search

License file format (v1)

Offline verification contract for CLOB Forge .lic files shipped with purchases.

hashtag
Purpose

Each purchase includes a JSON license file (.lic) with an Ed25519 signature. Bots and operator tooling should fail closed when verification does not pass. Do not trade live on an invalid license.

hashtag
Payload shape (v = 1)

Field
Type
Notes

v

number

Must be 1 until a newer spec is published.

licensePublicId

string

Opaque id; matches support and fulfillment records.

productSlug

string

Must match the product you installed (e.g. scalp-5m-shell).

productName

string

Display name at issue time.

issuedAt

string

ISO-8601 timestamp.

purchaseRef

string

Provider reference (for example Stripe session id, MoonPay transaction id, or Helio pay event id).

provider

"stripe" | "moonpay" | "helio"

Checkout provider (Helio is used for MoonPay Commerce pay links in the storefront).

entitlements

string[]

Resource keys such as kit:<slug> and product:<slug>.

keyId

string

Signing key identifier (server keyring).

signature

string

Base64 Ed25519 signature (see below).

hashtag
Canonical string

The server signs UTF-8 bytes of a single line, not raw JSON:

Where sortedEntitlementsCsv is entitlement strings sorted lexicographically and joined with commas (,), with no spaces.

hashtag
Verification (bot-side)

  1. Parse JSON; reject if v !== 1.

  2. Rebuild the canonical string from all fields except signature, using the same sorting rules for entitlements.

  3. Decode signature from base64; verify Ed25519 against the public key for keyId (bundled in your operator binary or keyring config).

  4. Confirm productSlug matches your build configuration.

  5. Confirm entitlements includes the kit:<slug> (or other keys) your binary requires.

  6. Invalid signature → do not run live execution; dry-run only if explicitly configured for unsigned dev mode.

  7. Product vs. binary mismatch → fail closed.

hashtag
What v1 does not require

  • Online license checks (optional in future versions).

  • Revocation lists (honor LicenseStatus in operator databases only; a future API may expose status).

  • Host binding or org binding (optional later).

hashtag
Launch (v1) vs later

Topic
Launch (v1)
Later

Invalid signature

Fail closed; no live trading

Same

Product slug mismatch

Fail closed

Same

Revocation

Not in payload; DB-only for seller / support

Optional GET /api/license-status + grace period

Online checks

Off

Optional periodic check + e.g. 72h grace

Host / org binding

Omit from payload

Optional payload field

artifactVersion in .lic

Omit in v1

Add when bots must gate updates by release

hashtag
Public key

Use the Ed25519 public key distributed with your release artifact or documentation for the matching keyId. If you need a PEM for a given keyId, request it via support with your licensePublicId.

hashtag
Deliverables reminder

Standard products ship runtime and configuration distribution kits, not raw application source, unless a separate agreement says otherwise.

PreviousLicensing overviewNextRelease notes

Last updated