Question: Does Apple Purchase Validation Support StoreKit 2 JWS Format? #2430
Description
Summary
We're implementing server-side purchase validation for a Godot mobile game using Nakama. For Android, validate_purchase_google_async() works perfectly and stores purchases in the Nakama Console's Purchases section.
For iOS, we're using StoreKit 2 which no longer provides unified receipts. Instead, each transaction has a jwsRepresentation (JSON Web Signature) string.
Question
Does Nakama's Apple purchase validation support StoreKit 2's JWS format?
Client SDK:
var result = await nkc.validate_purchase_apple_async(session, jws_string)Server Runtime (Go):
validation, err := nk.PurchaseValidateApple(ctx, userID, jwsString, persist, passwordOverride)Context
StoreKit 1 (Legacy)
- Unified receipt at
Bundle.main.appStoreReceiptURL - Base64 encoded receipt sent to Apple's
verifyReceiptendpoint verifyReceiptis being deprecated by Apple
StoreKit 2 (Current)
- No unified receipt
- Each
Transactionhas ajwsRepresentationproperty - JWS is self-contained and cryptographically signed by Apple
- Can be verified using Apple's public key or App Store Server API
What We're Trying to Achieve
- Validate iOS purchases server-side (prevent fraud on jailbroken devices)
- Store validated purchases in Nakama's purchase ledger (visible in Console UI)
- Detect replay attacks via
seen_beforeflag
Current Workaround
We're considering a custom RPC that:
- Receives JWS from client
- Verifies JWS signature using Apple's certificates
- Manually writes to storage
But this bypasses Nakama's built-in purchase tracking, losing the Console UI integration.
Environment
- Nakama: Latest (self-hosted via Docker)
- Client: Godot 4.5 with nakama-godot addon
- iOS: StoreKit 2 via SwiftGodot plugin
References
- Apple: StoreKit 2 Transaction.jwsRepresentation
- Apple: Deprecated verifyReceipt
- Nakama IAP Validation Docs
Thank you!