sapphire

v1 — auth + DRM for Windows apps

Stop crackers from
patching your .exe

HWID-bound licensing, encrypted module delivery, anti-tamper. Drop-in C++ SDK for serious devs shipping paid Windows apps.

%

uptime · 90d

ms

p99 latency

-bit

RSA + AES-GCM

plaintext keys stored

integration

Four function calls. Ship in 30 minutes.

Link safeguard.lib, point endpoint at sapphirelol.com, ship.

main.cpp
1#include "safeguard/include/safeguard/core.h" 2#include "safeguard/include/safeguard/auth.h" 3 4int main() { 5 // 1. Anti-debug, anti-VM, integrity checks 6 SafeGuard::Core::initialize(); 7 8 // 2. HWID-bound authentication 9 auto session = SafeGuard::Auth::login("USER_KEY"); 10 if (!session.valid) return 1; 11 12 // 3. Heartbeat — process dies if missed 13 SafeGuard::Core::startHeartbeat(session.token); 14 15 // 4. Server streams encrypted module, mapped in-memory 16 SafeGuard::Mapper::requestAndMapModule("core.bin"); 17 18 return 0; 19}
raw API
1curl -X POST https://sapphirelol.com/api/ \ 2 -H "Content-Type: application/json" \ 3 -d '{ 4 "type": "authenticate", 5 "key": "USER_KEY", 6 "hwid": "<aes-256-gcm-encrypted>", 7 "nonce": "<32-byte-nonce>", 8 "hmac": "<sha256-mac>" 9 }' 10 11# Returns HWID-bound session token, valid 4h, 12# rotated each heartbeat. Stolen tokens die fast.
defense in depth

Auth + DRM, layered.

Each layer raises the cost. Crackers bail when work hours exceed license price.

HWID binding

1 license = 1 machine. Stolen keys reject from device #2. Reset on request, audit trail per reset.

Read docs

Encrypted modules

Real logic streamed AES-256-GCM, manual-mapped in memory. Never sits on disk.

Read docs

Anti-debug

PEB walks, syscall-direct checks, timing detection. Process exits before payload runs.

Read docs

Manual-mapped loader

Skip the Windows loader entirely. No PEB, no LDR_DATA, no DLL list trace.

Read docs

Real-time HWID bans

Catch a leaker, ban from dashboard. Heartbeat dies in < 30s. They reload, they are out.

Read docs

Reseller system

Issue keys to resellers with quotas. They sell on, you keep server-side control.

Read docs
stopped daily

Every attack vector your competitors miss.

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

Patched .exe blocked

integrity hash mismatch — reject

Memory dump blocked

modules decrypted just-in-time, never on disk

Stolen license blocked

HWID lock — 1 device per key

API replay blocked

AAD nonce + per-session HMAC

Debugger attached blocked

PEB walk + syscall direct — exit

VM analysis blocked

WMI fingerprint + timing checks

DLL injection blocked

module list scan + thread origin verify

Protocol RE blocked

VMProtect-mutated, syscall-direct net I/O

pricing

Cheaper than a single crack costs you.

Cancel anytime. 7-day refund if you do not ship.

Starter

Solo devs shipping their first paid app.

$19/mo
  • 100 active licenses
  • 10K auth requests/mo
  • HWID binding
  • Basic anti-tamper
  • Email support

Pro

most popular

Customers come, resellers ask in.

$49/mo
  • 1,000 active licenses
  • 100K auth requests/mo
  • Encrypted module delivery
  • Anti-debug + anti-VM
  • Reseller accounts
  • Discord webhook
  • Priority support

Reseller

Run your own auth product with sub-resellers.

$99/mo
  • 10,000 active licenses
  • Unlimited auth requests
  • VMProtect license bundle
  • White-label dashboard
  • Sub-reseller management
  • Custom domain support
  • Direct Discord support
FAQ

Questions you would ask in DMs.

Ship a paid app this weekend.

Sign up, generate your first key in 60 seconds, integrate before dinner.