WIP: IToldU (universal var watermarking) (Patreon)

Since some people here don't like what I'm working on and what I'm trying to build, and keep and keep and keep insisting for me to do anti-piracy stuff, here's something to let you know that I'm thinking about you. I wasted much of my day today for this, but it's shaping up and getting there. Here's the first test for my new IToldU anti-leaking solution for VaM var addons.


HOW IT WORKS

- You give it a var
- It generates multiple watermarked vars, archives each of them with a separate password and creates a list of passwords
- Creators can then just upload the whole batch at once and give users just an id and a password
- users just download /files/xx/addon.var.7z  where xx is the id they received
- people can then extract with the password they received and they get a .var that's watermarked
- when new users subscribe, creators can just forward an id & pass, it's possible to automate that through a discord bot or a mailing list

Inspired by papers like
https://www.cs.auckland.ac.nz/courses/compsci725s2c/archive/termpapers/725ou.pdf and all the leakers of past that made me think of ways to implement this.


In the demo I show how it starts with 1 var and generates multiple password-protected archives, each having files watermarked. I use a tool then to show how it looks at the pixels and detects from which watermarked var that image originated from.

HOW ARE VARS WATERMARKED

1. scenes, models, presets
- there's wildcards creators can add to numbers and words (morphs, clothes, atoms)
- the scripts alters the values and replaces them with different values for each user
- alters words, words positions, even white spaces

2. plugins
- in plugins the script can replace function names & variables as well as add custom words that help identify the user for whom the file was generated

3. images
- in images it alters pixels, transforms user identifiers in binary and alters a color channel in specific small areas that makes up for jpeg optimization and in a way that then can be read by another script and tell for which user that image was generated

4. general text
- in any text file it looks for lists of words like [[a|b|c...]] and picks a word in a way to make it represent a digit/clue to the user id

5. timestamps & image meta info
- didn't look at it but it should be possible

6. scripts boobytraps
- didn't look at it but it should be possible to make it so that by trying to reverse the watermarks through a script to cause messing up the plugin, requiring manual tedious labor to remove them

7. partial obfuscation for scripts
- to make it harder to read & remove the watermarks

8. multiple user attack protection
-  use watermarks by transforming the user id to a lower base, even binary, and scattering watermarks so that even if multiple users compare files, there will still be clues they'll miss

9. sounds
- i'll look at that too, for mp3 it should be easy to add stuff in the metadata, I'm not sure about wav and ogg

10. filenames
- not implemented yet but it should be possible to rename some files that are marked as safe to do so (not intended to be used for 3rd party references), by renaming also the references in other files in the var, sort of like vam does it when it makes vars.

Creators have very easy control over what gets watermarked, it doesn't just randomly mess up all files. The only thing I don't think I can watermark are assetbundles, except maybe by timestamps.

SHORTCOMINGS
- it's not fool-proof by any means, but it's easy to add lots of watermarks that take a lot of work to identify and get rid of
- Doesn't work well with huge files. But it would work by breaking vars in smaller pieces (like one var with textures & big files and one with scene, look, etc). That's what I had in mind to do with Alive back when it had Alive.var and Alive.assets.var and was contemplating making this

CREDITS
- ChatGPT3.5
- GTracer
- other bots