48 lines
1.7 KiB
Markdown
48 lines
1.7 KiB
Markdown
# Launcher Free-Tier Specification
|
|
|
|
The launcher is free and intentionally limited to onboarding and control-plane functions.
|
|
|
|
## Scope Included (Free)
|
|
|
|
1. App install and first-run flow.
|
|
2. Local wallet create/import/recovery UX.
|
|
3. Device readiness checks (cpu, memory, disk, os compatibility).
|
|
4. Membership status display.
|
|
5. Governance purchase/install prompts and status.
|
|
6. App-native member notification inbox.
|
|
|
|
## Scope Excluded (Paid / Protected)
|
|
|
|
1. Governance runtime internals.
|
|
2. Deterministic card pipeline execution.
|
|
3. Paid module execution logic.
|
|
4. Private scoring and policy internals.
|
|
|
|
## Security Rules
|
|
|
|
1. Launcher never stores server-side private keys.
|
|
2. Launcher verifies signed package manifests before install.
|
|
3. Launcher cannot activate governance runtime without active entitlement.
|
|
4. Unknown entitlement state blocks protected feature activation.
|
|
|
|
## UX Rules
|
|
|
|
1. User can exit and resume setup at any point.
|
|
2. Membership purchase is optional in free mode.
|
|
3. Governance purchase is blocked until membership is active.
|
|
4. Free mode remains useful for readiness and wallet setup.
|
|
5. Launcher must surface availability class and current state (`active`, `grace`, `continuity`, `parked`) in plain language.
|
|
|
|
## Availability and Boundary Rules
|
|
|
|
1. Paid execution rights are boundary-scoped to an `org_root_id`.
|
|
2. Launcher must include boundary context in install/checkout requests when workspace-bound.
|
|
3. `continuity` state blocks growth actions (new members/workspaces/tool installs).
|
|
4. `parked` state pauses paid execution but preserves visibility/read pathways.
|
|
|
|
## Value Contract
|
|
|
|
1. Free launcher gives control and visibility.
|
|
2. Paid governance unlocks execution.
|
|
3. Additional paid licenses extend capabilities after governance activation.
|