Skip to main content

Installation

Create a new rust project
Terminal
cargo new tsar-project
cd tsar-project
Add the TSAR crate to your cargo.toml file
Cargo.toml
[package]
name = "tsar-project"
version = "0.1.0"
edition = "2021"

[dependencies]
tsar-sdk = "0.1.0-beta.1" # Get the latest version at https://crates.io/crates/tsar-sdk
Create a new TSAR Client struct in your main.rs file and authorize your user. You can optionally create a heartbeat() loop in a background thread.
main.rs
use tsar_sdk::{AuthParams, Client, ClientParams};

// You should have gotten these values after creating your app
// You can find them in your app's configuration settings
const APP_ID: &str = "00000000-0000-0000-0000-000000000000";
const CLIENT_KEY: &str = "MFk...";

fn main() {
  let options = ClientParams {
      app_id: APP_ID.to_string(),
      client_key: CLIENT_KEY.to_string(),
  };

  // This will create a new client & perform a hash check on your binary
  let client_init = Client::create(options);

  // Check if client init was successful
  match client_init {
      Ok(client) => {
        println!(
            "Client successfully initialized. {:#?}",
            client
        );

        // Check if user is authorized. Default AuthParams open the user's browser when auth fails.
        let mut user_result = client.authenticate(AuthParams::default());

        // If they aren't authorized, continue to check until they've authenticated themselves in their browser.
        while user_result.is_err() {
            println!("Attempting to check if user is valid...");
            std::thread::sleep(std::time::Duration::from_secs(3)); // Keep a delay of at least 3 seconds to prevent rate-limiting.

            // Make sure to set open_browser to false when in a loop, or else the browser will keep opening nonstop.
            user_result = client.authenticate(AuthParams {
                open_browser: false,
            });
        }

        // At this point the user is authenticated
        let user = user_result.unwrap();

        println!("User authorized. {:#?}", user);

        // Start a heartbeat loop to continue checking if the user is authorized (we recommend running this in a background thread)
        //
        // **MAKE SURE THE LOOP RUNS ONLY ONCE EVERY 20 - 30 SECONDS**
        // Otherwise, your users might get rate-limited.
        //
        // Using a heartbeat thread will allow you to delete user sessions and have them be kicked off of your software live.
        // Additionally, if their subscription expires they will also be kicked during the heartbeat check.
        loop {
            match user.heartbeat() {
                Ok(_) => println!("Heartbeat success"),
                Err(err) => {
                    println!("Heartbeat failed: {:?}: {}", err, err)
                }
            }
            std::thread::sleep(std::time::Duration::from_secs(30));
        }
      }
      Err(err) => println!("Failed to initialize client: {:?}: {}", err, err),
  }
}
Thats it! You are now protected by TSAR.

What’s next?

TSAR isn’t a means to fully secure your application from reverse engineering. We recommend investing into protecting your software through encryption and obfuscation. Here are some Rust tools that we recommend:
  • Goldberg (Code flow obfuscation, string literal encryption, integer literal encryption)
  • Debugoff (Linux anti-analysis)
We also recommend using these release flags:
Cargo.toml
[profile.release]
stack-protector = true
strip = "symbols"
panic = "abort"
opt-level = 3
debug = false
lto = true
cfi = true