grant/keysat-root
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
601ccea39cac9c8c549c2bc9eb1216d5ece72768
keysat-root/docs/guides/licensing-tiers.md
T
Keysat 9c3ddc01e7 Fix doc drift; document no-enforce-mode and universal publish 
Corrections surfaced by doc-auditor + start9-spec-checker:
- testing.md: api suite 47 -> 54
- payments.md: FK enforcement confirmed at db/mod.rs:29
- startos-packaging.md: publish.sh now ships a universal s9pk
- licensing-tiers.md: record enforce-mode retirement and Creator caps
Refresh Current state for the StartOS submission-blocker work.
2026-06-13 06:40:06 -05:00

2.1 KiB
Raw Blame History

paths
paths
licensing-service-startos/licensing-service/src/license_self.rs
licensing-service-startos/licensing-service/src/api/tier.rs
licensing-service-startos/licensing-service/src/api/self_license.rs
licensing-service-startos/licensing-service/src/upgrades.rs
licensing-service-startos/licensing-service/src/api/upgrade.rs

Self-license & tier gating

The daemon licenses itself via its own licensing scheme — the operator runs a master Keysat that issues the license this instance validates.

Always boots — no enforce mode

Enforce mode was retired: there is no KEYSAT_LICENSE_ENFORCE build flag and check_at_boot (license_self.rs) always returns Ok. A missing/invalid self-license logs a warning and the daemon runs at the free Creator tier (Tier::Unlicensed, surfaced as "Creator" in the admin UI) with Creator caps — 5 products, 5 policies per product, 10 active discount codes. Activating a license lifts those caps and unlocks recurring_billing + zaprite_payments. Treat any "marketplace build refuses to start without a license" wording in code comments or copy as stale.

Live entitlements

Tier gates must read LIVE entitlements from licenses.entitlements (refreshed hourly by refresh_self_tier_from_db in license_self.rs), not the entitlements baked into the signed payload at issue time. The signed payload is a point-in-time snapshot; entitlements can change after issuance.

Never silently widen a tier

Do not expand entitlements in tier::current() (e.g. "patron implies pro"). Tried in 0.2.0:41, reverted in 0.2.0:42. When an operator is stuck on an old-scheme self-license, the correct fix is: re-issue the license + run the StartOS "Activate Keysat license" action — the new key overwrites /data/keysat-license.txt and self_tier refreshes without a daemon restart.

Entitlements in flight

unlimited_merchant_profiles (Creator = 1 merchant profile, Pro/Patron = unlimited) still needs adding to the master Keysat's Pro/Patron policies — a data action on the keysat.xyz admin, no code. See payments.

Reference in New Issue View Git Blame Copy Permalink