{"id":28399095,"url":"https://github.com/knifexrage/godot-secure","last_synced_at":"2026-03-07T16:07:43.727Z","repository":{"id":296573017,"uuid":"993360604","full_name":"KnifeXRage/Godot-Secure","owner":"KnifeXRage","description":"Godot Secure transforms your Godot engine into a fortress for game assets. By integrating Camellia-256 / AES-256 encryption with a unique security token system, this solution creates a cryptographically unique engine build that prevents generic decryption tools from accessing your game assets.","archived":false,"fork":false,"pushed_at":"2025-06-04T02:20:22.000Z","size":168,"stargazers_count":84,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-06-08T07:26:33.694Z","etag":null,"topics":["aes-encryption","assets","camellia","camellia256","encryption","encryption-algorithms","encryption-decryption","encryption-tool","game-development","godot","godot-addon","godot-engine","godot-game-engine","godot-module","godot-plugin","godot-secure","godot4","godotengine","protection","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/KnifeXRage.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-30T16:52:06.000Z","updated_at":"2025-06-07T07:45:45.000Z","dependencies_parsed_at":"2025-06-01T04:54:33.954Z","dependency_job_id":"3637fa75-d136-4333-89a5-68fd51396d3c","html_url":"https://github.com/KnifeXRage/Godot-Secure","commit_stats":null,"previous_names":["knifexrage/godot-secure"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/KnifeXRage/Godot-Secure","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KnifeXRage%2FGodot-Secure","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KnifeXRage%2FGodot-Secure/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KnifeXRage%2FGodot-Secure/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KnifeXRage%2FGodot-Secure/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/KnifeXRage","download_url":"https://codeload.github.com/KnifeXRage/Godot-Secure/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KnifeXRage%2FGodot-Secure/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262484073,"owners_count":23318390,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes-encryption","assets","camellia","camellia256","encryption","encryption-algorithms","encryption-decryption","encryption-tool","game-development","godot","godot-addon","godot-engine","godot-game-engine","godot-module","godot-plugin","godot-secure","godot4","godotengine","protection","security-tools"],"created_at":"2025-06-01T07:09:50.355Z","updated_at":"2026-03-07T16:07:43.678Z","avatar_url":"https://github.com/KnifeXRage.png","language":"Python","funding_links":["https://ko-fi.com/V7V41FR21F'","https://ko-fi.com/V7V41FR21F"],"categories":[],"sub_categories":[],"readme":"# Godot Secure - Enhanced Asset Protection For Godot\n[![Godot Engine 4.x](https://img.shields.io/badge/Godot_Engine-4.x-blue)](https://godotengine.org/)\n[![MIT License](https://img.shields.io/badge/license-MIT-blue)](https://github.com/KnifeXRage/Godot-Secure/blob/main/LICENSE)\n\u003ca href='https://ko-fi.com/V7V41FR21F' target='_blank'\u003e\u003cimg height='21' style='border:0px;height:21px;' src='https://storage.ko-fi.com/cdn/kofi5.png?v=6' border='0' alt='Buy Me a Coffee at ko-fi.com' /\u003e\u003c/a\u003e\n\n![Godot Engine Logo](https://github.com/KnifeXRage/Godot-Secure/blob/main/Godot%20Secure.png)\n\n## Overview\n\n**Godot Secure** transforms your Godot engine into a fortress for game assets. By integrating **Camellia-256 / AES-256** encryption with a **unique security token system**, this solution creates a cryptographically **unique engine build** that prevents generic decryption tools from accessing your game assets.\n\n### *Effortless Security for Godot Games*\n\u003eThis script enhances your Godot engine with Camellia/AES encryption and a unique security token system with just one command. Unlike standard encryption, this creates a custom Godot build that's cryptographically unique to you, preventing universal decryption tools from working with your game assets.\n\n## Key Features\n\n- 🎲 **Randomized Magic Headers**: Unique file signatures per engine's build (Not Game)\n- 🔑 **Security Token System**: 32-byte token embedded directly in engine's binary\n- 🛡️ **Per-Build Uniqueness**: Each compilation of engine and templates is cryptographically distinct from others\n- ⚡ **Automated Setup**: One-command modification of Godot source\n- 💾 **No external dependencies**: Everything included\n\n## Why Godot Secure?\n\nStandard Godot encryption has known vulnerabilities. Our solution:\n\n| Feature | Standard Godot | Godot Secure |\n|---------|----------------|--------------|\n| Encryption Algorithm | AES-256 | Camellia-256 / AES-256 |\n| Universal Decryption Tools | Vulnerable | **Protected** |\n| Per Engine-Build Uniqueness | No | **Yes** |\n| Key Obfuscation | No | **Yes** |\n| Magic Header | Fixed | **Randomized** |\n| Required Reverse Engineering | Generic | **Per-Build** |\n\n## Requirements\n\n1. **Godot Source Code** (4.x recommended)\n2. **Python 3.6+**\n3. **OpenSSL** (for key generation)\n4. **Build Tools** (SCons, compilers)\n\n## Download Godot Secure: 🔗[Download](https://github.com/KnifeXRage/Godot-Secure/releases/)\n\n\n#### Pro Tip:\n\u003e Directly Run The Script inside Godot Source and Build your `Engine and Templates` as usual with encryption Key!!\n\n\n## Installation \u0026 Usage\n\n\u003eMust Read Godot's Official Documentation:\n\u003e🔗[View Official Documentation](https://docs.godotengine.org/en/stable/contributing/development/compiling/index.html)\n\n### Step 1: Prepare Environment\n```bash\ngit clone https://github.com/godotengine/godot.git\ncd godot\n```\n\n### Step 2: Generate Encryption Key\n\n```bash\n# Generate 256-bit key (KEEP THIS SECURE!)\nopenssl rand -hex 32 \u003e godot.gdkey\n\n## Set environment variable\n\n# For Linux/macOS:\nexport SCRIPT_AES256_ENCRYPTION_KEY=$(cat godot.gdkey)\n\n# For Windows (PowerShell):\n$env:SCRIPT_AES256_ENCRYPTION_KEY = Get-Content godot.gdkey\n\n# Or Set it Permanently from Control Panel (Windows)\n```\n\n### Step 3: Run Setup Script\n\u003e You Can the Script directly inside Godot Source folder without using arguments!\n\u003e Using: `python godot_secure.py`\n```bash\n# Run The Godot Secure Script\npython godot_secure.py /path/to/godot_source/\n\n#Example:\npython godot_secure.py godot/\n```\n\n### Step 4: Compile Godot Engine and Export Templates\n```bash\n# For Engine (Must REQUIRED):\nscons platform=windows target=editor use_llvm=yes use_mingw=yes # Example for Windows\nscons platform=linuxbsd target=editor use_llvm=yes use_mingw=yes # Example for Linux BSD\nscons platform=macos target=editor use_llvm=yes use_mingw=yes # Example for MacOS\n\n# For Export Templates (Must REQUIRED):\nscons platform=windows target=template_debug use_llvm=yes use_mingw=yes\nscons platform=windows target=template_release use_llvm=yes use_mingw=yes\n...\n\n```\n\u003e Build others Templates like these too and use `platform=macos` or `platform=linuxbsd` to build for *MacOS* or *Linux BSD*, Also use `use_llvm=yes use_mingw=yes` for faster builds!\n\n\n# How It Works\n\nThe script makes these key modifications:\n\n1. **Unique Identifiers**\n   - Generates random magic headers for file signatures\n   - Creates security token embedded in engine binary\n\n2. **Key Protection**\n   - `Actual Key = (Input Key) XOR (Security Token)`\n   - Token exists only in compiled binary\n\n## Troubleshooting\n\n**Script not working?**\n- Ensure Python 3.6+ installed\n- Verify correct Godot source path\n- Run with absolute path if needed:  \n  `python godot_secure.py /path/to/godot_source`\n\n**Compilation errors?**\n- Clean build: `scons --clean`\n- Ensure all submodules: `git submodule update --init`\n\n### Common Issues\n1. **File not found errors**: Ensure correct Godot source path\n2. **Compilation errors**: Verify Mbed TLS is properly included\n3. **Encryption/decryption mismatch**: Always use matching engine builds with matching template(s) builds\n\n### Verification Steps\n1. Check script output for success messages\n2. Confirm `security_token.h` exists in `core/crypto/`\n3. Search for `CamelliaContext / AESContext` in modified files\n4. Verify magic header values in file headers\n\n## Disclaimer\n\n❗ **Use at Your Own Risk**  \nThis script modifies core Godot engine files. Always:\n- Back up your source code before running\n- Test builds thoroughly before deployment\n- Maintain secure copies of security tokens\n- Understand that enhanced security increases complexity\n\n### Security Disclaimer\n\n🪧 **Important Considerations**\n   - This creates a **custom Godot engine**\n   - Standard export templates won't work\n   - Always test builds before deployment\n   - Maintain backups of security tokens\n\n### Rebuild Protocol\n🔄 **Always rebuild when:**\n   - Updating Godot source\n   - Changing security parameters\n   - Creating new game versions\n   - Suspecting key compromise\n\n# License\n- MIT License - Free for Personal and Commercial use with attribution: \n🔗[View License](https://github.com/KnifeXRage/Godot-Secure/blob/main/LICENSE)\n---\n\n## 💖 Support Me\n**Hi there! I'm a college student passionate about game development and programming. While this project will always remain free, your support would mean the world as I balance studies and financial challenges.**\n- If you've found this security tool valuable, I'd sincerely appreciate any support as I work through my studies.\n\n[![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/V7V41FR21F)\n\nEvery contribution helps maintain and improve this project. And encourage me to make more projects like this!\n\n*This is optional support. The tool remains free and open-source regardless.*\n\n---\n\n**Created with ❤️ for Godot Developers**  \nFor contributions, please open issues on GitHub\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknifexrage%2Fgodot-secure","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fknifexrage%2Fgodot-secure","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknifexrage%2Fgodot-secure/lists"}