36 lines
1.3 KiB
Markdown
36 lines
1.3 KiB
Markdown
# Catalog Distribution Policy
|
|
|
|
This policy keeps public web minimal while allowing full commerce inside the launcher app.
|
|
|
|
## Public Web (edut.ai)
|
|
|
|
1. Public web remains identity and access surface.
|
|
2. Public web does not serve production catalog details.
|
|
3. Public web does not execute production checkout.
|
|
4. Public web may host internal preview routes that are noindex and disabled by default.
|
|
|
|
## Launcher App Surface
|
|
|
|
1. Launcher app is the canonical catalog and checkout surface.
|
|
2. Launcher fetches signed catalog manifests from marketplace APIs.
|
|
3. Launcher verifies manifest signature and hash before display.
|
|
4. Launcher checkout requires wallet session, ownership binding, and entitlement gating.
|
|
|
|
## Anti-Scraping Posture
|
|
|
|
1. No public, anonymous catalog endpoint for production offers.
|
|
2. Offer manifests require app session and rate limits.
|
|
3. Manifest payloads are short-TTL and signed.
|
|
4. Checkout endpoints require nonce-bound quotes and ownership-proof rules.
|
|
|
|
## Legal Clarity Rule
|
|
|
|
1. If first checkout bundles membership activation, quote must show line-item breakdown.
|
|
2. Checkout totals must reconcile to line-item amounts deterministically.
|
|
|
|
## Non-Goals
|
|
|
|
1. Marketing the catalog directly on public website pages.
|
|
2. Relying on obscurity as sole protection.
|
|
3. Activating runtime rights from unsigned catalog/quote data.
|