1.3 KiB
1.3 KiB
Catalog Distribution Policy
This policy keeps public web minimal while allowing full commerce inside the launcher app.
Public Web (edut.ai)
- Public web remains identity and access surface.
- Public web does not serve production catalog details.
- Public web does not execute production checkout.
- Public web may host internal preview routes that are noindex and disabled by default.
Launcher App Surface
- Launcher app is the canonical catalog and checkout surface.
- Launcher fetches signed catalog manifests from marketplace APIs.
- Launcher verifies manifest signature and hash before display.
- Launcher checkout requires wallet session, ownership binding, and entitlement gating.
Anti-Scraping Posture
- No public, anonymous catalog endpoint for production offers.
- Offer manifests require app session and rate limits.
- Manifest payloads are short-TTL and signed.
- Checkout endpoints require nonce-bound quotes and ownership-proof rules.
Legal Clarity Rule
- If first checkout bundles membership activation, quote must show line-item breakdown.
- Checkout totals must reconcile to line-item amounts deterministically.
Non-Goals
- Marketing the catalog directly on public website pages.
- Relying on obscurity as sole protection.
- Activating runtime rights from unsigned catalog/quote data.