Russian-American ballerina Ksenia Karelina has pleaded guilty to treason charges after she was arrested for donating money to a charity supporting Ukraine.
Russian prosecutors are seeking a 15-year sentence after the security services accused Ms Karelina of collecting money that was used to purchase tactical supplies for the Ukrainian army.
She was detained by authorities in Yekaterinburg, about 1,600km (1,000 miles) east of Moscow after a family visit in February.
The sentence comes one week after Russia and the West carried out the largest prisoner exchange since the Cold War, where 24 people jailed in seven different countries were exchanged.
Ms Karelina’s lawyer said the prosecutors’ request for a 15-year sentence in a penal colony was too severe as the defendant had cooperated with the investigation.
Mikhail Mushailov also said it was “impossible” for Ms Karelina to have been included in the recent prisoner exchange, because an exchange can only happen once the court verdict comes into force.
Ok, can you please quote the exact part in those two sections that would allow to deanonymize the payer of a specific transaction?
I read both sections you mentioned, and 2.2.1 only seems to have one rare case where the merchant is a fake honeypot and the exchange is totally compromised, which clearly wouldn’t be the case in our scenario, where the merchant is in another country and the attacker doesn’t know either the merchant nor the customer in advance. And 2.2.3 talks about a hypothetical modification of GNU Taler, which would be incompatible with the version the merchant in another country is using (and anyways tries to deanonymize the merchant and not the customer), and again afaik wouldn’t work retroactively Edit: would need to be done while transaction is in process, and aims to catch a merchant that forced someone to pay anonymously in a ransom case or so (meaning the payer is already known or at least suspected). And this would also be massively disruptive to all other customers of the same exchange.
Compromise of the Master Key If the master key was compromised, an attacker could de-anonymize customers by announcing different sets of denomination keys to each of them. If the exchange was audited, this would be detected quickly, as these denominations will not be signed by auditors.
This is not possible retroactively, and any exchange doing that would be quickly detected and not accepted by the merchant which is not under control of the government because they are based in another country. Edit: Basically for this to work, the exchange, the auditor and the merchant would need to be under full control of the hostile government and the system actively compromised before the transaction takes place.
We disagree on the primitives of the architecture clearly. To my (self stylized) reasonable opinion the primitives are such that I cannot recommend Taler to anyone where their spending puts their Life or Liberty at risk, such as the good Ballerina in this sad story.