License Launcher (Windows)

Single-file launcher that verifies license online, then runs the embedded EXE.

Build (Windows)

Install Rust (MSVC toolchain).
Build:

cargo build --release --bin launcher_stub
cargo build --release --bin launcher_pack

Output:

target/release/launcher_stub.exe
target/release/launcher_pack.exe
target/release/launcher_gui.exe

Config

Create config.json (example):

{
  "api_base": "http://118.145.218.2:39256",
  "project_id": "PROJ_001",
  "project_secret": "YOUR_PROJECT_SECRET",
  "client_version": "1.0.0",
  "license_file": "license.key",
  "request_timeout_sec": 10,
  "heartbeat_retries": 2,
  "heartbeat_retry_delay_sec": 5,
  "extract_to": "temp",
  "keep_payload": false
}

Notes:

extract_to: temp (default) or self.
If extract_to=self, the payload is extracted next to the launcher (use this when your app needs local resource files).
Card key is read from license.key next to the launcher (first non-empty line). You can also set card_key in config to hardcode.

Pack

launcher_pack --stub launcher_stub.exe --input your_app.exe --config config.json --output your_app_protected.exe

The tool writes the payload name into the config automatically.

GUI Pack (Recommended)

Put launcher_gui.exe and launcher_stub.exe in the same folder.
Run launcher_gui.exe.
Fill:
- API base
- Integration code (LSC1... from Project detail)
Drag your EXE into the window.
Click Start Pack.

Output file defaults to *_packed.exe.

Run

Place license.key next to your_app_protected.exe:

YOUR-CARD-KEY

Start your_app_protected.exe. It will:

Compute deviceId = MAC|IP (clamped to 64 chars; hashed if too long).
Call /api/auth/verify online.
Start the embedded app.
Send /api/auth/heartbeat on interval; failure will exit the app.

Security Notes

Online verification is required; no offline cache.
If the server disables heartbeat, only startup verification is enforced.
This raises reverse-engineering cost but cannot make a client uncrackable.