Post not yet marked as solved
where the first sends a private key to the second
No.
unknowable, but now stored in two devices?
Unknowable but known to a second device..... no, that's a contradiction.
It sounds like you might be trying to design your own cryptography system. Don't do that!
Do you have functioning code that checks for the IAP in the receipt?
There is no "product ID" for the original app purchase in the app receipt. The original purchase is not an IAP purchase. You need to be looking at attribute type 19, "Original Application Version".
Just to add...
As I said above, the "app receipt" isn't the only way to do this. You also have the "AppTransaction" in StoreKit 2 (but only in iOS 16).
My guess is that that behaves in the same way regarding the sandbox, but I could be wrong.
OK. Yes, this will work as you want in production.
The difficulty you have in in the sandbox, where you need (if possible) to force it to install a receipt when there are no IAPs. I do not know how to do that.
Right, I do understand what you want to do. It's not possible.
What you're asking for is called "mandatory locking".
What those functions provide is "advisory locking". Advisory locking depends on all users of the file using the locking functions.
Historically, Windows has provided mandatory locking; POSIX (Unix) has provided mostly advisory locking. I believe that Mac OS, and iOS, follow POSIX here.
So no, I do not believe that you will find a way to lock a file so that another (uncooperative) process will be unable to access it.
Some work-around:
Modify the permissions of the file while you modify it.
Make a temporary copy of the file, and rename() it over the original (which is atomic) when you have finished.
(What do you really want to achieve?)
Can you clarify which "receipt" you are referring to? There is the "app receipt", which includes in-app purchases. Yes it is probably true that you do not get a receipt during development until you have done some sort of IAP activity. Maybe using SKReceiptRefreshRequest (in the old StoreKit) will force it to install a receipt with only the main app purchase details? Not sure.
But you don't need to use the "app receipt" to determine whether the IAP has been purchases; there are simpler ways to do that.
What are you really trying to do?
According to
https://help.apple.com/app-store-connect/#/dev997f9cf7c
the default language for New Zealand is "English (UK)", and there is no additional supported language.
I think this localisation really is only for the user's language; if what you're trying to do is to present different content based on the users location, that's not really going to work.
Post not yet marked as solved
Thanks Claude. Yes it's a bit indirect; I wonder if it will be more or less reliable than a table of model numbers?
Anyway this is the sort of detail that I bet no user will ever even notice, so I'm not going to spend a lot of time on it!
Post not yet marked as solved
appAccountToken is as close as you will get.
You can convert between a short string (up to 16 chars) and a UUID.
Post not yet marked as solved
No.
The whole point of the secure enclave is that you cannot extract the private key. It's not an "unknowable key" if you can extract it, is it?!
Post not yet marked as solved
The error is not related to the architecture. Ignore that part of the error message. Read it as "Undefined symbols: stdscr, wgetch".
I believe wgetch is a curses function. I don't know about stdscr.
I guess that you need to link with libcurses. I don't know how to do that in VS code.
Does that help?
Or is a single receipt updated to reflect the IAP, with original purchase and purchase date?
Yes - there is a single app receipt, which describes the original (free) purchase of the app itself, and has a separate section describing each IAP purchase.
But note that using the app receipt may not be the easiest way to determine whether the IAP has been purchased. See the StoreKit and StoreKit2 documentation. Is this a new app, written in Swift? In that case, look at the StoreKit2 documentation for how to determine which IAPs have been purchased.
(Do you have serious concerns about piracy? That may influence how you check if the IAP has been purchased.)
Post not yet marked as solved
It sounds like "the services are delivered outside the app".
This means that you cannot use in-app purchase, and there are no transaction fees to consider.
BUT - what are you going to do to make the app justify actually being an app? Apple do reject apps that could simply be websites.
Post not yet marked as solved
Apple will pay the proceeds to you, you will then need to send the other party’s share to them.
Apple takes 30% (or 15% if you are a small business) from what the user pays.
Beware of tax. Developers are sometimes surprised to get less than the expected because Apple have deducted VAT or equivalent.
Are you sure IAP is right for this application? Is the “digital content” “consumed within the app”?
