# In‑app billing public keys (RSA)

These are the **public** RSA keys issued by each store, used to verify the
signature of a purchase payload. They are not secret. Keep them with the app so
the native billing layer (and/or server signature verification) can reference
them.

## Cafe Bazaar
Used by the Poolakey / on‑device verification path (the current Bazaar flow uses
the `bazaar://in_app` deep‑link + server token verification, so this key is only
needed if/when on‑device signature verification is added).

```
MIHNMA0GCSqGSIb3DQEBAQUAA4G7ADCBtwKBrwCQ6/F2F0yNSXULayEDzFPSse07K7q70pcxZrE+lzKyw8N4vx3yZKqj/rrYbe1JvS9iYDZy3q5G3x5tdi45Ggjer5uP1EP3oq/liONVcLXU206PTe0AfWQtruvA045iPn9aRv3ZaZBz9dniSA8rrX53+YxgGiENC9TShQ3uItQe12utsUcHO5Xj0av+ZufWkL5w/Mr1dQLlvHY8QT+R2uYv8sLBgcgOc9E8BKnOIO0CAwEAAQ==
```

## Myket
Required by the (to‑be‑built) native Myket billing plugin to verify the
`INAPP_DATA_SIGNATURE` of each purchase before crediting coins.

```
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbUBKRU4g1AQrbOO8GkcBn79ol0hbs5PZVd5vPP6za98BTc9leqvyGE+DwSg7lbsXTZxCzPRBS3m0qB9LShe70WG+RQapG9Q2lodszYkauicPkJSpbXWh/nfrziTWNqEHqUfCsC4+lkKSEkxDNa1Po7uZzbwaJ+Kf1+d8wSWYpxwIDAQAB
```

## In‑app product SKUs (both stores)
| SKU | Coins | Price |
|-----|-------|-------|
| Coin5K  | 5,000  | 99,000 تومان |
| Coin12K | 12,000 | 199,000 تومان |
| Coin28K | 28,000 | 399,000 تومان |
| Coin65K | 65,000 | 799,000 تومان |