code is written in Python and distributed under the AGPLv3 and LGPLv3 licenses.
GNU Taler does not create its own cryptocurrency, but works with existing currencies, including dollars, euros, and bitcoins. Support for new currencies can be provided through the creation of a bank that acts as a financial guarantor. GNU Taler's business model is based on performing exchange transactions - money from traditional payment systems such as BitCoin, Mastercard, SEPA, Visa, ACH and SWIFT is converted into anonymous electronic money in the same currency. The user can transfer electronic money to merchants, who can then exchange it back at the exchange point for real money represented by traditional payment systems.
All transactions in GNU Taler are secured using state-of-the-art cryptographic algorithms to ensure authenticity even if the private keys of customers, merchants, and exchanges are leaked. The database format provides the ability to verify all completed transactions and confirm their consistency. Payment confirmation for merchants is a cryptographic proof of the transfer within the framework of the contract concluded with the client and a cryptographically signed confirmation of the availability of funds at the exchange point. GNU Taler includes a set of basic components that provide the logic for the operation of a bank, an exchange point, a trading platform, a wallet, and an auditor.
The new release implements changes prepared to eliminate deficiencies identified as a result of a security audit of the code base. The audit was carried out in 2020 by Code Blau and financed through a grant issued by the European Commission as part of the program for the development of next-generation Internet technologies. After the audit, recommendations were made related to strengthening the isolation of private keys and separation of privileges, improving code documentation, simplifying complex structures, reworking methods for processing NULL pointers, initializing structures and callback calls.
Major changes:
- Increased isolation of private keys, which are now processed using separate taler-exchange-secmod-* executables run under a separate user, which allows you to separate the logic for working with keys from the taler-exchange-httpd process that processes external network requests.
- Increased isolation of confidential configuration parameters of exchange points (exchanges).
- Support for backup and recovery has been added to the wallet implementation (Wallet-core).
- The wallet has changed the presentation of information about transactions, history, errors and pending operations. The stability of the wallet and ease of use have been improved. The wallet API has been documented and is now used in all user interfaces.
- The browser-based version of the wallet based on WebExtension technology adds support for the GNU IceCat browser. The access rights required to operate a WebExtension-based wallet have been significantly reduced.
- Exchange points and trading platforms have the opportunity to define their terms of service.
- Optional tools for inventory have been added to the backend for organizing the work of trading platforms.
- The contract provides the option to display thumbnail images of the product.
- The F-Droid catalog contains Android applications for trade accounting (point-of-sale) and cash register operations, used to organize sales on trading platforms.
- Improved implementation of the refund process.
- Improved and simplified HTTP API for trading platforms. The creation of front-ends for trading platforms has been simplified, and the ability for the back-end to generate ready-made HTML pages for working with a wallet has been added.
Source: opennet.ru