Technical Documentation

Complete reference for integrating OriginGuard into your game project.

System Requirements

Requirement	Minimum
Platform	Windows 10+, macOS 12+, Ubuntu 20.04+
Runtime	None — standalone binary, no Node.js or npm required
VS Code Extension	VS Code 1.85+
CI/CD	GitHub Actions (or any runner supporting shell commands)

OriginGuard ships as a zero-dependency standalone binary. No runtime installation is required on artist machines or CI runners.

Installation

Your license bundle includes platform-specific binaries. Place the binary somewhere on your PATH:

# macOS / Linux
cp originguard-linux /usr/local/bin/originguard
chmod +x /usr/local/bin/originguard

# Windows — copy to a directory in your PATH, e.g.:
copy originguard-win.exe C:\Windows\System32\originguard.exe

Verify installation:

originguard --version

CLI: machine-id

Returns the hardware fingerprint for this workstation. Required when purchasing a license — provide this ID during checkout.

originguard machine-id

Example output:

  OriginGuard Machine ID
  ──────────────────────────────────
  54ccd6dfdde32e14eeb5b62d05dc4d77

  Provide this ID when purchasing a license.

Note: The Machine ID is derived from stable hardware identifiers. It will not change on OS updates, but will change if you migrate to a new physical machine. For license transfers, contact support@inventerprises.se.

CLI: scan

Validates every asset in the target directory. Exits with code 1 if any asset is missing its .origin sidecar or if the SHA-256 hash does not match.

originguard scan <assets-directory>

Examples:

# Scan the default Assets directory
originguard scan ./Assets

# Scan a specific subdirectory
originguard scan ./Assets/Characters

Exit codes:

Code	Meaning
`0`	All assets valid — no missing or tampered files
`1`	One or more assets are untagged, missing, or tampered

CLI: report

Scans the asset directory and generates Master_Disclosure.json in the current working directory (or a specified output path).

originguard report <assets-directory> [output-path]

Examples:

# Generate disclosure in current directory
originguard report ./Assets

# Generate disclosure at a specific path
originguard report ./Assets ./compliance/Master_Disclosure.json

.origin Sidecar File

For every tagged asset filename.png, OriginGuard creates a companion filename.png.origin file in the same directory. This is the provenance record.

Example .origin file:

{
  "schema_version": "1.0",
  "asset": "hero_portrait.png",
  "sha256": "e3b0c44298fc1c149afbf4c8996fb92427ae41...",
  "ai_generated": true,
  "tool": "Midjourney",
  "category": "pre_generated",
  "tagged_by": "alice@studio.com",
  "tagged_at": "2026-03-15T14:32:00Z"
}

Field	Type	Description
`schema_version`	string	Always `"1.0"` for current release
`asset`	string	Filename of the tagged asset
`sha256`	string	SHA-256 hash of the asset at time of tagging
`ai_generated`	boolean	`true` if AI tooling was used; `false` otherwise
`tool`	string	Name of the AI tool (e.g. Midjourney, DALL·E, Stable Diffusion)
`category`	string	`"pre_generated"` or `"live_generated"` (Steam terminology)
`tagged_by`	string	Email or username of the artist who tagged the asset
`tagged_at`	string	ISO 8601 timestamp of the tagging event

Important: Do not commit .origin files from assets you intend to modify later. Re-tag after any modification — the SHA-256 hash will no longer match and originguard scan will flag the asset as tampered.

Master_Disclosure.json

The output of originguard report. Contains three sections:

steam_disclosure — copy-paste ready disclosure text for your Steamworks store page
eu_ai_inventory — structured tool registry satisfying EU AI Act Article 50 transparency obligations
integrity_report — full audit log of every asset, with CRITICAL_WARNING flags for tampered files

{
  "generated_at": "2026-05-09T10:00:00Z",
  "steam_disclosure": {
    "disclosure_statement": "This game uses AI-generated content...",
    "categories": ["pre_generated"]
  },
  "eu_ai_inventory": {
    "tools": [
      { "name": "Midjourney", "category": "image_generation", "asset_count": 42 }
    ]
  },
  "integrity_report": {
    "total_assets": 156,
    "tagged": 156,
    "tampered": 0,
    "warnings": []
  }
}

GitHub Actions Integration

Add the following workflow to block any PR that introduces an untagged or tampered asset. Place it at .github/workflows/originguard.yml:

name: OriginGuard Compliance Check

on:
  pull_request:
    branches: [main]

jobs:
  compliance:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Download OriginGuard binary
        run: |
          curl -L "${{ secrets.ORIGINGUARD_BINARY_URL }}" -o originguard
          chmod +x originguard

      - name: Scan assets
        run: ./originguard scan ./Assets

      - name: Generate disclosure report
        run: ./originguard report ./Assets ./compliance/Master_Disclosure.json

      - name: Upload disclosure artifact
        uses: actions/upload-artifact@v4
        with:
          name: compliance-report
          path: compliance/Master_Disclosure.json
          retention-days: 90

Tip: Store your OriginGuard binary in a private GitHub release or secure object storage and reference it via ORIGINGUARD_BINARY_URL. Never commit the binary directly to your game repository.

VS Code Extension

Your license bundle includes originguard-vscode-*.vsix. Install it once per workstation.

Via terminal:

code --install-extension originguard-vscode-2.0.0.vsix

Via VS Code UI: Extensions panel → ··· menu → Install from VSIX… → select the file.

Tagging an asset

Open your project folder in VS Code.
Right-click any asset file in the Explorer panel.
Select OriginGuard: Tag Asset.
Fill in the tool name and category in the prompt.
A .origin sidecar file is created immediately in the same directory.

Best practice: Tag assets at the moment of export — before any downstream processing. This guarantees the SHA-256 hash in the .origin file matches the asset that ships.