=== InkDNA – Fingerprinted Downloads ===
Contributors: ashton4321
Tags: ecommerce, downloads, fingerprinting, watermark, security
Requires at least: 6.0
Tested up to: 6.8
Requires PHP: 8.0
Stable tag: 0.1.4
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

Per-buyer fingerprints for downloads (PDF/images). DRM-free and screenshot-resilient. WooCommerce compatible.

== Description ==

Developer docs: https://inkdnafingerprint.com/docs

Adds an invisible, per-buyer fingerprint to each download—no DRM.

**Highlights**
* DRM-free: Buyers get normal PDFs/images.
* Per-buyer fingerprints: Embedded at download time.
* Screenshot-resilient: Survives common transforms (marking PDFs; detecting PDFs & images).
* Privacy-aware: Marking happens server-side on your store. The plugin calls the InkDNA API from the server and writes a temporary marked copy locally.
* Works with Woo downloadable products (no catalog changes).

> This plugin uses a fixed InkDNA API base endpoint: https://ashtonx24-inkdna.hf.space

== External services ==
This plugin connects to your InkDNA API from the server.

**Service host**
- https://ashtonx24-inkdna.hf.space (API base)

**What is sent (server → API)**
- For local product files: `POST /mark` with the PDF file as multipart/form-data.
- For remote product URLs: `POST /mark/url` with JSON body `{ "url": "<source pdf url>" }`.
- Headers on both requests: `X-Order-Id` (the WooCommerce order ID) and `X-API-Key` (set in Settings → InkDNA).

**When it is sent**
- Only when a buyer initiates a download. The store server calls the InkDNA API, receives a fingerprinted PDF, stores it temporarily under `wp-content/uploads/inkdna-fingerprinted-downloads/`, and serves that local file to the buyer.

**What returns**
- A fingerprinted (marked) PDF, unique per order.

**Service policies**
- Terms: https://inkdnafingerprint.com/terms.html
- Privacy: https://inkdnafingerprint.com/privacy.html
- Refunds: https://inkdnafingerprint.com/refunds.html
- EULA: https://inkdnafingerprint.com/eula.html

== Installation ==

1. Upload the ZIP and **Activate** the plugin.
2. Go to **Settings → InkDNA** and set:
   * **API Key** (the key assigned/created for your shop)
   * API Base (default https://ashtonx24-inkdna.hf.space) and your API Key. The plugin performs server-side marking on download.
3. In WooCommerce, create a **Downloadable** product and attach a PDF.
4. Place a test order and download. Each download is uniquely fingerprinted via the InkDNA loader + API.

== Frequently Asked Questions ==

= Do I need an InkDNA account? =
Yes — you or your tenant must have an InkDNA tenant and API Key. The plugin requires that API Key to enable stamping.

= What file types are supported? =
**Marking:** PDFs  
**Detecting:** PDFs and images (PNG/JPEG) — **handled outside WordPress** (see “How do I verify a leak?”).

= File size limits? =
Server defaults typically allow ~25–100 MB (configurable). WordPress/PHP upload limits may also apply.

= Is this DRM? =
No. Files remain standard PDFs/images. We embed a robust, invisible fingerprint so you can attribute leaks even after edits/screenshots.

= Does this store my files or customer data? =
The plugin stores a temporary, per-order fingerprinted PDF under wp-content/uploads/inkdna-fingerprinted-downloads/ in order to serve the download. No API keys are exposed to the browser.

= How do I verify a leak? =
Use the **Verify** page at your InkDNA endpoint (e.g., `/verify.html`) or the hosted verification tool documented at https://inkdnafingerprint.com/docs. Upload the suspect file and review the signed evidence JSON.

= Caching/CDN? =
Do not CDN-cache the API responses; each PDF is unique per buyer. Re-downloads use the local marked copy cached by the plugin in `/wp-content/uploads/inkdna-fingerprinted-downloads/`.

= Do I have to send an Order ID? =
Yes. The fingerprint is bound to the order identifier. If omitted at marking time, later verification can still estimate but won’t be provable to a specific purchase.

== Screenshots ==
1. Settings page with API Key field and domain registration notice.
2. Order download links annotated for fingerprinting.

== Changelog ==
= 0.1.4 =
* Documentation sync and upload-path fix.

= 0.1.3 =
* Marking-only plugin: removed in-admin verification to keep the extension lean and review-safe.
* Fixed API base `https://ashtonx24-inkdna.hf.space`; marking is performed server-side (no client loader required).
* Updated docs and external-services section for transparency.

= 0.1.2 =
* Added “External services” section and developer docs link.

= 0.1.1 =
* Minor copy updates.

= 0.1.0 =
* Initial release: per-buyer fingerprinting via external API.

== Upgrade Notice ==
= 0.1.3 =
Configure **Settings → InkDNA** with your API Key. Downloads are fingerprinted automatically when buyers click. Verification is done outside WordPress (see docs).
