Integrate with one prompt. Built for AI-native devs.

You are a senior engineer integrating MY application with the TradingApps.ai licensing system. My app is sold on the TradingApps.ai marketplace and must only run for users with a valid, active license. Licenses are issued automatically after purchase and are MACHINE-BOUND (each license activates on a limited number of machines).

Before writing code, ask me for: (1) my App ID (from my TradingApps.ai developer dashboard), and (2) my app's language/framework and where its startup/init code lives. Then integrate directly into my codebase and show me the exact insertion points.

=== API CONTRACT ===
Validate a license (call on startup, then periodically):
  POST https://www.tradingapps.ai/api/licenses/validate
  Request JSON:  { "licenseKey": "<user key>", "machineId": "<stable id>", "appId": "<MY_APP_ID>" }
  200 Response:  {
    "valid": true | false,
    "license_status": "active" | "trialing" | "past_due" | "expired" | "refunded" | "disputed" | "suspended",
    "subscription_status": string | null,
    "expires_at": "ISO-8601" | null,
    "app_id": string,
    "customer_id": string
  }
Optional machine management:
  POST https://www.tradingapps.ai/api/licenses/activate    { "licenseKey", "machineId" }
  POST https://www.tradingapps.ai/api/licenses/deactivate  { "licenseKey", "machineId" }

=== REQUIREMENTS ===
1. License entry: give the user one persistent place to paste their key (store it locally in app settings/config). Never hardcode a key.
2. machineId: derive a STABLE per-install identifier (hash a durable hardware id or a generated install GUID). It must not change between runs; hash it — never send raw serials.
3. Gate on startup: call /validate and allow the app to run only when valid === true (status "active" or "trialing"). Otherwise block core functionality and show a clear message linking to https://www.tradingapps.ai/dashboard/customer to manage the subscription.
4. Re-validate periodically while running (every 12–24h).
5. Resilience: cache the last successful validation with a timestamp. On NETWORK failure, allow a short offline grace (e.g., 72h since last success), then fail closed. On an explicit { "valid": false }, fail closed immediately.
6. Status handling: "past_due" → warn but allow during grace; "expired" / "refunded" / "disputed" / "suspended" → block.
7. Security: HTTPS only, never log full keys, treat the key as a secret.

=== DELIVERABLES ===
- A small, well-commented LicenseClient module + the startup gate, in my language, wired into my real init path.
- Minimal dependencies; production-ready.
If anything is ambiguous, ask me first.

You are helping me automate access to my INVITE-ONLY TradingView (Pine) script that I sell on TradingApps.ai. TradingView has no public API to grant script access, so I need a small service that tells me exactly who to add or remove — driven by TradingApps.ai events — plus a reconciliation view I can act on.

Ask me for: my App ID, my preferred stack (e.g., Node or Python), my webhook signing secret from my TradingApps developer dashboard, and how I want to be notified (Discord webhook, email, or a simple dashboard).

=== EVENTS (TradingApps POSTs these to your endpoint) ===
POST <your-endpoint>
Header: X-TradingApps-Signature = hex HMAC-SHA256(rawBody, MY_WEBHOOK_SECRET)
Body JSON: {
  "event": "access.granted" | "access.revoked",
  "app_id": string,
  "integration": "tradingview",
  "customer": { "id": string, "email": string },
  "tradingview_username": string,
  "tier": string | null,
  "status": "active" | "trialing" | "expired" | "refunded" | "disputed",
  "occurred_at": "ISO-8601"
}

=== REQUIREMENTS ===
1. Build an endpoint that VERIFIES the signature (constant-time compare; reject on mismatch), is idempotent, and returns 200 quickly.
2. Maintain a store of TradingView usernames with desired state (should_have_access true/false) keyed by customer.
3. Produce an ACTIONABLE queue: "Add @username" and "Remove @username", delivered to my chosen channel, plus a small page or CLI listing pending actions with a 'mark done' toggle (because the actual grant is manual in TradingView's UI).
4. Reconciliation command: list all currently-active customers so I can audit my TradingView invite list against it.
5. Optional: if I use a TradingView access-automation tool, wire the add/remove actions to it.

Deliver the endpoint + storage + notifications + reconciliation in my stack with setup steps. Ask me for anything missing first.

You are helping me connect MY web app (it has its own login) to TradingApps.ai so that buying or canceling on the marketplace automatically grants or revokes access in my app. TradingApps.ai is the payment + entitlement layer; I host the product.

Ask me for: my App ID, my stack/framework, how I identify users (usually email), and my webhook signing secret from my TradingApps developer dashboard.

=== WEBHOOK (TradingApps POSTs on every entitlement change) ===
POST <your-endpoint>   e.g. https://yourapp.com/webhooks/tradingapps
Header: X-TradingApps-Signature = hex HMAC-SHA256(rawBody, MY_WEBHOOK_SECRET)
Body JSON: {
  "event": "entitlement.granted" | "entitlement.updated" | "entitlement.revoked",
  "app_id": string,
  "customer": { "id": string, "email": string },
  "tier": string | null,
  "status": "active" | "trialing" | "past_due" | "canceled" | "expired" | "refunded" | "disputed",
  "current_period_end": "ISO-8601" | null,
  "occurred_at": "ISO-8601"
}

=== REQUIREMENTS ===
1. Implement POST /webhooks/tradingapps that:
   - Reads the RAW body and verifies X-TradingApps-Signature (constant-time). Reject with 400 on mismatch.
   - Is idempotent (dedupe by event id / occurred_at).
   - Upserts the user by email; grants access + sets tier on granted/updated; revokes on revoked/expired/refunded/disputed; sets a grace state on past_due.
   - Returns 200 within ~2s; do heavy work asynchronously.
2. Add an entitlement check in my auth/session layer so gated features read the current tier + status.
3. Link an existing local account to a TradingApps customer by email on the first event (or create the account).
4. Security: never trust an unsigned request; keep the secret in env, not code.

Deliver the endpoint, signature verification, the entitlement model + migration, and the gate in my framework. Ask me for anything missing first.

You are helping me set up and optimize a PAID Discord community that I sell on TradingApps.ai. TradingApps runs a bot that automatically adds buyers, assigns tier roles, and removes or kicks them on cancel — so I do NOT need to write access-control code. Help me (1) design the server and (2) optionally build extra automations.

Ask me for: my tiers and prices, what value/content each tier gets, and whether I want any custom automations.

=== WHAT THE PLATFORM BOT ALREADY DOES (no code needed) ===
- Buyer connects Discord at checkout → bot adds them and assigns the mapped role(s).
- Higher tiers inherit lower roles; private categories gate content by role.
- Failed payment → past-due role. Cancel / refund → remove role(s) or kick (my choice).

=== HELP ME WITH ===
1. Design a clean role + channel/category structure for my tiers, including the EXACT role→category permission map to create in Discord and which Discord role each TradingApps tier should grant.
2. Write the channel topics, welcome message, rules, and a #start-here guide.
3. OPTIONAL automations via my own bot using events TradingApps can POST to a webhook (entitlement.granted / updated / revoked, including customer, tier, and discord user id, signed with HMAC-SHA256): e.g. a welcome DM, relaying my TradingView alerts into a tier-gated channel, or tagging new Pro members.

Give me a step-by-step setup I can follow in the Discord UI, then any optional bot code in my stack. Ask me for my tiers first.