index_2.1.3.html

<html>

<head>

<title>openmoney software specification</title>

<link rel="stylesheet" type="text/css" href="css/openmoney.css">

</head>

<body>

<h1>openmoney software specification</h1>

<h3>Introduction</h3>

<p>The term <em>openmoney</em> refers to any software supporting <a href="#open_money"><em>open money</em></a>. The following is a minimal specification of the way in which any such software should operate.</p>

<p>The <em>openmoney</em> component is not intended to be complete and self-contained. Metasystemic components, whether technological, social or organizational, are required for any such tools to operate. Adaptive, resilient, co-evolving systems necessarily involve layers and appropriate extensions, with structure reviewed continually. The <em>openmoney</em> component is intended only to provide a recursively-nested ledger structure for REA accounting upon which much richer structures can be built.</p>

<br />

<hr />

<h3>Terms used</h3>

<p>
  The following terms are used in the context of <a href="#open_money"><em>open money</em></a>:
</p>
<ul>
  <li>
    <h4 id="terms_name">name</h4>
    <p>
      A string of characters uniquely identifying an <em>entity</em> (a <a href="#terms_user_identity">user identity</a>, a <a href="#terms_currency">currency</a>, an <a href="#terms_account">account</a> or a <a href="#terms_namespace">namespace</a>).
    </p>
  </li>
  <li>
    <h4 id="terms_namespace">namespace</h4>
    <p>
      An <em>entity</em> enclosing/containing <a href="#terms_name">names</a> of <em>entities</em>, including other <a href="#terms_namespace">namespaces</a>.
    </p>
    <p>
      A <a href="#terms_namespace">namespace</a> enclosing another <a href="#terms_namespace">namespace</a> is referred to as the <em>parent</em> of the latter, and the latter is referred to as a <em>child</em> of the former. The nesting of <a href="#terms_namespace">namespaces</a> leads naturally to the extension of these terms in both directions: <em>grandparents</em>, <em>great-grandparents</em>, etc. (<em>ancestors</em> collectively) and <em>grandchildren</em>, <em>great-grandchildren</em>, etc. (<em>descendants</em> collectively).
      </e>
    </p>
    <p>
      Every <a href="#terms_name">name</a> is unique within the <a href="#terms_namespace">namespace</a> containing it but the same <a href="#terms_name">name</a> may appear in any number of other <a href="#terms_namespace">namespaces</a>.
    </p>
    <p>
      In general there is no relationship between entities identified by the same <a href="#terms_name">name</a> enclosed within different <a href="#terms_namespace">namespaces</a>. The one exception is that a <a href="#terms_secondary_identity">secondary identity</a> enclosed within one <a href="#terms_namespace">namespace</a>    <u>may</u> optionally have the same <a href="terms_name">name</a> as the associated <a href="#terms_primary_identity">primary identity</a> enclosed within a different <a href="#terms_namespace">namespace</a>.
    </p>
  </li>
  <li>
    <h4 id="terms_user">user</h4>
    <p>
      A <a href="#terms_user">user</a> is an <em>entity</em> holding/owning one or more <a href="#terms_account">accounts</a>.
    </p>
    <p>
      A <a href="#terms_user">user</a> may be a person, an organization or a machine/device.
    </p>
    <p>
      Every <a href="#terms_user">user</a> has a unique <a href="#terms_primary_identity">primary identity</a> defined within a <a href="#terms_namespace">namespace</a>, and that <a href="#terms_namespace">namespace</a> is referred to as a <a href="#terms_registry">registry</a> in that context.
    </p>
    <p>
      Every <a href="#terms_user">user</a> <u>may</u> have one or more <a href="#terms_secondary_identity">secondary identities</a>, each contained within a different <a href="#terms_namespace">namespace</a> with the permission of that <a href="#terms_namespace">namespace</a>'s <a href="#terms_steward">steward</a>(s).
    </p>
  </li>
  <li>
    <h4 id="terms_primary_identity">primary identity</h4>
    <p>
      A <a href="#terms_user">user</a>'s <a href="#terms_primary_identity">primary identity</a> provides access to the <em>open money</em> <a href="#terms_instance">instance</a> by defining a unique identity associated with a real world <em>entity</em> along with everything used to authenticate that association.
    </p>
  </li>
  <li>
    <h4 id="terms_secondary_identity">secondary identity</h4>
    <p>
      A <a href="#terms_user">user</a>'s <a href="#terms_secondary_identity">secondary identity</a> relies upon the assocated <a href="#terms_primary_identity">primary identity</a> to provide access to the <em>open money</em> <a href="#terms_instance">instance</a>.
    </p>
    <p>
      However, the <a href="#terms_account">accounts</a> held/owned by any <a href="#terms_secondary_identity">secondary identity</a> are distinct from those held/owned by the associated <a href="#terms_primary_identity">primary identity</a> and from those held/owned by any other <a href="#terms_secondary_identity">secondary identity</a> associated with it.
    </p>
  </li>
  <li>
    <h4 id="terms_account">account</h4>
    <p>
      An <a href="#terms_account">account</a> is a <em>variable</em> associated with (and its characteristics defined by) a <a href="#terms_currency">currency</a> with the permission of that <a href="#terms_currency">currency</a>'s <a href="#terms_steward">steward</a>(s).
    </p>
    <p>
      An <a href="#terms_account">account</a> is owned/held by either a <a href="#terms_primary_identity">primary identity</a> or a <a href="#terms_secondary_identity">secondary identity</a>.
    </p>
  </li>
  <li>
    <h4 id="terms_currency">currency</h4>
    <p>
      A <a href="#terms_currency">currency</a> is a <em>variable type</em> with which at least two <a href="#terms_accounts">accounts</a> are associated. Within the context of <em>open money</em>, these accounts always sum to zero. (Within the extended context of <em>open measures</em>, that restriction does not apply. However, that is beyond the scope of this section.)
    </p>
  </li>
  <li>
    <h4 id="terms_instance">instance</h4>
    <p>
      An <a href="#terms_instance">instance</a> of <em>open money</em> is a distinct <em>tree</em> of <a href="#terms_namespace">namespaces</a>.
    </p>
  </li>
  <li>
    <h4 id="terms_registry">registry</h4>
    <p>
      A <a href="#terms_registry">registry</a> is <u>any</u> <a href="#terms_namespace">namespace</a> in which <a href="#terms_primary_identity">primary identies</a> are defined.
    </p>
    <p>
      Upon logging into any <em>open money</em> <a href="#terms_instance">instance</a> using its <a href="#terms_primary_identity">primary identy</a>, that <a href="#terms_registry">registry</a> is the <a href="#terms_namespace">namespace</a> in which that <em>user</em> starts.
    </p>
    <p>
      Upon logging into any <em>open money</em> <a href="#terms_instance">instance</a> using any <a href="#terms_seconary_identity">seconary identy</a>, the <em>user</em> lands in the <a href="#terms_namespace">namespace</a> enclosing that <a href="#terms_secondary_identity">secondary identity</a>.
    </p>
    <p>
      In either case, the complete <em>user</em>.<a href="#terms_namespace">namespace</a> string is necessary to identify the <em>user</em> identity required.
    </p>
  </li>
</ul>

<p>
  The following sections provide more detailed descriptions.
</p>

<hr />

<p>
  <u>Note</u>: <em>There is no obvious natural sequence in which the terms in this section can be defined. Most terms refer forward or backward to other terms within the section.</em>
</p>

<h3 name="#user">users</h3>

<p>
  <u>Pronouns</u>: Since a <em><a href="#user">user</a></em> may be a person or an organization, or possibly a machine, the gender-neutral <em>it</em> and <em>its</em> are used below.
</p>

<h4 id="registry">registry</h4>
<ul>
  <li>
    <p>
      A <em><a href="#registry">registry</a></em> is a <em><a href="#namespace">namespace</a></em> within an instance of any <em>openmoney</em>-compliant software with/in which a <em><a href="#user">user</a></em>'s <em>primary identity</em> can be registered.
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#namespace">namespace</a></em> enclosing all <em><a href="#namespace">namespaces</a></em> associated directly with <em><a href="#user">users</a></em> having <em><a href="#primary_identity">primary identities</a></em> registered in that <em><a href="#registry">registry</a></em> is its <em>registry namespace</em>.
    </p>
  </li>
  <li>
    <p>
      A registered <em><a href="#user">user</a></em> of any <em>openmoney</em> software can be any person or organization of persons that <u>recognizes</u> and <u>accepts responsibility</u> for:
      <ul>
        <li>
          <u>accounting of events</u>
        </li>
        <li>
          <u>fulfilment of promises</u> (commitments)
        </li>
      </ul>
    </p>
    <p>
      To use <em><a href="#open_money">open money</a></em> is to mind your own business.
    </p>
  </li>
  <li>
    <p>
      Typically, an <em>agent</em> (a person, organization, business or even a device) may be invited to become a <a href="#user">user</a> of a particular <a href="#currency">currency</a> by one of its <a href="#steward">steward</a>.
    </p>
    <p>
      This invitation is likely to come in the form of a QR code, bar code or something with equivalent capacity to carry the information necessary to ensure that the new registrant is taken directly to the correct <a href="namespace">namespace</a> before being invited to enter its choice of unique identification and contact information such as:<ul>
        <li>
          username
        </li>
        <li>
          password | key
        </li>
        <li>
          email address (optional: for password recovery or event notification)
        </li>
        <li>
          mobile telephone number (optional: for password recovery or event notification)
        </li>
      </ul>
    </p>
    <p>
      In general, <a href="#namespace">namespaces</a> and <a href="#currency">currencies</a> will not be exposed for accidental discovery. The overwhelming majority will be of no use or interest to any particular <em>agent</em>, and it is extremely important not to overwhelm it with irrelevant and confusing information. The useful information will be exosed gradually as it becomes relevant, by introduction/invitation rather than by discovery.
    </p>
  </li>
</ul>




<h4 id="primary_identity">primary identity</h4>
<ul>
  <li>
    <p id="username">
      Every <em><a href="#user">user</a></em> is identified in a <a href="#registry">registry</a> by an immutable <em>username</em> and a public key [<a href="reference_prototype">*</a>] (which can be updated subsequently) [see footnote on <a href="#key-pair-generation">key-pair generation</a>].
    </p>
  </li>
  <li>
    <p>
      A <a href="#user">user</a>'s <em>primary identity</em> is that recorded uniquely in a <a href="#registry">registry</a> (<em><a href="#namespace">namespace</a></em>).
    </p>
  </li>
  <li>
    <p>
      When a <em><a href="#user">user</a></em> registers, it is given a private <em><a href="#namespace">namespace</a></em>, identified by <em><a href="#username">username</a></em>, within the same <em><a href="#registry">registry</a></em> <em><a href="#namespace">namespace</a></em>. [See <a href="#current_root_namespace_limitation">footnote</a>].
    </p>
  </li>
  <li>
    <p>
      When registering, a <em><a href="#user">user</a></em> may optionally provide an email address and choose its notification settings (which can be updated subsequently).
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#user">user</a></em> uses its <em><a href="#username">username</a></em> and private key to authenticate. The private key used to sign an authorization request which is then sent to the API along with either the <em><a href="#username">username</a></em> or a registered <em><a href="#secondary_identity">alias</a> (<em><a href="#secondary_identity">secondary identity</a></em>)</em> associated with a particular <em><a href="#namespace">namespace</a></em> (in the format "<em>name</em>@<em>namepace</em>" or a suitable equivalent in another alphabet [see note 9]).
    </p>
  </li>
</ul>

<h4 id="secondary_identity">secondary identity</h4>
<ul>
  <li>
    <p>
      Once registered, a <em><a href="#user">user</a></em> may join any number of <em><a href="#namespace">namespaces</a></em> (subject to the permission of those <em><a href="#namespace">namespace</a></em>s' <em><a href="#steward">stewards</a></em>) under any <em>name</em> (<em><a href="#secondary_identity">secondary identity</a></em>) not already in use within that <em><a href="#namespace">namespace</a></em>. Such <a href="#secondary_identity">secondary identities</a> all point back to the <em><a href="#user">user</a></em>'s unique <a href="#primary_identity">primary identity</a> within the same <em><a href="#registry_namespace">registry namespace</a></em>.
    </p>
  </li>
  <!--
  <li>
    <p>
      A <em><a href="#user">user</a></em> may also have any number of <a href="#secondary_identity">secondary identities</a></em> in any permitted/accessible <em><a href="#namespace">namespace</a></em> lying within different <em>registry namespaces</em> if the implementation allows for <em><a href="#inter-registry-authentication">inter-registry authentication</a></em>.
    </p>
  </li>
-->
</ul>

<h4 id="user_authentication">user authentication</h4>
<ul>
  <li>
    <p>
      Once registered, a <em><a href="#user">user</a></em> may identify itself using <u>either</u> its unique <em><a href="#primary_identity">primary identity</a></em> <u>or</u> any of its <em><a href="#secondary_identity">secondary identities</a></em>, in either case using its full <em><a href="#namespace">namespace</a></em> path, e.g.<ul>
        <li>
          henry.crun.goons.radio.bbc
        </li>
        <li>
          henry_crun.goons.radio.bbc
        </li>
      </ul>
      either of which might be the <em><a href="#primary_identity">primary identity</a></em>.
    </p>
    <p>
      In the example above, the user identity <em>henry</em> exists in the <em><a href="#namespace">namespace</a></em> <em>crun.goons.radio.bbc</em> whereas the user <em>henry_crun</em> exists in the <em><a href="#namespace">namespace</a></em> <em>goons.radio.bbc</em>.
    </p>
    <p>
      A "." always represents the nesting of one <em><a href="#namespace">namespace</a></em> within another.
    </p>
  </li>
</ul>

<h4 id="steward">stewards</h4>
<ul>
  <li>
    <p>
      A <em><a href="#user">user</a></em> with responsibility for a <em><a href="#namespace">namespace</a></em> is referred to as a <em><a href="#steward">steward</a></em> <u>of</u> that <em><a href="#namespace">namespace</a></em> or, alternatively, as a <em>governor</em> or <em>governing steward</em> of that <em><a href="#namespace">namespace</a></em>.
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#user">user</a></em> with responsibility for a <em><a href="#currency">currency</a></em> is referred to as a <em><a href="#steward">steward</a></em> <u>of</u> that <em><a href="#currency">currency</a></em> or, alternatively, as a <em>governor</em> or <em>governing steward</em> of that <em><a href="#currency">currency</a>
      </em>.
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#user">user</a></em> with responsibility for an <em><a href="#account">account</a></em> is referred to as a <em><a href="#steward">steward</a></em> or, alternatively, as a <em>governor</em> or <em>governing steward</em> of that <em><a href="#account">account</a></em>.
    </p>
    <p>
      The <em><a href="#steward">steward</a></em> of a <em><a href="#namespace">namespaces</a></em> has unconditional privileges over that <em><a href="#namespace">namespace</a></em> and any <em><a href="#namespace">namespaces</a></em>, <em><a href="#currency">currencies</a></em>, <em><a href="#account">accounts</a></em> and <em><a href="#user">users</a></em> within it.
    </p>
    <p>
      Within a <em>(parent) namespace</em> a <em><a href="#user">user</a></em> is authorized only to create <em>names</em> (<em><a href="#namespace">namespaces</a></em>, <em><a href="#currency">currencies</a></em> and <em><a href="#account">accounts</a></em>), of which it is the <em><a href="#steward">steward</a></em>, and these persist only as long as authorized by the <em><a href="#steward">stewards</a></em> (<em><a href="#governors">governors</a></em>) of the <em>(parent) <a href="#namespace">namespace</a></em>.
    </p>
  </li>
</ul>

<h3 id="namespace">namespaces</h3>

<h4>namespaces enclosed entirely within one registry namespace</h4>
<p>
  This section refers only to <em><a href="#namespace">namespaces</a></em> enclosed within the same <em>registry namespace</em>.
</p>
<ul>
  <li>
    <p>
      Every <em><a href="#namespace">namespace</a></em> is managed (controlled) by a set of one or more <em><a href="#steward">steward</a></em>(s).
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#namespace">namespace</a></em> is an enclosure.
    </p>
  </li>
  <li>
    <p>
      Every <em><a href="#namespace">namespace</a></em> can enclose other <em><a href="#namespace">namespaces</a></em>.
    </p>
  </li>
  <li>
    <p>
      Every <em><a href="#namespace">namespace</a></em> can also enclose a set of <em><a href="#currency">currencies</a></em> or <em><a href="#account">accounts</a></em> under the control of that <em><a href="#namespace">namespace</a></em>'s <em>governing stewards</em>(s) - i.e.
      <ul>
        <li>
          <em><a href="#currency">currency</a></em> parameters are declared by that/those <em>governing stewards</em>(s)
        </li>
        <li>
          access/usage terms are set by that/those <em>governing stewards</em>(s)
        </li>
      </ul>
    </p>
  </li>
  <li>
    <p>
      Each <em><a href="#namespace">namespace</a></em> is identified by a string divided into substrings (<em>namespace names</em>, in each case a lower case letter followed by a string of arbitrary length containing any combinatation of lower case letters, digits, "_" or "-") separated by the character ".". Therefore, with the exception of the <em>root namespace</em>, each <em><a href="#namespace">namespace</a></em> comprises at least two parts - <em>child.parent</em> - where the latter identified by its full ancestry "path" back to the <em>root namespace</em>) and is therefore globally unique [note 1]. For example, the following examples represent two different <em><a href="#namespace">namespaces</a></em>:<br />
      &nbsp;&nbsp;<em>berkshire.england.uk.europe</em><br />
      &nbsp;&nbsp;<em>berkshire.massachussets.usa.north.america</em><br />
      where both have the same <em>namespace name</em> at the start of the string but each has a different <em>parent namespace</em>.
    </p>
  </li>
  <li>
    <p>
      Every <em>governing steward</em> of a <em><a href="#namespace">namespace</a></em> is notified when any of its other <em><a href="#steward">stewards</a></em> creates a child <em><a href="#namespace">namespace</a></em>, <em><a href="#currency">currency</a></em> or <em><a href="#account">account</a></em> there.
    </p>
  </li>
  <li>
    <p>
      Every <em>governing steward</em> of a <em><a href="#namespace">namespace</a></em> has the ability to <u>enable</u> or <u>disable</u> any of its child <em><a href="#namespace">namespaces</a></em>, <em><a href="#currency">currencies</a></em> or <em><a href="#account">accounts</a></em>.
    </p>
  </li>
  <li>
    <p>
      Every <em><a href="#steward">steward</a></em> of a <em><a href="#namespace">namespace</a></em> has the ability to <u>close</u> child <em><a href="#namespace">namespaces</a></em>, <em><a href="#currency">currencies</a></em> or <em><a href="#account">accounts</a></em> in their <em><a href="#namespace">namespace</a></em> and then <u>create</u> their continuations (<em><a href="#namespace">namespaces</a></em>, <em><a href="#currency">currencies</a></em> or <em><a href="#account">accounts</a></em> having exactly the same properties and values) in another (accessible) <em><a href="#namespace">namespace</a></em>. This is, in effect, equivalent to moving these safely in a way which does not lead to confusing inconsistencies in the <em><a href="journal">journal</a></em> entries.
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#namespace">namespace</a></em> can be <u>public</u> or <u>private</u>:
      <ul>
        <li>
          When created, a child <em><a href="#namespace">namespace</a></em>, <em><a href="#currency">currency</a></em> or <em><a href="#account">account</a></em> of a <u>public</u> <em><a href="#namespace">namespace</a></em> is <u>disabled by default</u>.
        </li>
        <li>
          A child <em><a href="#namespace">namespace</a></em>, <em><a href="#currency">currency</a></em> or <em><a href="#account">account</a></em> of a <u>private</u> <em><a href="#namespace">namespace</a></em> is <u>disabled by default</u> and <u>cannot be enabled</u> until the <em>parent namespace</em> has been enabled.
        </li>
      </ul>
    </p>
  </li>
</ul>

<h4>extending namespaces beyond a single registry namespace</h4>
<ul>
  <li>
    <p>
      Any <em>registry namespace</em> can be enclosed within any <em>namepace</em> embedded within another <em>registry namespace</em>.
    </p>
    <p>
      For example, a <em><a href="#namespace">namespace</a></em> identified by the string <em>newtown.powys.wales</em> (where <em>wales</em> is the root <em><a href="#namespace">namespace</a></em> of the <em><a href="#registry">registry</a></em> in which it is defined) can be embedded into an existing namespace <em>uk.europe.earth</em> in a separate <em><a href="#registry">registry</a></em> (subject to the permission of the <em><a href="#steward">governing stewards</a></em> of that <em><a href="#registry">registry</a></em>, and only if the <em><a href="#terminal_namespace">enclosing namespace</a></em> identified by <em>wales</em> has not already been placed there from within a different <em><a href="#registry_namespace">registry namespace</a></em>). In this case, the <em><a href="#namespace">namespace</a></em> identified by <em>newtown.powys.wales</em> could now also be identified by the string <em>newtown.powys.wales.uk.europe.earth</em>.
    </p>
  </li>
</ul>

<h3 id="currency">currencies</h3>
<ul>
  <li>
    <p> A <em><a href="#currency">currency</a></em> has a <em>currency name</em>, a <em>parent namespace</em>, and a set of zero or more <em>governing stewards</em>.
    </p>
  </li>
  <li>
    <p>
      Every <em>governing steward</em> of a <em><a href="#currency">currency</a></em> is notified whenever any <em><a href="#steward">steward</a></em> creates an account that uses this <em><a href="#currency">currency</a></em>.
    </p>
  </li>
  <li>
    <p>
      Every <em>governing steward</em> of a <em><a href="#currency">currency</a></em> has the ability to enable or disable <em><a href="#account">accounts</a></em> used by this <em><a href="#currency">currency</a></em>.
    </p>
  </li>
  <li>
    <p>
      Every <em>governing steward</em> of a <em><a href="#currency">currency</a></em> gets a copy of all journal entries that use that <em><a href="#currency">currency</a></em>.
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#currency">currency</a></em> can be <em>public</em> or <em>private</em>:
      <ul>
        <li>
          an <em><a href="#account">account</a></em> created to use a <em><u>public</u> currency</em> is <u>enabled by default</u>.
        </li>
        <li>
          an <em><a href="#account">account</a></em> created to use a <em><u>private</u> currency</em> is <u>disabled by default</u>.
        </li>
      </ul>
    </li>
  </li>
</ul>

<h3 id="account">accounts</h3>
<ul>
  <li>
    <p>
      An <em><a href="#account">account</a></em> has an <em>account name</em>, an <em>account parent namespace</em>, a <em><a href="#currency">currency</a></em>, a <em>currency parent namespace</em> and a set of <em>governing stewards</em>.
    </p>
  </li>
  <li>
    <p>
      Account <em><a href="#steward">stewards</a></em> post <em>journal <u>entries</u></em> from one <em><a href="#account">account</a></em> to another <em><a href="#account">account</a></em> in the same <em><a href="#currency">currency</a></em>.
    </p>
  </li>
</ul>

<h3 id="journal">journals</h3>
<ul>
  <li>
    <p>A <em>journal entry</em> containing
      <ul>
        <li>a <em><u>to</u> account name</em></li>
        <li>a <em><u>to</u> account namespace</em></li>
        <li>a <em><u>from</u> account name</em></li>
        <li>a <em><u>from</u> account namespace</em></li>
        <li>a <em>currency name</em></li>
        <li>a <em>currency namespace</em></li>
        <li>an <em>amount</em></li>
      </ul>
      is sent from the client to the server.
    </p>
    <p>
      <u>If</u> the server is able to verify that the <em><a href="#namespace">namespaces</a></em>, <em><a href="#currency">currencies</a></em> and <em><a href="#account">accounts</a></em> specified in the <em>journal entry</em> are all enabled, <u>then</u>:
      <ul>
        <li>
          the <em>journal entry</em> is encrypted using the public keys belonging to the <em><u>to</u> account</em>'s <em><a href="#steward">steward</a></em>, the <em><u>from</u> account</em>'s <em><a href="#steward">steward</a></em> and <em><a href="#currency">currency</a></em>'s <em>governing steward</em>;
        </li>
        <li>
          the encrypted <em>journal entry</em> is stored on the server for their retrieval;
        </li>
        <li>
          the <em><a href="#steward">stewards</a></em> are notified (according to their configured preferences); and
        </li>
        <li>
          a <u>success response code</u> is returned to the client.
        </li>
      </ul>
      <u>otherwise</u>:
      <ul>
        <li>
          an <u>error response code</u> is returned to the client indicating where the point of failure lies (in most cases where an <em><a href="#account">accounts</a></em>, <em><a href="#currency">currency</a></em> or <em><a href="#namespace">namespaces</a></em> is disabled or nonexistent).
        </li>
      </ul>
    </p>
  </li>
  <li>
    <p>A <em>governing steward</em> of an <em><a href="#account">account</a></em> can request a list of all <em>journal entries</em> for transactions to or from that <em><a href="#account">account</a></em>.</p>
  </li>
  <li>
    <p>A <em>governing steward</em> of a <em><a href="#currency">currency</a></em> can request a list of all <em>journal entries</em> for transactions in that <em><a href="#currency">currency</a></em>.</p>
  </li>
  <li>
    <p>Any <em>governing steward</em> of a <em><a href="#currency">currency</a></em> has the ability to void a <em><a href="journal">journal</a></em> entry by posting a <em>reversing journal entry</em> on behalf of both parties.</p>
  </li>
</ul>

<br />

<hr />

<table border="0" cellpadding="5" cellspacing="2" width="100%">
  <tr align="left" valign="top">
    <td rowspan="3" class="blank" valign="bottom">
      <em>names</em> are reserved within a <em>parent namespace</em> for the four categories below:
    </td>
    <td class="col-label" colspan="4" align="center">
      class of <em><a href="#steward">steward</a></em> (as recognized within a particular <em><a href="#namespace">namespace</a></em>)
    </td>
        <!-- -->
        <!-- -->
        <!-- -->
  </tr>
  <tr valign="top" align="center">
    <!-- -->
    <td class="col-label">
      governing steward
    </td>
    <td class="col-label">
      permitted user of space
    </td>
    <td class="col-label">
      part user
    </td>
    <td class="col-label">
      audit user
    </td>
  </tr>
  <tr align="left" valign="top">
    <!-- -->
    <td class="row-notes">
      A <em><a href="#steward">steward</a></em> with governance privileges on this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td class="row-notes">
      A <em><a href="#steward">steward</a></em> with normal access rights granted conditionally by a <em>governance steward</em> of this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td class="row-notes">
      A <em><a href="#steward">steward</a></em> with restricted access rights granted conditionally by a <em>governance steward</em> of this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td class="row-notes">
      A <em><a href="#steward">steward</a></em> with monitoring/audit privileges granted conditionally by a <em>governance steward</em> of this <em><a href="#namespace">namespace</a></em>.
    </td>
  </tr>
  <!-- namespaces -->
  <tr align="left" valign="top">
    <td width="8%" class="row-label" rowspan="4">
      namespaces
    </td>
    <td width="23%">
      Set this <em><a href="#namespace">namespace</a></em> as <u>public</u>/<u>private</u>
    </td>
    <td width="23%">
      Create, own and govern <em><a href="#namespace">namespaces</a></em> within this <em><a href="#namespace">namespace</a></em> if authorized by a <em>governing steward</em>.
    </td>
    <td width="23%"></td>
    <td width="23%"></td>
  </tr>
  <tr align="left" valign="top">
    <!-- -->
    <td>
      Enable/disable transactions in this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td></td>
    <td></td>
    <td></td>
  </tr>
  <tr align="left" valign="top">
    <!-- -->
    <td>
      Admit/deny applications by other <em><a href="#steward">stewards</a></em> to create new <em><a href="#namespace">namespaces</a></em> within this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td></td>
    <td></td>
    <td></td>
  </tr>
  <tr align="left" valign="top">
    <!-- -->
    <td>
      Enable, disable or delete <em><a href="#steward">stewards</a></em> in this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td></td>
    <td></td>
    <td></td>
  </tr>
  <!-- currencies -->
  <tr align="left" valign="top">
    <td class="row-label" rowspan="4">
      currencies
    </td>
    <td>
      Set <em><a href="#currency">currencies</a></em> within this <em><a href="#namespace">namespace</a></em> as <u>public</u>/<u>private</u>.
    </td>
    <td>
      Create, own and govern <em><a href="#currency">currencies</a></em> within this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td></td>
    <td></td>
  </tr>
  <tr align="left" valign="top">
    <!-- -->
    <td>
      Enable/disable transactions using this <em><a href="#currency">currency</a></em>.
    </td>
    <td></td>
    <td></td>
    <td></td>
  </tr>
  <tr align="left" valign="top">
    <!-- -->
    <td>
      Admit/deny applications by other <em><a href="#steward">stewards</a></em> to create <em><a href="#currency">currencies</a></em> within this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td></td>
    <td></td>
    <td></td>
  </tr>
  <tr align="left" valign="top">
    <!-- -->
    <td>Enable, suspend or delete <em><a href="#user">users</a></em> of <em><a href="#currency">currencies</a></em> <em><a href="#namespace">namespace</a></em>.</td>
    <td></td>
    <td></td>
    <td></td>
  </tr>
  <!-- accounts -->
  <tr align="left" valign="top">
    <td class="row-label">
      accounts
    </td>
    <td>
      Admit/deny applications by other <em><a href="#steward">stewards</a></em> to create <em><a href="#account">accounts</a></em> within this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td>
      Create, own and govern <em><a href="#account">accounts</a></em> within this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td>
      Read <em>specified account</em> in this <em><a href="#namespace">namespace</a></em>.<br />
      Write to <em>specified account</em> in this <em><a href="#namespace">namespace</a></em>.
    </td>
    <td>
      Read <em>specified account</em> in this <em><a href="#namespace">namespace</a></em>.
    </td>
  </tr>
  <!-- -->
  <tr align="left" valign="top">
    <td class="row-label">
      (name:currency) pairs
    </td>
    <td>
      Enable, suspend or delete <em><a href="#user">users</a></em> of <em><a href="#currency">currencies</a></em> <em><a href="#namespace">namespace</a></em>.
    </td>
    <td></td>
    <td></td>
    <td></td>
  </tr>
</table>

<p>
  <strong>More on terminology</strong>
</p>

<p>
  The following terms are used below:
  <ul>
    <li>
      <p>
        The term <em>named object</em> below refers to any <em><a href="#namespace">namespace</a></em>, <em><a href="#user">user</a></em>, <em><a href="#currency">currency</a></em> or <em><a href="#account">account</a></em>.
      </p>
    </li>
    <li>
      <p>
        The term <em>parent</em> refers to the <em><a href="#namespace">namespace</a></em> in which any <em>named object</em> exists.
      </p>
    </li>
    <li>
      <p>
        The term <em>child namespace</em> refers and a <em><a href="#namespace">namespace</a></em> contained within another (the <em>parent namespace</em>).
      </p>
    </li>
    <li>
      <p>
        The term <em>grandparent parent</em> refers to the <em><a href="#namespace">namespace</a></em> in which the <em>parent</em> of any <em>named object</em> exists.
      </p>
    </li>
    <li>
      <p>
        The term <em>ancestor</em> refers to any level of nesting from <em>parent</em> upwards.
      </p>
    </li>
    <li>
      <p>
        The term <em>descendant</em> refers to any level of nesting from <em>child</em> downwards.
      </p>
    </li>
  </ul>
</p>

<p>
  <strong>Configuration options</strong>
</p>

<p>
  The following options are configured at the time of the initial setup according to policy:
  <ul>
    <li>
      <p>
        Allow a <em><a href="#steward">steward</a></em> of a <em><a href="#namespace">namespace</a></em> at any <em>ancestor level</em> than parent to move any <em>named object</em>.</p><p>Disabled by default.
      </p>
    </li>
    <li>
      <p>
        Allow a <em><a href="#steward">steward</a></em> of a <em><a href="#namespace">namespace</a></em> at any <em>ancestor level</em> greater than parent to suspend or delete or (where enabled) move any named object.</p><p>Disabled by default.
      </p>
    </li>
  </ul>
</p>

<p style="clear:both"></p>

<p>
  <strong>relationships between named objects</strong>
</p>

<img src="img/nesting_3_levels_4g.png" class="align-left-middle" width="1050" />

<p style="clear:both"></p>

<p>
  <strong>recursive nesting of namespaces</strong>
</p>

<p>
  The following diagram illustrates the recursive <em><a href="#namespace">namespace</a></em> structure.
</p>

<img src="img/nesting_4a.png" class="align-left-middle" width="600" />

<p>
  Here the <em><a href="#namespace">namespaces</a></em> are labelled (untypically) in way convenient for identifying the depth of nesting from a <em>root namespace</em>.
</p>

<p>
  At the top is a set of <em>root namspaces</em> (labelled "a1", "a2" ...).
</p>

<p>
  Nested within these <em><a href="#namespace">namespaces</a></em> are more <em><a href="#namespace">namespaces</a></em> (labelled "b1.a1", "b2.a1", ... , "b3.a3", ...).
</p>

<p>
  And so on.
</p>

<p>
  This can be represented more compactly as a tree ...
</p>

<img src="img/nesting_4a_as_tree.png" class="align-left-middle" width="400" />

<p style="clear:both"></p>

<p>
  ... making it easier to visualize the recursive nesting of <em>registry namespaces</em>.
</p>

<img src="img/nesting_trees_1a.png" class="align-left-middle" width="600" />

<p>
  The coloured regions represent <em>registry namespaces</em>, which are equivalent to installations (not necessary implemented using the same technology, the only requirement being that they all conform to this very inclusive specification).
</p>

<p>
  The recursively-nested structure mirrors that of the <a href="https://vsmg.lrc.org.uk">VSM</a>. This is a natural design choice given that the REA system embodied is intended to support the <u>viability</u> of human-supporting systems.
</p>

<p>
  <u>Note</u>: This approach to federation (across possibly very different implementations) requires little if any special provision. The mapping of a <a href="#primary_identity">primary user identity</a> in one <a href="#registry">registry</a> to a <a href="#secondary_identity">secondary user identy</a> can be achieved by extending the API (possibly with a single additional endpoint) to enable the mapping data to be transferred from one instance to another. Oauth2 may suffice for authentication across instances, although additional levels of security may be embodied in a simple supplementary protocol.
</p>

<p>
  However, within the scope of a particular <a href="#registry_namespace">registry namespace</a> (which is equivalent to a specific instance/installation), some of the many metasystemic tools can be integrated in a way that federated/clustered sets will not.
</p>

<p style="clear:both"></p>

<p style="clear:both"></p>

<p style="clear:both"></p>


<hr />

<h3>notes</h3>

<ol>

  <li>
    <h4 id="open_money">open money</h4>

    <p>The term <em>open money</em> (two words, lower case) is an aspect of free speech - it is a context (see <a href="https://sites.google.com/site/economicgroups/neweconomy">REA</a>), and <em>open money</em> can be called <u>free</u> money (as in <em>free speech</em>, not as in free beer/lunch/load/ride).</p>

    <p>The term <em>openmoney</em> (one word, lower case) refers to <u>any</u> software able to support the requirements of an <em>open money</em> implementation, operating in accordance with the principles and intellectual properties of the <a href="http://letsystem.org/">LETSystem Trust</a>.</p>

    <p>For background information and history, see the <a href="https://openmoney.github.io/openmoney-links/">collected links</a> page.</p>

    <p>NB, <em>open money</em> is a special case of a broader concept: <em>open metrics</em>. The specification above generally applies to <em>open metrics</em> implementations as well.</p>


  </li>

  <li>
    <h4>wider applicatiions</h4>

    <p><u>Note</u>: Although originally designed to support user-centred ledger systems (LETSystem model), a sufficiently secure implementation of software conforming to this specification could be be used as the ledger system underpinning <u>any ledger-based</u> service, including mutual credit services (such as <em>LETSystems</em>), loan-providing services (such as credit unions and CDFIs), energy-accounting systems, time banks or any other conceivable system recording events associated with resources and agents.</p>
  </li>

  <li>
    <h4 id="key-pair-generation">key-pair generation</h4>
    <p>
      The <em>openmoney</em> client implementation may make provision for the <em><a href="#user">user</a></em>'s public and private key to be generated deterministically using its <em>name</em> and password.
    </p>
  </li>

  <li>
    <h4 id="implementation">implementation</h4>

    <p>
      At the time of the most recent update (see date below), the <a href="https://github.com/openmoney/specification4/blob/master/API_specifications/Swagger_v2.0/swagger.yaml">original Swagger 2.0 API definition</a> is being updated and extended to create an OpenAPI 3.0 API definition. That will then be used to create a new set of consistent client and server stubs.
    </p>

    <p>
      * In the current <a href="https://github.com/openmoney/current-implementation/">test/development implementation</a> the <em><a href="#user">user</a></em> logs in using a password instead.
    </p>

  </li>

  <li>
    <h4 id="inter-registry-authentication">inter-registry authentication</h4>

    <p>
      The specification remains to be extended to support this.
    </p>
  </li>

  <li>
    <h4 id="reference_prototype">reference prototypes</h4>

    <p>
      A reference prototype (<em>NESTS</em>) is currently under development, and discoveries made through this are gradually contributing to extensions to this specification.
    </p>
    <p>
      A minimal <a href="https://github.com/openmoney/current-implementation/">testing/demonstration implementation</a> to illustrate and explore core principles was written by <a href="https://github.com/deefactorial/">Dominique Legault</a>, who also wrote the <a href="https://paper.dropbox.com/doc/openmoney-specifications--A2ueQsb5n1iIn0oDC6yCjCFjAg-ZCwb9XOtbLSwZxrlnb5tR">original draft</a> of this specification in collaboration with Michael Linton.
    </p>
    <p>
      <u>Terminology</u>: Since every <em><a href="#user">user</a></em> of any <em>openmoney</em> software has the potentiality to be a <em><a href="#steward">steward</a></em>, no distinction was made between these terms in earlier versions of this document. For the same reasons, the <a href="https://github.com/openmoney/current-implementation/">testing/demonstration implementation</a> of the software treats all users with a login accounts as <em><a href="#steward">stewards</a></em>.
    </p>
  </li>

  <li>
    <h4 id="current_root_namespace_limitation">current root namespace limitation</h4>
    <p>
      (In the <a href="https://github.com/openmoney/current-implementation/">current demonstration/test implementation</a>, the only <em>root namespace</em> available is fixed as "cc" so every <em><a href="#user">user</a></em> is given the <em><a href="#namespace">namespace</a></em> "<em>username.cc</em>" upon registration.)
    </p>
  </li>

  <li>
    <h4>collision-resistant names</h4>

    <p>From <a href="https://tools.ietf.org/html/rfc7519">https://tools.ietf.org/html/rfc7519</a>:

    <p>
      A name in a namespace that enables names to be allocated in a manner such that they are highly unlikely to collide with other names.  Examples of collision-resistant namespaces include: Domain Names, Object Identifiers (OIDs) as defined in the ITU-T X.660 and X.670 Recommendation series, and Universally Unique IDentifiers (UUIDs) [RFC4122].  When using an administratively delegated namespace, the definer of a name needs to take reasonable precautions to ensure they are in control of the portion of the namespace they use to define the name.
    </p>
  </li>

  <li>
    <h4>Internationalization</h4>

    <p>
      Although the descriptions above use unaccented Latin characters, names should ultimately be expressible using any character set. For the this reason, the <em>NESTS</em> prototype currently under development allows namespaces to be constructed from UTF8 strings, and allow any suitable UTF8 character be be configured as the namespace separator, and it seems reasonable to assume that any implementation will take a similar approach.
    </p>
  </li>
</ol>

<hr />

<p class="footnote">Version 2.1.3 [<a href="index_2.1.2.html">Previous numbered version</a>]</p>

<p class="footnote"><strong>Changes</strong></p>

<ol>
  <li>
    <p>
      <em>Note 9</em> above (on internationalization) was added in version 2.1.1 and expanded in version 2.1.2.
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#registry">registry</a></em> can exist in any namespace. This was not clear in the <a href="index_2.0.53.html">previous version</a>.
    </p>
  </li>
  <li>
    <p>
      A <em><a href="#user">user</a></em> may be identified by either its <em><a href="#primary_identity">primary identity</a></em> or any of its <em><a href="#secondary_identity">secondary identities</a></em>, in both cases by full <em><a href="#namespace">namespace</a></em> <em>path</em>. This was also not clear in the <a href="index_2.0.53.html">previous version</a>.
    </p>
  </li>
  <li>
    <p>
      The <a href="#registry">registry</a> section near the top of this page has been expanded to clarify the way in which <a href="#user">users</a> will grow their/the networks.
    </p>
  </li>
  <l>
    <p>
      The section on <em>terms used</em> at the beginning was added in version 2.1.3.
    </p>
  </l>
</ol>

<hr />
<p class="footnote">
  This document has been gradually expanded (in various stages between 2020-06-28 and 2021-04-12 by <a href="https://github.com/jethro-swan/">John Waters</a>) from <a href="https://paper.dropbox.com/doc/openmoney-specifications--A2ueQsb5n1iIn0oDC6yCjCFjAg-ZCwb9XOtbLSwZxrlnb5tR">the earlier specification</a> (written by Dominique Legault and Michael Linton) in order to incorporate additional notes, annotations, etc., and to clarify the precise mean of, and relationships between, the various <em>named entities</em>.
</p>
<hr />

<p class="footnote">
  [The <a href="https://github.com/openmoney/specification/index_2.1.0.html">source</a> for this page.]
</p>

<br />

<div class="footbar">

<a rel="license" href="http://creativecommons.org/licenses/by-nd/4.0/"><img alt="Creative Commons Licence" style="border-width:0" src="https://i.creativecommons.org/l/by-nd/4.0/80x15.png" /></a><br />This work is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nd/4.0/">Creative Commons Attribution-NoDerivatives 4.0 International License</a>.

<!--
<a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/"><img alt="Creative Commons Licence" style="border-width:0" src="https://i.creativecommons.org/l/by-sa/4.0/88x31.png" /></a><br />This work is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/">Creative Commons Attribution-ShareAlike 4.0 International License</a>.
</div>
-->

</body>

</html>