# 08A Pricing / Tax readiness — aieditorrsp.net

- Date: 2026-05-29
- Task: t_1e524b07
- Assignee: 墨账
- Decision: GO

## Gate result

| Gate | Status | Finding |
|---|---:|---|
| Pricing | GO | Approved pricing is internally consistent and credit-capped: Pro monthly $12 for 200 credits/month, Pro yearly $96/year, Credit Pack $6 for 100 credits. No unlimited usage is sold. |
| Stripe account alignment | GO for Worker, WARN for local shell | Canonical Stripe account is `acct_1T3Z7nGILeKe9Uoa`. Host switched Worker secrets to this account and `npx wrangler secret list --name aieditorrsp` confirms required Stripe secret names exist. The current worker shell `STRIPE_SECRET_KEY` still points to old account `acct_1STJGiBKSbQI2GbG`; do not use this local process env for implementation verification. |
| Stripe Tax | GO | Evidence file `/root/.hermes/reports/site-aieditorrsp-20260528/08a-stripe-switch-verification.md` shows `tax/settings.status=active`, default tax code `txcd_10000000`, product tax code `txcd_10000000`, and 8 active registrations: US WA/FL/TX/NY/CA/WY, GB, IE. |
| Stripe objects | GO | Canonical account objects: product `prod_Ubc4Y1CJrYzI1D`; monthly `price_1TcOq4GILeKe9UoaODEpDg4T`; yearly `price_1TcOq4GILeKe9UoamkNrcEJL`; credit pack `price_1TcOq5GILeKe9Uoa6NlLg3Ny`; webhook `we_1TcOq5GILeKe9UoamMnDrHhX`. |
| No unlimited claims | GO | Direct scan of `/root/projects/aieditorrsp/src` found 0 matches for `[Uu]nlimited`. `npm run verify` also reports `forbiddenCopy=0`. |
| Checkout tax implementation | GO TO IMPLEMENT | Billing code is not implemented yet. 08B may proceed, but must implement the exact Checkout and ledger requirements below before paid launch. |

## Approved pricing口径

| Plan | Price | Credits / limit | Notes |
|---|---:|---:|---|
| Free | $0 | 2 generations/day | Acquisition tier only. Keep visible daily cap. |
| Pro monthly | $12/month | 200 credits/month | Main paid tier. No unlimited wording. |
| Pro yearly | $96/year | 200 credits/month | 33.3% discount vs monthly annualized; acceptable annual incentive. |
| Credit Pack | $6 one-time | 100 credits | One-time top-up; do not imply subscription replacement. |

## Exact downstream implementation instructions for 08B

### Stripe account / object source of truth

Use canonical Worker secrets / bindings only:

- `STRIPE_SECRET_KEY` must belong to `acct_1T3Z7nGILeKe9Uoa`.
- `STRIPE_PRICE_ID_MONTHLY` → `price_1TcOq4GILeKe9UoaODEpDg4T`.
- `STRIPE_PRICE_ID_YEARLY` → `price_1TcOq4GILeKe9UoamkNrcEJL`.
- `STRIPE_PRICE_ID_CREDIT_PACK` → `price_1TcOq5GILeKe9Uoa6NlLg3Ny`.
- `STRIPE_WEBHOOK_SECRET` must be for webhook `we_1TcOq5GILeKe9UoamMnDrHhX`.

Do not use old preflight objects from the wrong account:

- Old product `prod_UbbP8eNBYFoBOv`.
- Old prices `price_1TcOD5BKSbQI2GbGoh3Xi5K4`, `price_1TcOD6BKSbQI2GbGcEGXliis`, `price_1TcOD6BKSbQI2GbGkcjrhFDM`.
- Old webhook `we_1TcOD6BKSbQI2GbGy9zFEqbx`.

### Stripe Checkout session hard requirements

Every Checkout Session must include:

```ts
automatic_tax: { enabled: true },
billing_address_collection: 'required',
tax_id_collection: { enabled: true },
```

Additional requirements:

- Checkout route must support only `monthly`, `yearly`, and `credit_pack` plan keys.
- Anonymous users must be redirected to Google login before Checkout.
- Never hardcode live secrets in source; use Worker secrets/bindings only.
- Webhook must verify Stripe signature against the canonical `STRIPE_WEBHOOK_SECRET`.

### Order / ledger records

Persist tax fields separately. Minimum ledger/order fields:

```ts
stripe_account_id
stripe_checkout_session_id
stripe_customer_id
stripe_subscription_id // nullable for credit pack
stripe_payment_intent_id // nullable until paid
price_id
plan_type // pro_monthly | pro_yearly | credit_pack
currency
subtotal_amount
tax_amount
total_amount
tax_payable_amount
credits_granted
credits_remaining_after
payment_status
created_at
updated_at
```

Accounting rule: VAT/GST/Sales Tax collected by Stripe is not product revenue. Treat it as `tax_payable`; revenue is subtotal net of tax.

### Credit policy

- Pro monthly/yearly grants 200 monthly credits.
- Credit pack grants 100 one-time credits.
- Unsafe prompt/content blocks must remain hard blocks and must not become upsell paths.
- Never label any tier, feature, processing, preset, or generation quota as unlimited.

## Verification performed

- Read `/root/.hermes/reports/site-aieditorrsp-20260528/08-billing-pipeline-preflight.md`.
- Read `/root/.hermes/reports/site-aieditorrsp-20260528/08a-stripe-switch-verification.md`.
- Ran `npx wrangler secret list --name aieditorrsp`; required Stripe secret names are present in Worker secrets.
- Queried Stripe API with current process `STRIPE_SECRET_KEY`; it still points to old account `acct_1STJGiBKSbQI2GbG`, confirming local shell env is stale and should not be treated as canonical.
- Ran direct source scan: `/root/projects/aieditorrsp/src` has 0 matches for `[Uu]nlimited`.
- Ran direct source scan for old wrong-account Stripe object IDs: 0 matches in repo.
- Ran `npm run verify`: passed with `ok=true`, 11 routes, 0 href placeholders, 0 forbiddenCopy.
- Ran `npm run build`: passed, OpenNext Worker bundle generated.
- Git status before report write: clean; repo commit checked: `d3e1b66` (`fix: remove unlimited pricing copy`).

## Final status

GO for 08B backend auth/billing/credits implementation.

08B must still satisfy Checkout tax flags and ledger split requirements before paid launch can be considered production-ready.