SPEEDKIT MARKETPLACE

Billing Control

Real commerce control plane for provider checkout, webhook verification, entitlement storage, and private order state.

STATUS=INSTALLED_FAIL_CLOSED · PROVIDER=STRIPE_CHECKOUT · FAKE_CHECKOUT=false

OFFERS135
RECEIPTS135
PRIVATE0
REAL COMMERCE CONTROL PLANE
CHECKOUT · WEBHOOK · ENTITLEMENT · FAIL CLOSED

Commerce Control

Commerce controlprovider requirementsLIVE Commercial catalogplans + checkout payloadLIVE Checkout APIprovider handoffFAIL-CLOSED Entitlement APIprivate KV stateFAIL-CLOSEDRuntime statussecrets + KV readinessLIVE Offer ledgertamper-evident receiptsCLOSED Control chaincommerce boundCLOSED

Checkout Request

curl -X POST https://speedkit.eu/api/marketplace/checkout \
  -H 'content-type: application/json' \
  -d '{"plan":"starter","offer_id":"offer-wsp-001"}'

This endpoint is real and fail-closed. It will not create fake sessions. It requires real provider secrets and real Stripe price IDs.

Required Cloudflare Configuration

npx wrangler pages secret put STRIPE_SECRET_KEY --project-name speedkit
npx wrangler pages secret put STRIPE_WEBHOOK_SECRET --project-name speedkit
npx wrangler pages secret put STRIPE_PRICE_SPEEDKIT_STARTER --project-name speedkit
npx wrangler pages secret put STRIPE_PRICE_SPEEDKIT_PRO --project-name speedkit
npx wrangler pages secret put STRIPE_PRICE_SPEEDKIT_ENTERPRISE --project-name speedkit
npx wrangler pages secret put SPEEDKIT_BASE_URL --project-name speedkit

Also bind a KV namespace as SPEEDKIT_COMMERCE_KV for private order and entitlement records.

Boundary

No checkout is simulated. No customer data is public. No order is stored in the repository. Orders and entitlements live only in private runtime storage.

SPEEDKIT Pricing

Commerce is live. Stripe Checkout is active, webhook storage is KV-bound, fake checkout is false, and entitlement proof is routed through the marketplace runtime.

SPEEDKIT-STARTER

SPEEDKIT Starter

€49 / month

Founder access to SPEEDKIT public marketplace control.

  • Public offer access
  • Install manifest rail
  • Receipt and ledger proof
  • Checkout runtime
  • Webhook-bound entitlement storage
  • Public-only verification surface
SPEEDKIT-PRO

SPEEDKIT Pro

€199 / month

Commercial operator access for teams and builders.

  • Everything in Starter
  • Commercial use boundary
  • Priority surface review
  • Proof packaging guidance
  • Team onboarding path
  • Higher support priority
SPEEDKIT-ENTERPRISE

SPEEDKIT Enterprise

€999 / month

Institutional control access for serious integrations.

  • Everything in Pro
  • Custom entitlement and proof rails
  • Integration review
  • Manual onboarding
  • Commercial support boundary
  • Institutional verification posture

PUBLIC_ONLY=true · COMMERCE_READY · FAKE_CHECKOUT=false · KV_ENTITLEMENT_STORAGE=true

Open pricing JSON · Open billing control · Open marketplace

SPEEDKIT Product Control OS

The marketplace is now a command tower. Pricing, checkout, entitlement, receipt proof, plan matrix, route map, and buyer path are bound into one live product control surface.

Product Control OScommand towerLIVE Product OS JSONstate manifestLIVE Plan Matrixstarter · pro · enterprise3 Route Mapcommerce + proof APIs24 Buyer Pathdiscover → receipt proofCLOSED Control APIlive command stateJSON

SPEEDKIT Capability Bundles

Payment is only the money rail. These bundles define what each plan unlocks inside the Product Control OS.

Capability Bundlesproduct packaging3 Capabilities JSONmachine-readable bundlesLIVE Starter Bundlepublic controlL1 Pro Bundlecommercial operatorL2 Enterprise Bundleinstitutional controlL3

SPEEDKIT Access Policy Engine

Capability enforcement is live. Plans now have allowed and denied capability sets, and the access-check API returns deterministic ALLOW/DENY decisions.

Access Policy Engineinteractive decision surfaceLIVE Access Policy JSONplan permissions16 Starter receipt checkallowed exampleALLOW Starter custom raildenied exampleDENY Enterprise custom railallowed exampleALLOW

SPEEDKIT Usage Metering

Plan usage is now measurable. Allowed capability use writes metered events to KV; denied capability use does not write.

Usage Meteringinteractive meter surfaceLIVE Usage Policy JSONplan limits + meter rulesLIVE Usage APIread/write meterKV Access Policyallow before meterLIVE

SPEEDKIT Usage Ledger

Usage is now evidence. Allowed metered usage writes hash-chained ledger entries to KV. Denied usage remains blocked by policy and is not recorded as consumption.

Usage Ledgerhash-chained consumption evidenceLIVE Usage Ledger JSONledger modelSHA-256 Usage Ledger APIrecord/read chainKV Usage Meteringraw usage meterLIVE