Didn’t have much time as of lately to post, so I figured I’d drop this schema and an example entry on the blog. It shows how the Vending application stores “assets”. I’m still doing more research, but it looks like the previous “DRM” that we’ve mentioned isn’t the only security measure that will be in place. As you can see is_forward_locked is a field, though all applications I’ve run across have this disabled (both protected and unprotected). The version_code and refund_timeout also seem to not be used.