🔑 PerfShop license system¶
PerfShop uses a product license system to control access to advanced features. This system is distinct from the AGPL 3.0 software license that governs the source code.
Features by plan¶
What is always accessible (without a license)¶
| Interface | Access |
|---|---|
| 🛒 E-commerce shop | ✅ Always accessible |
| 💥 Performance Chaos — Level 1 | ✅ Free (freemium) |
| 💥 Scripting Chaos — Level 1 | ✅ Free (freemium) |
What requires a license (HTTP 402 without a key)¶
| Interface | Without license | With license |
|---|---|---|
| 💥 Chaos Admin — levels 2 to 4 | ❌ | ✅ |
| 💥 Business, Functional, Security Chaos | ❌ | ✅ |
| 🔧 Admin backoffice | ❌ | ✅ |
| 📊 Admin monitoring | ❌ | ✅ |
| 📝 Scripts UI | ❌ | ✅ |
| 🎯 JMeter UI | ❌ | ✅ |
License plans¶
| Plan | Included chaos | Typical use |
|---|---|---|
| Freemium | Performance Chaos L1 + Scripting Chaos L1 | Demo, discovery |
| Functional | + Business Chaos + Functional Chaos | QA teams |
| Performance | + Scripting Chaos L2–4 + JMeter UI + Scripts UI | Performance testing |
| Enterprise | All chaos types, all levels, all interfaces | Training organizations |
→ Get a license on perfshop.io
Activating a license¶
Option A — Before startup (recommended in a classroom)¶
Inject the key into the .env file before docker compose up:
Option B — After startup via the student page¶
- Open Chaos Admin → localhost:3003
- Click 🔑 Activate a license (button at the top right)
- Paste the
PFSH-xxx.yyykey → ⚡ Activate
Option C — From the Management interface (superadmin)¶
- Log into Chaos Admin → Administration → Management
- 🔑 PerfShop License section → paste the key → ⚡ Activate license
Revoking a license¶
To disable the active license on an instance:
Chaos Admin → Administration → Management → 🗑 Revoke license
Immediate effect
Revocation blocks all protected interfaces immediately. The same key can be reactivated at any time.
How it works technically¶
Offline-first verification¶
Validation is entirely local — no network call to perfshop.io at runtime.
The PerfShop backend verifies the RSA-PSS signature of the key at every startup
and every activation. The key is persisted in the perfshop_license table
(single row, upsert on id='current').
PFSH-{payload_base64url}.{signature_base64url}
│ │
│ └─ RSA-PSS signature (perfshop.io private key)
└─ Encoded JSON: licenseId, holder, plan, issuedAt, expiresAt, features
Persistence¶
The license survives container restarts — it is stored in the MySQL database
and reloaded into memory (AtomicReference) at backend startup.
HTTP interceptor¶
All protected routes go through LicenseInterceptor.java, which returns
HTTP 402 Payment Required if no valid license is active.
Public routes (e-commerce shop, freemium L1) are in the isAlwaysAllowed()
whitelist and are never blocked.
Key format¶
- Always starts with
PFSH- - Two parts separated by a
. - Payload: base64url JSON (licenseId, holder, plan, issuedAt, expiresAt, features)
- Signature: RSA-PSS SHA-256, generated by perfshop.io
Typical scenario — classroom¶
# 1. Retrieve the key on perfshop.io
# 2. Add it to .env before startup
echo "PERFSHOP_LICENSE_KEY=PFSH-xxx.yyy" >> .env
# 3. Start the stack
docker compose -f docker-compose.desktop.yml up -d --build
# 4. Check the activation
# → Chaos Admin: badge "✅ License active — Enterprise · PerfShop"
Or activate after startup from Chaos Admin → Management if the key was not available at startup time.
FAQ¶
Does the license work offline? Yes — RSA-PSS verification is 100% local. No connection to perfshop.io is required after activation.
Is the license tied to a machine? No — the key is not tied to a hostname or an IP address. It can be used on any PerfShop instance.
What happens if the license expires? Protected interfaces return HTTP 402 again. The e-commerce shop and the freemium tier remain accessible. Just activate a new key.
Can multiple licenses be active at the same time? No — only one license is active at a time (single row in the DB). Activating a new key replaces the previous one.