I built a licensing system for desktop and enterprise software. Posting to get the word out and get feedback from HN.

  The problem I had

  I ship commercial engineering software (nuclear/thermal-hydraulics simulation tools). My customers often work in air-gapped environments - government labs, defense contractors, utilities with strict IT policies. Existing licensing solutions either assumed always-online connectivity, required heavyweight SDKs, or were priced for Fortune 500 companies.

  What RegentLock does

  It's a licensing backend + API for generating, activating, and managing software licenses. The crypto is straightforward: Ed25519 for signing, ChaCha20-Poly1305 for license file encryption. Licenses are validated locally after activation - no phone-home required (though you can configure check-in policies if you want).

  Supports:
  - Node-locked and floating licenses
  - Offline/air-gapped activation (generate request file → process on connected machine → transfer license back)
  - Rehostable licenses (customers can revoke and move to new hardware)
  - Hardware binding via MAC, disk serial, or a portable "rehostable" ID

  Integration

  REST API. I have integration examples for C, Go, Python, Java, and C#. Typical integration is ~50-100 lines - validate license on startup, check expiration, verify signature.

  Pricing

  Indie tier at $349/year for solo devs (500 activations). Starter is $1,499/year. I'm not trying to compete with Gumroad for $10 e-books - this is for people shipping software that actually needs protection.

  What I'm looking for

  - Feedback on the approach
  - Edge cases I haven't considered
  - Whether the feature set makes sense for your use case

  Website: https://regentlock.net
  Features: https://regentlock.net/features.html

  Happy to answer technical questions about the implementation.