Protecting assets?

I wonder how and if it’s at all possible to protect your (3D) assets from being downloaded when deploying to a public website.

I guess it’d be pretty easy to find the URLs using the browsers’ web dev tools to download and repurpose the assets?

This could be something hard to communicate to clients – even if it’s just a lower quality version of their product.

Original Post on Discord

by user 395602247196737546

It’s an old question on the web and elsewhere - No 1 thing is that what’s displayed on someone’s screen can be copied in one way or another. One can grab the GPU commands, make screenshots and run it through photogrammetry, unpack files from a Steam game or other installed application, … there’s simply no way to entirely prevent that.

That being said: of course there are levels to how easy or hard it is to copy assets from someone. For example, Sketchfab garbles the textures and meshes - but that has also been reverse engineered and people can reconstruct the assets from that.

One built-in protection that Needle Engine offers right now is Progressive Textures - where the source glb contains only low-resolution textures and the high-res textures are downloaded and assembled on demand. That makes it similarly hard to re-assemble the full-quality assets as with, for example, Sketchfab.

Another built-in protection is the use of meshopt and draco, which means that the assets are always “lossy” - comparable to e.g. a JPEG - you never get the “PSD”, so to speak, so have limited ability to work with the files.

In that way, our bundling works similar to how webdev javascript bunding produces minified files: some information is compressed/lost, and while it’s possible to extract and reconstruct some of the data, the quality will be lower.

Hope that helps - let me know your thoughts on the above and how you think we can do better there. I think you’re right that it needs more explanation on our website, but ultimately it’s the same with images - you’re not giving away trade secrets by having a visualization 3D model on your website, that’s not the same as letting someone download the original construction data.

Thanks for your thorough explanation. I hoped you already had some thoughts about these matters and it shows you did :slightly_smiling_face:

by user 395602247196737546

In a way this will all break down to how to explain this to a customer. Oftentimes they provide us with part of their business secrets in form of e.g. CAD data and we have to go through several steps to make this whole shitload of data realtime-ready anyway.

But that is in usual only to display this kind of models in an environment they (or at least we) control: Machines on a trade fair or on-premise or cloud instances.

And I think this is the important step: To leave a controlled environment, going out in the open where it’s easy for other parties to get a hold on not only the visualization but the 3d data for it. You could use it e.g. for measurements, on the top of my head.

So I understand if someone would be hesitant to go this step. And the more informed we are about what is possible and what isn’t the better we can lead a discussion towards this step :slightly_smiling_face:

by user 395602247196737546

I wonder if Mesh Baking could help with this if the object’s mesh doesn’t need to be manipulated separately from other objects or scenery meshes.

by user 581381221087445033

It’s something on the list actually to bake meshes as part of our post processing pipeline when they are marked to be baked in your Editor of choice (currently Unity or Blender :slightly_smiling_face: )