Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Payment Methods #26

Merged
merged 8 commits into from
Nov 30, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
138 changes: 138 additions & 0 deletions docs/haveno-ui/backup_and_restore.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,138 @@
# Backing up application data

Backing up your Haveno data is crucial to ensure you can retain control over trades, disputes, payment accounts, and funds in case of issues with your machine (e.g. drive failure) or Haveno itself (e.g. critical bugs).
All Haveno data is stored right on your computer—it's never stored (or even sent) to a central server, so backing it up is your job. We will see data restoration after the backup.

### 1. Back up the entire Haveno data directory

The safest, quickest, easiest, and most comprehensive thing you can do to safeguard your data is to back up the whole data directory at regular intervals. See the various elements of the data directory detailed here. In addition, to make restoring payment accounts easier, you may want to back up an export of your payment accounts.

#### 1.1 While Haveno is running

Go to `Account` -> `Backup` and put in a location for your backup to be exported to (note that this section is titled "Backup wallet" in the software but it actually exports the entire data directory).

![Export backup](../resources/img/haveno-ui/backup_dark.png#only-light)
![Export backup](../resources/img/haveno-ui/backup_light.png#only-dark)
/// caption
Data directory backup screen.
///

#### 1.2 While Haveno is closed

When Haveno is closed, you can simply copy the entire data directory and paste it somewhere safe. Find the location of your data directory by clicking on the `Open Directory` button (see screenshot above) or see data directory locations here:

```
Linux: ~/.local/share/Haveno/
macOS: ~/Library/Application Support/Haveno/
Windows: ~\AppData\Roaming\Haveno\
```

#### 1.3 Encrypt your backup

Backup files are not encrypted. If you’ve set a wallet password, your wallet files will be encrypted, but all your other data will not be encrypted.
We recommend encrypting the whole backup folder with something like gpg, 7-Zip, Cryptomator, etc.

### 2. Back up payment accounts

If you just want to back up your payment accounts, export them from `Account` -> `Traditional Currency Accounts`.
Be advised: exporting your accounts this way only exports metadata. **Aging and signing status are not included.** To include account aging and signing status, you also need to save the `xmr_mainnet/keys/sig.key` file from your data directory.
Because of the way restoring payment accounts works, it's best for most users to back up the whole data directory and back up a payment account export.
Export fiat payment accounts here. You can export cryptocurrency accounts from the Cryptocurrency Accounts tab.

### 3. Back up your wallet seed

Please be sure to properly back up your wallet seed.

### 4. Export Tor state

If you want to carry over a particular onion address (and keep your local reputation), you can replace the `xmr_mainnet/tor/hiddenservice` folder in your data directory with the one from your backup.

### 5. Export trade history

In `Portfolio` -> `History` you'll find an `Export to CSV` button to export your trade history.
There's no way to import this data back into Haveno, but it can be useful to have a copy of this data for yourself for record-keeping, analysis, etc.

### 6. Export transaction history

In `Funds` -> `Transactions` you'll find an `Export to CSV` button to export your trade history.
There's no way to import this data back into Haveno, but it can be useful to have a copy of this data for yourself for record-keeping, analysis, etc.

## Restore Haveno data

Restoring application data can be useful to bring back payment accounts, onion addresses, and other items from a backup—or to move your Haveno instance to an entirely new machine.
You can restore an entire data directory at once, or just the parts you want.

### 1. Restore an entire data directory

First make sure Haveno is closed. Then copy the entire Haveno directory from your backup and paste it in your machine's default data directory location. If there already is a directory called Haveno there, remove it (or rename it) and replace it with your backup.

Data directories work across operating systems, so you can copy a data directory created on a Mac to the appropriate location on Linux or Windows, and it will work. But, please do not run the same data directory on 2 machines at the same time, even if you don't run both instances at the same time, as data may get corrupted in strange ways.

### 2. Restore payment accounts

A payment account export only contains metadata (name, bank information, etc). For fiat accounts, this means that restoring payment accounts is a 2-step process.

### 3. Restore payment account metadata

If you have a payment accounts export file, import it in `Account` -> `Traditional Currency Accounts`

If you don't have an export file, but you do have a full backup, you can salvage your payment account metadata from `xmr_mainnet/db/UserPayload` by running the *strings* utility on the UserPayload file (e.g. run `strings /path/to/backup/xmr_mainnet/db/UserPayload` in a terminal window). The command will output a simplified version of the UserPayload file to your terminal. Scroll up a bit and you should see your payment account information.

Use the output to copy and paste the details into new payment accounts in Haveno, paying special attention to make sure each field is copied over with 100% accuracy (including the salt): even a 1 character difference in any field will cause the hash of the payment account to be different, which means aging and signing status will not be restored in the following step.

There are quirks. Here's an example of output from a *strings* command:

```
SEPA
Alice Liddell
DE89370400440532013000
DEUTDE5X*
SKzH
salt
@56655c3738ea9dea3b20f482fff048985a2757e57dff206fbd9e8c4f267f7781
```

From the output above:

- Be wary of extra characters at the beginning or end of a line. In the example above, the * character is not part of the BIC "DEUTDE5X".
- Salts are alphanumeric, so the @ is not part of the salt "56655c3738ea9dea3b20f482fff048985a2757e57dff206fbd9e8c4f267f7781".

If you're on Windows, or cannot use the *strings* utility for some other reason, you can just open UserPayload directly in a text editor, but there will be more cruft to sift through since the file isn't meant to be human-readable.

It may be tempting to just replace the entire UserPayload file from a backup, but this is **not recommended**, as it may contain other data that could result in data corruption in your new instance.
Restore payment account aging and signing status

Once you've restored your payment account metadata, you'll see the accounts in Haveno, but they'll have no aging or signing status. You can get aging and signing status back by replacing `xmr_mainnet/keys/sig.key` from your backup.

- Make sure you have no active offers, trades or disputes; once you change `sig.key`, you will become unreachable.
- Close Haveno. Also make sure you've made a backup of your data directory (just in case).
- Replace `/path/to/data/directory/xmr_mainnet/keys/sig.key` with the `sig.key` from your backup.

Upon opening Haveno, you should see account aging and signing status restored for your fiat payment accounts. If you don't, double-check:

- You copied account metadata and salt correctly in the previous step.
- The `sig.key` you copied is the correct one (i.e. the one you were using when your accounts accrued aging and/or got signed)

### 4. Restore onion address

Your onion address determines your local reputation, so depending on your preferences, you may want to reset it or restore it over time.

If you want to restore it:

- Close Haveno. Also make sure you've made a backup of your data directory (just in case).
- Replace the `/path/to/data/directory/xmr_mainnet/tor/hiddenservices/` folder with the `xmr_mainnet/tor/hiddenservices/` folder from your backup.

When you open Haveno, your onion address will be restored: this means that the peers that have traded with you will see bubbles with trade counts in their offer books for your offers.

### 5. Restore trade history

You may want to keep your trade history despite changing wallets. You can do so by:

- Closing Haveno.
- Replacing the `/path/to/data/directory/xmr_mainnet/db/ClosedTrades` file on your new directory with the file from backup with the same name.

You will see bubbles with trade counts in the offer books for any any peers you traded with.

### 6. Restore wallet

If starting a new data directory, it's generally best to just send funds from one Haveno instance to another with an on-chain transaction.
1 change: 1 addition & 0 deletions docs/resources/img/crypto/tether-usdt.svg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
5 changes: 5 additions & 0 deletions docs/resources/img/crypto/usdc.svg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/resources/img/haveno-ui/account-age_dark.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/resources/img/haveno-ui/backup_dark.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added docs/resources/img/haveno-ui/backup_light.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
6 changes: 5 additions & 1 deletion docs/stylesheets/extra.css
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@
[data-md-color-scheme="youtube"] {
--md-primary-fg-color: #0b65da;
}
[data-md-color-scheme="youtube"] img[src$="#only-dark"],
[data-md-color-scheme="youtube"] img[src$="#gh-dark-mode-only"] {
display: none; /* Hide dark images in light mode */
}

[dir="ltr"] .md-header__title {
margin-left: 0;
Expand All @@ -14,4 +18,4 @@
display: inline-block;
vertical-align: middle;
max-height: 1.5rem;
}
}
111 changes: 111 additions & 0 deletions docs/the-project/account_limits.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
# Account limits

Elevated account limits apply to fiat payment accounts in order to limit damage a malicious user can do while allowing honest users to start trading immediately with no KYC and utmost privacy.

Cryptocurrency accounts can trade 96 XMR right away (528 XMR since Haveno v1.0.15), but all fiat payment account types have limits lower than 96 XMR to match their particular risk profiles (see [this table](payment_methods/0-all-methods.md/#1-fiat-payment-methods) for details). Some payment methods with chargeback risk implement a mechanism called **account signing** that restricts trading activity until a trader proves their integrity to further secure against foul play.

## Which payment accounts are affected

Only fiat payment methods are affected by elevated account limits in Haveno.

All fiat payment methods in all markets limit total trade size depending on the payment method's risk profile (see [this table](payment_methods/0-all-methods.md/#1-fiat-payment-methods) for details).

Despite these limitations, chargebacks can still be possible for certain payment methods. Haveno reduces this risk with a mechanism called **account signing**.

Account signing only applies to payment accounts that are subject to chargeback risk: SEPA, SEPA Instant, Interac e-Transfer, Zelle, Revolut, Chase QuickPay, Popmoney, MoneyBeam, Uphold, and any kind of bank transfer.


## Account aging

Account age is not used to determine trade size limits for payment methods. However, it is measured, and you can see a payment account's age in the offer book before taking an offer, but we caution against using it as a measure of integrity. Older accounts are not **necessarily** safer.

![Account age in Offer book](../resources/img/haveno-ui/account-age_light.png)
/// caption
See account age in the offer book.
///

**All payment methods on Haveno have full selling capability from the moment they are created.**

Some payment methods implement a variation of account aging called account signing whereby limits are increased in stages over a period of 60 days after signing. More about this below.

If you're interested, details on the `AccountAgeWitness` object that enables this aging mechanism are [here](https://github.com/haveno-dex/haveno/blob/master/core/src/main/java/haveno/core/account/witness/AccountAgeWitnessService.java).

## Account signing

Account signing limits **buying** limits of risky fiat payment methods to 3 XMR until the trader has bought Monero from a seller with a signed payment account, and then gradually phases in full buying limits. Selling limits are unaffected.

In a nutshell, this is how it works:

- Payment account is created in Haveno for risky payment method
- Buying is limited to 3 XMR per trade until account is signed (see how [below](#how-to-get-an-account-signed))
- 30 days after signing, buying limits are increased to 50% of maximum
- 60 days after signing, maximum trade size is allowed

Let's see how this works in practice by looking at an example. SEPA has a maximum trade size of 12 XMR, and it requires account signing in order for to enable full trade limits.

First let's observe what happens if a new SEPA account is never signed. Notice how buying limits never increase beyond 3 XMR, but selling 12 XMR is allowed from day 0.

| Time Since Creating SEPA Payment Account<br> (Never Signed) | Maximum Trade Size (Buy) | Maximum Trade Size (Sell) |
| ---------------------------------------- | ------------------------ | ------------------------- |
| Day 0 | 3 XMR | 12 XMR |
| Day 30 | 3 XMR | 12 XMR |
| Day 60 | 3 XMR | 12 XMR |
| > 60 | 3 XMR | 12 XMR |

If that SEPA account manages to get signed on the same day it's created, it will see its 3 XMR limit increased on Day 30. Selling limits are unaffected.

| Time Since Creating SEPA Payment Account | Maximum Trade Size (Buy) | Maximum Trade Size (Sell) |
| ---------------------------------------- | ------------------------ | ------------------------- |
| Day 0 - Account Signed | 3 XMR | 12 XMR |
| Day 30 | 6 XMR | 12 XMR |
| Day 60 | 12 XMR | 12 XMR |
| > 60 | 12 XMR | 12 XMR |

But if that SEPA account isn't signed until Day 30, it won't see its limits lifted until Day 60. Again, selling limits are unaffected.

| Time Since Creating SEPA Payment Account | Maximum Trade Size (Buy) | Maximum Trade Size (Sell) |
| ---------------------------------------- | ------------------------ | ------------------------- |
| Day 0 | 3 XMR | 12 XMR |
| Day 30 - Account Signed | 3 XMR | 12 XMR |
| Day 60 | 12 XMR | 12 XMR |
| > 60 | 12 XMR | 12 XMR |

## How to get an account signed

Payment accounts that require signing cannot buy more than 3 XMR until 30 days **after** they are signed. There's two ways to get your account signed.

### 1. Buying XMR

To sign your account you have to buy XMR following these requirements:

- trade amount is greater than or equal to 0.1 XMR and lesser than or equal to 3 XMR
- seller's account must have been signed for over 30 days at the time of the signing trade

Through taking an offer you can make sure that the offer fulfils the requirements to sign your account. Making an offer could not sign your account, because taker could be unable to sign your account (signed since less than 30 days, or unsigned).

The Haveno interface makes it easy to determine if an offer can help you get signed: simply **look for buy offers with a check mark badge**:

![Signed Accounts in Offers](../resources/img/haveno-ui/good-bad-signing-asks_dark.png)
/// caption
Top offers won't get you signed. Bottom offers will get you signed.
///

In the image above, the offers on top do not have a check mark, but the offers on the bottom do. And it's a valid size (i.e. between 0.1 XMR and 3 XMR), so taking that offer and successfully completing the trade will result in a signed account.

You can see your payment account's limits and signing status at <br>
`Accounts` > `Traditional Currency Accounts` Pick an account and look toward the bottom:

![Payment Account limit & signing status](../resources/img/haveno-ui/Payment-account-signing-status_dark.png#only-light)
![Payment Account limit & signing status](../resources/img/haveno-ui/Payment-account-signing-status_light.png#only-dark)

### 2. With your own signed account

Once you have 1 signed payment account, any **new** payment account you create that requires signing will be self-signed as long as it uses the **exact same name** as your previously signed account. The payment account can be of a different type (e.g. a signed SEPA account can self-sign a SEPA Instant account), but a payment account created with a name that is even slightly different will not be self-signed.

Payment account types that don't require your full name cannot be self-signed (e.g. Revolut, which only requires an email address) and they cannot self-sign other payment accounts.

Self-signed accounts are immediately signed, but limits are not immediately lifted. This is because they have an age of 0 days, so 30 days must pass for the 3 XMR limit to be lifted, and another 30 days must pass for full trading ability to take effect (see tables above).

## Backing up and restoring payment accounts

Once your payment accounts have accrued age and been signed, you won't want to give them up. With [proper backups](../haveno-ui/backup_and_restore.md), you won't have to—payment accounts can be restored if you ever have to remove/reinstall Haveno, move to another machine, etc.
Loading