|
|
|
|
|
|
by nstart
1257 days ago
|
|
|
In this case, I don't know what Gumroad could do given that it's ExtendScript. But I can totally see Gumroad making a library for more supported ecosystems and an api endpoint that makes use of public/private key encryption to create a "signed" response. Naive possibility: Gumroad receives request from app -> Gumroad crafts response, encrypts with private key (could be Gumroad key or a dev generated key), base64 it, returns to app -> Local library decrypts with public key and then verifies response. This of course doesn't stop someone from messing with source code and "cracking" the app, but in the case of a binary based app, that's not as straightforward. That said, another commenter did mention that pirates are gonna pirate, so friendly easy DRM for the dev also makes sense. |
|
|