diff --git a/server/src/Hokm.Server/Payments/IabService.cs b/server/src/Hokm.Server/Payments/IabService.cs
index 8cfedfc..43ac2ff 100644
--- a/server/src/Hokm.Server/Payments/IabService.cs
+++ b/server/src/Hokm.Server/Payments/IabService.cs
@@ -11,13 +11,22 @@ namespace Hokm.Server.Payments;
public sealed class IabOptions
{
/// Android package name registered in the store panels.
- public string PackageName { get; set; } = "com.bargevasat.hokm";
+ public string PackageName { get; set; } = "com.bargevasat.app";
// ── Cafe Bazaar (pardakht dev API, OAuth refresh-token flow) ──
public string BazaarClientId { get; set; } = "";
public string BazaarClientSecret { get; set; } = "";
public string BazaarRefreshToken { get; set; } = "";
+ ///
+ /// Cafe Bazaar in-app billing RSA public key (panel: «دریافت کلید RSA برای
+ /// قراردادن در برنامه»). Used to verify a purchase payload's signature locally
+ /// (Poolakey in-app library flow). NOT used by the current deep-link flow,
+ /// which verifies server-to-server via the pardakht API above — kept here so
+ /// the key has a home if/when the native Poolakey plugin is added.
+ ///
+ public string BazaarRsaPublicKey { get; set; } = "";
+
// ── Myket (developer validation API) ──
public string MyketAccessToken { get; set; } = "";
diff --git a/src/lib/storeBilling.ts b/src/lib/storeBilling.ts
index b5a19d4..06ac7e0 100644
--- a/src/lib/storeBilling.ts
+++ b/src/lib/storeBilling.ts
@@ -16,7 +16,7 @@ import { CoinPack } from "./online/types";
export type StoreId = "bazaar" | "myket" | "web";
const ENV_STORE = ((process.env.NEXT_PUBLIC_STORE as StoreId | undefined) ?? "web");
-const PACKAGE = process.env.NEXT_PUBLIC_APP_PACKAGE ?? "com.bargevasat.hokm";
+const PACKAGE = process.env.NEXT_PUBLIC_APP_PACKAGE ?? "com.bargevasat.app";
const PENDING_SKU_KEY = "iab_pending_sku";
/** Native bridge contract a Myket Capacitor plugin must fulfil. */