Blazingly Fast, Static Godot Engine Encryption Key Extractor
KeyDot is a high-performance, command-line utility designed to extract encryption keys and detect the engine version from compiled Godot Engine games. It operates directly on game executables (Windows x64) and WebAssembly (.wasm) files without ever needing to run the game.
- ⚡ Blazing Fast Extraction: Optimized C++ code and memory-mapped I/O provide results in milliseconds.
- 🔬 Static Analysis: Reads the game files directly. No runtime process attachment, memory dumping, or debugging required, making it safe and efficient.
- 🧠 Memory-Efficient: Uses memory-mapped files to let the operating system handle efficient file paging, keeping memory usage low even for huge executables.
- 🌐 WASM Support: The only static analysis tool currently available that can extract keys from Godot games compiled for the web.
KeyDot was built from the ground up for speed and ease of use. Here's how it compares to other available tools:
| Tool | Standalone?¹ | Analysis Type | Speed (Windows)² | Speed (WASM)³ | Notes |
|---|---|---|---|---|---|
| KeyDot (This Project) | ✅ | Static | ~50 ms | ~6 ms | Fully automated, no manual steps required. |
| gdke | ❌ | Static | Slow (large files) | ❌ Not Supported | Requires manual function signature search in IDA/Ghidra. |
| GodotPCKExplorer | ✅ | Static | ~4000 ms | ❌ Not Supported | Slower pattern scanning. |
| godot-key-extract | ❌ | Dynamic | Varies (fast) | ❌ Not Supported | Requires DLL injection and running the game process. |
¹ Standalone means the tool does not require running the game or using other complex software like debuggers or disassemblers.
² Windows speed tested on a 78MB executable for KeyDot and a 56MB executable for GodotPCKExplorer.
³ WASM speed tested on a 38MB .wasm file.
- ✅ Windows (64-bit PE Executables)
- ✅ WebAssembly (
.wasmfiles) - Linux (ELF) and macOS (Mach-O) support is planned.
The easiest way to use KeyDot is to download the latest pre-compiled executable for your platform from the Releases Page.
If you prefer to build the project yourself, you will need a C++20 compatible compiler and CMake.
Prerequisites:
- CMake 3.14+
- A C++20 Compiler (Visual Studio 2022, GCC 11+, Clang 12+)
Steps:
- Clone the repository:
git clone https://github.com/YOUR_USERNAME/KeyDot.git cd KeyDot - Create a build directory:
mkdir build cd build - Configure and generate build files (example for Visual Studio):
cmake -S . -B build -DCMAKE_BUILD_TYPE=Release - Compile the project:
cmake --build . --config Release
The final executable, keydot.exe, will be in the build/Release directory.
KeyDot is a simple command-line tool.
KeyDot - Blazingly Fast, Static Godot Engine Encryption Key Extractor
Note: Only 64-bit (x64) executables are supported at the moment.
Usage:
KeyDot [options] <path-to-exe-or-wasm>
Options:
-d, --debug Enable detailed debug logging
-t, --timers Show execution time for each stage
-h, --help Show this help message and exit
1. Analyze a Windows Executable:
keydot.exe game.exeExpected Output:
Godot Engine version: 4.1.1.stable
Anchor : Can't open encrypted pack directory.
String VA : 0x140D2A5B0
LEA at : 0x1406A1E1F
off_* qword VA : 0x140D838B0
Blob VA : 0x1411232B0
32-byte (hex) : 1A2B3C4D5E6F78901A2B3C4D5E6F78901A2B3C4D5E6F78901A2B3C4D
2. Analyze a WebAssembly File with Debug Output:
keydot.exe --debug --timers game.wasmExpected Output:
[CFG] Debug logging enabled
[CFG] Timer logging enabled
[IO] Detected WASM file
[TIMER] find_godot_version_in_wasm: 3.45 ms
Godot Engine version: 3.5.2.stable
[TIMER] extract_wasm_key: 2.11 ms
WASM key: 0987654321fedcba0987654321fedcba0987654321fedcba0987654321fedcba
[TIMER] Total execution: 6.02 ms
If you encounter a game where KeyDot fails to extract the key, or if you want to request support for a new platform (like Linux or macOS), please open an issue.
Make sure to include:
- The sample game file (or a link to it).
- The full text output of running KeyDot with the
--debugflag.
- Find Anchor String: The process begins by searching for known error strings related to encrypted PCK loading (e.g.,
"Can't open encrypted pack directory.") within the (.rdata). - Locate Code Reference: Once a string is located, the tool scans the (
.text) to find where this string is referenced by an instruction, typicallyLEA. - Identify Key Pointer: Within a small window of instructions following the
LEA, the scanner looks for a crucial pattern: aMOVinstruction that loads a 64-bit pointer from a global address (MOV RAX, [RIP + offset]). - Dereference Pointer: This global address contains a pointer to the actual 32-byte encryption key blob, which typically resides in the
.datasection. - Extract Key: The tool reads the 32-byte blob from this final address, revealing the key.
- Heuristic Search: Godot's export template for WASM often embeds the encryption key as a raw byte array near the end of the file.
- Marker Identification: KeyDot reads the last few kilobytes of the file and searches for a specific 7-byte "start marker" followed by a 4-byte "end marker".
- Key Extraction: The 32-byte encryption key is consistently located immediately preceding this end marker.
This project was made possible by studying the excellent work of the following projects and individuals:
- GDRETools/gdsdecomp
- char-ptr/godot-key-extract (Dynamic Analysis)
- char-ptr/gdke (Static Analysis)
- DmitriySalnikov/GodotPCKExplorer/Bruteforcer
- The Godot Engine source code itself.
- And finally, a huge thank you to my girlfriend for her endless support and encouragement throughout this project.
This project is licensed under the MIT License. See the LICENSE file for details.
This tool is intended for educational purposes, security research, and to assist in data recovery for your own projects. Please use it responsibly and respect the intellectual property rights of game developers. The author is not responsible for any misuse of this software.