Overview
This licensing service was created to provide an affordable, secure, and developer-friendly alternative to existing licensing solutions. Many commercial licensing platforms impose high recurring costs, require hosting products on their (the licensing service's) marketplace, or restrict how developers can structure their software. This project was built to remove those constraints and give developers full control over their licensing workflow.
Origins
This project began in late 2021 when I needed a licensing system for my own software but found that the available options were either too expensive or too limiting. Rather than compromise on cost or flexibility, I decided to build a licensing service from the ground up: one that prioritized security, transparency, and developer autonomy.
Challenges with Existing Approaches
The framework I was using (JUCE) provided starter code for licensing under a custom "JUCE RSA" implementation. While functional, this approach introduces several issues:
1) Not constant-time: The implementation leaks timing information, which can theoretically expose private key material.
2) Slow key generation: Generating keys takes several seconds, making it unsuitable for serverless environments with strict execution time limits.
3) Non-standard cryptography: JUCE RSA is not a standard RSA implementation, meaning it has not undergone the same level of scrutiny as established algorithms like RSA and ECDSA.
These limitations motivated the design of a system built entirely on well-studied, standardized cryptographic primitives.
Design Goals
The licensing service was built around a few core principles:
1) Use only standardized, widely-analyzed cryptographic primitives.
2) Avoid storing private keys whenever possible.
3) Ensure all operations are constant-time and side-channel resistant.
4) Support stateless verification to simplify deployment and scaling.
5) Provide tamper-resistant, self-validating IDs.
Meeting these goals required designing a custom protocol, the Edge Protocol, specifically tailored for creating serverless crypto-systems that operate at the Edge.
Solution Architecture
Signatures with ECDSA
To authenticate server responses, the system uses ECDSA. Unlike RSA, ECDSA key generation is extremely fast, making it ideal for serverless environments and high-volume key creation.
Stateless Private Key Derivation with HKDF
Instead of storing private keys, the system derives them on demand using HKDF. The derivation incorporates:
Curve name
Key ID
A rotating private salt
Any associated ID(s)
This allows the server to regenerate any private key deterministically without maintaining a key database. In other words, we have O(1) private key storage as opposed to O(n) private key storage.
Tamper-Resistant IDs with MACs
Key IDs are validated using a variable-length MAC. Our BigId type incorporates an 8-byte MAC. This provides:
1 in 2^64 odds of guessing a valid MAC/ID
Guaranteed detection if the MAC portion of a valid ID is altered
Near-guaranteed (19x 9's) detection if the ID is fabricated
This ensures IDs are self-validating and tamper-evident. License codes are another type of MAC-validated ID with a 3-byte MAC. This provides:
1 in 2^24 odds of guessing a valid MAC/license code
Guaranteed detection if the MAC portion of a valid license is altered
Near-guaranteed (7x 9's) detection if the license code is fabricated
Even if the MAC is correct for a license code, its presence in the database will be verified. The MAC validation is just to reduce unnecessary database reads for fraudulent requests, since AWS DynamoDB charges per read request unit.
Associative and Expiring IDs
The protocol supports:
Associative IDs: Linking one ID to another in order to bind one ID to be used with another
Expiring IDs: Embedding compact timestamps using epochs and right-shifted precision
Epoch-specific salts and purpose-bound derivation ensure each epoch remains cryptographically isolated.
Data Encryption
For encrypting license-related data, the protocol derives symmetric keys using HKDF with the data's ID as input. Nonces are prefixed to the ciphertext, and pseudorandom nonces are preferred to avoid complexity around incremental counters, given that not every decryption operation is met with another encryption operation.
Edge Protocol
The licensing service is powered by the Edge Protocol, a custom cryptographic protocol designed for stateless key derivation, tamper-resistant IDs, and secure verification. The full specification is documented separately on the Edge Protocol page.