Add check for account age to apply restrictions #2801
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
m52go
reviewed
May 2, 2019
| @@ -344,6 +344,16 @@ offerbook.warning.noTradingAccountForCurrency.headline=No trading account for se | |||
| offerbook.warning.noTradingAccountForCurrency.msg=You don't have a trading account for the selected currency.\nDo you want to create an offer with one of your existing trading accounts? | |||
| offerbook.warning.noMatchingAccount.headline=No matching trading account. | |||
| offerbook.warning.noMatchingAccount.msg=You don't have a trading account with the payment method required for that offer.\nYou need to setup a trading account with that payment method if you want to take this offer.\nDo you want to do this now? | |||
| offerbook.warning.makerHasNoMatureAccountForBuyOffer=You cannot create an offer because you do not have a payment account which was created before March 15th 2019. \ | |||
There was a problem hiding this comment.
Not show-stopping but I made some minor changes:
offerbook.warning.noMatchingAccount.msg=To take this offer, you will need to set up a payment account using this payment method.\n\nWould you like to do this now?
offerbook.warning.makerHasNoMatureAccountForBuyOffer=You cannot create this offer because you do not have a payment account which was created before March 15th 2019. \
The selected payment method is considered risky for bank chargebacks. We needed to deploy this restriction as a short-term measure for enhanced security.\n\n\
The next software release will provide more robust chargeback protection tools, and this restriction for new accounts will be removed.
offerbook.warning.riskyBuyOfferWithImmatureAccountAge=This offer cannot be taken because the maker's payment account \
was created after March 15th 2019, and the payment method is considered risky for bank chargebacks. We needed to deploy this restriction as a \
short-term measure for enhanced security.\n\n\
The next software release will provide more robust protection tools so that offers with this risk profile can be traded again.
offerbook.warning.sellOfferAndAnyTakerPaymentAccountForOfferMature=This offer cannot be taken because your payment account \
was created after March 15th 2019 and the payment method is considered risky for bank chargebacks. We needed to deploy this restriction as a \
short-term measure for enhanced security.\n\n\
The next software release will provide more robust protection tools so that offers with this risk profile can be traded again.
- We will allow small amounts so we keep all accounts and add the check later when the user click next
ManfredKarrer
changed the title
ManfredKarrer
changed the title
ripcurlx
reviewed
May 3, 2019
| @@ -63,6 +63,7 @@ | |||
| public class AccountAgeWitnessService { | |||
| private static final Date RELEASE = Utilities.getUTCDate(2017, GregorianCalendar.NOVEMBER, 11); | |||
| public static final Date FULL_ACTIVATION = Utilities.getUTCDate(2018, GregorianCalendar.FEBRUARY, 15); | |||
| public static final long SAFE_ACCOUNT_AGE_DATE = Utilities.getUTCDate(2019, GregorianCalendar.MARCH, 15).getTime(); | |||
There was a problem hiding this comment.
I think we should re-use the static from AccountAgeRestrictions
ripcurlx
approved these changes
May 3, 2019
There was a problem hiding this comment.
ACK - besides a small UI issue with popups everything worked as expected. @devinbileck and I experienced a problem on Regtest that an old account wasn't able to take a sell offer by a new account that exceeded the demo amount of 0.01 BTC. The reason for this error was that the account age witness data wasn't propagated in the local network at the point the offer was taken. Shouldn't be a problem on Mainnet.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR provides some security improvements to enable us to unblock the banned SEPA counties and Interac due to the chargeback scams.
We limit accounts created after 15.3. to 0.01 BTC trades in case they are the fiat buyer of payment methods considered risky regarding chargebacks (basically all bank transfer methods).
This is a intermediary solution as the planned proposals will require more time to get implemented and deployed.
To ensure that users with old version cannot be caught by the scammer once we unblock the banned counties and Interac we will send out a message which enforces all users to update, otherwise their trades will fail. We will do that shortly after the release (about 2 days).