Update per Dans' Comments

applications/token_app.go

@@ -16,6 +16,7 @@ type TokenApplication struct {
 
 // HasTokensCapability is granted once the client has obtained signed tokens
 const HasTokensCapability = tapir.Capability("HasTokensCapability")
+const numTokens = 10
 
 // NewInstance should always return a new instantiation of the application.
 func (tokenapp *TokenApplication) NewInstance() tapir.Application {
@@ -29,7 +30,7 @@ func (tokenapp *TokenApplication) Init(connection tapir.Connection) {
 	tokenapp.Transcript().NewProtocol("token-app")
 	log.Debugf(tokenapp.Transcript().OutputTranscriptToAudit())
 	if connection.IsOutbound() {
-		tokens, blinded := privacypass.GenerateBlindedTokenBatch(10)
+		tokens, blinded := privacypass.GenerateBlindedTokenBatch(numTokens)
 		data, _ := json.Marshal(blinded)
 		connection.Send(data)
 		var signedBatch privacypass.SignedBatchWithProof
@@ -47,15 +48,17 @@ func (tokenapp *TokenApplication) Init(connection tapir.Connection) {
 			// If the connection closes without the HasTokensCapability then the error can be handled by whatever client needs it
 			log.Debugf("Failed to verify signed token batch")
 		}
-	} else {
+		return
-		var blinded []privacypass.BlindedToken
+	}
-		err := json.Unmarshal(connection.Expect(), &blinded)
+
-		if err == nil {
+	// We are the server
-			batchProof := tokenapp.TokenService.SignBlindedTokenBatch(blinded, tokenapp.Transcript())
+	var blinded []privacypass.BlindedToken
-			log.Debugf(tokenapp.Transcript().OutputTranscriptToAudit())
+	err := json.Unmarshal(connection.Expect(), &blinded)
-			data, _ := json.Marshal(batchProof)
+	if err == nil {
-			connection.Send(data)
+		batchProof := tokenapp.TokenService.SignBlindedTokenBatch(blinded, tokenapp.Transcript())
-			return
+		log.Debugf(tokenapp.Transcript().OutputTranscriptToAudit())
-		}
+		data, _ := json.Marshal(batchProof)
+		connection.Send(data)
+		return
 	}
 }