- GET /management/keys#
Get a list of future public keys to be used by the exchange. Only to be used by the exchange’s offline key management team. Not useful for anyone else (but also not secret, so access is public).
Response:
- 200 OK:
The exchange responds with a FutureKeysResponse object. This request should virtually always be successful.
Details:
interface FutureKeysResponse { // Future denominations to be offered by this exchange // (only those lacking a master signature). future_denoms: FutureDenom[]; // The exchange's future signing keys (only those lacking a master signature). future_signkeys: FutureSignKey[]; // Master public key expected by this exchange (provided so that the // offline signing tool can check that it has the right key). master_pub: EddsaPublicKey; // Public key of the denomination security module. denom_secmod_public_key: EddsaPublicKey; // Public key of the signkey security module. signkey_secmod_public_key: EddsaPublicKey; }
interface FutureDenom { // Name in the configuration file that defines this denomination. section_name: string; // How much are coins of this denomination worth? value: Amount; // When does the denomination key become valid? stamp_start: Timestamp; // When is it no longer possible to withdraw coins // of this denomination? stamp_expire_withdraw: Timestamp; // When is it no longer possible to deposit coins // of this denomination? stamp_expire_deposit: Timestamp; // Timestamp indicating by when legal disputes relating to these coins must // be settled, as the exchange will afterwards destroy its evidence relating to // transactions involving this coin. stamp_expire_legal: Timestamp; // Public key for the denomination. denom_pub: DenominationKey; // Fee charged by the exchange for withdrawing a coin of this denomination. fee_withdraw: Amount; // Fee charged by the exchange for depositing a coin of this denomination. fee_deposit: Amount; // Fee charged by the exchange for refreshing a coin of this denomination. fee_refresh: Amount; // Fee charged by the exchange for refunding a coin of this denomination. fee_refund: Amount; // Signature by the denomination security module // over TALER_DenominationKeyAnnouncementPS // for this denomination with purpose // TALER_SIGNATURE_SM_DENOMINATION_KEY. denom_secmod_sig: EddsaSignature; }
type DenominationKey = | RsaDenominationKey | CSDenominationKey;
interface RsaDenominationKey { cipher: "RSA"; // 32-bit age mask. age_mask: Integer; // RSA public key rsa_pub: RsaPublicKey; }
interface CSDenominationKey { cipher: "CS"; // 32-bit age mask. age_mask: Integer; // Public key of the denomination. cs_pub: Cs25519Point; }
interface FutureSignKey { // The actual exchange's EdDSA signing public key. key: EddsaPublicKey; // Initial validity date for the signing key. stamp_start: Timestamp; // Date when the exchange will stop using the signing key, allowed to overlap // slightly with the next signing key's validity to allow for clock skew. stamp_expire: Timestamp; // Date when all signatures made by the signing key expire and should // henceforth no longer be considered valid in legal disputes. stamp_end: Timestamp; // Signature over TALER_SigningKeyAnnouncementPS // for this signing key by the signkey security // module using purpose TALER_SIGNATURE_SM_SIGNING_KEY. signkey_secmod_sig: EddsaSignature; }
