DRM Using Lua (SOLVED)


I am a mobile 2d game developer coming from a Godot background .

I liked the way Defold becomes fully open-sourced.

My Main Question Is :

I sell My games Source Code , in Godot using C# when i finish a project and i want to sell the source code, i make a C# library for it (DRM) and some encryption so i can limit the use of the source code to only the one who buy it .
i know that it is hard to change a library .dll file in C# .

How Can I do Something like this in Defold with Lua ?

1 Like


You would probably want to make a native extension with some binaries which have functions that are relied on to run the game, enough that it would not be trivial to remove and rewrite those parts, so probably a large portion of your game code or something essential to your game. You would need to make a version of the binary for each platform you want for those who buy a license to be able to release on.



Eventually now that the source is available you could add some encryption/decryption logic to Defold to be able to run encrypted Lua files like many developers do with other engines. If you turn that into a native plugin and sell it with your code, it may work.

1 Like


How do you put DRM on source code? Source code is text and can only be protected via license.

Perhaps you mean you share functionality with others in the form of a compiled library? Lua isn’t compiled so must be shared in its source form, so cannot be protected with DRM. However this is not a problem as DRM is easily broken and is ultimately just a waste of resources. I don’t think you should let this get in the way of adopting Defold.



can i access to the native library from the Lua code , for example changing a variable value or something .



Check out this documentation on building extensions which includes some demo code showing how it is used from lua.



Easiest for the user(us game devs) is use of both Lua obfuscator & minimizer in bundling process of App/Game release variant in combination with what @Pkeod already suggested. That is probably something that is/would be part of the “Cloud Build” system. I’m not sure what is used there or if that has been opened up as well.

Perhaps an extension/config file/template that would simplify creation of: Credits, Branded splash/loading screen, along with code that would trigger a message to the player with a link to the original app if certain parts of the app have been changed and generate/add it as C++ code during build.

It will take some work but should be doable.



I understand where you are coming from, and depending on the type of game, there might be pieces of code that are hard to recreate for someone wishing to copy a game, but in most cases the code isn’t necessarily so complex, especially considering the high level of a lot of the Lua code you write in a Defold game.

I would say that it is the combination of code and assets that has value. Having easy access to the code is not that helpful if you don’t have easy access to the assets.



For Example of what i am doing in Godot With C# .
in Android , i encrypt the buyer’s package name + his purchase code .
and he will have an encrypted string as a serial key for his source code .
inside of the game i always test if it is running with the same package name of that buyer or not .
a test which i have done in the library (.dll + obfuscation) , which i know that it is hard to modify .



Looks like I have misunderstood what you are trying to achieve.

If having your Lua code as binaries is enough for protection, have a look at Terra.

How come you are switching from the engine where you already have this figured out? :slightly_smiling_face:



what i am trying to do is to create a native extension where i can be able to use some functions from this extension inside from Lua code without having the possibility to look at the native extension source code or change it . (is that possible ? )
The Godot engine still has a bad support for mobile platforms (and mobile platforms service) ,
That’s why i have to switch to defold .

1 Like


You can use pre build static libs as native extensions. You have to build those libs yourself for every platform(in your case, for every new customer). Then you can check if the key is correct for this customer or not from Lua. Or you can use a c++ algorithm to do this for you.

1 Like


@selimanac , as i can see in the Manual example , The extension code should be included with the project folder , thus it should be open (can access and modify) to anyone has a copy of the game source code .



You don’t have to. You can use pre build libs. Please check this link. There is a"libs" folder for every platform. I did it and we all use it.



Now i can see the picture , the code that is shouldn’t be accessible will be as a libs that is required by the native extension .
Thank You so much @selimanac .

1 Like


This is the same as using dll with C#. You can find lots of native extensions on the Assets page which might be helpful with static libs. Also there are examples on the manual pages for getting started.

This one uses pre build libs for video playback: https://github.com/defold/extension-videoplayer
Libs: https://github.com/defold/extension-videoplayer/tree/master/videoplayer/lib