Everything you need to protect your 3D designs
From encryption to piracy detection, STL Shield provides a complete protection pipeline for 3D print files. Six integrated systems working together to keep your designs safe.
File Encryption
Military-grade protection for every file
Every STL file you protect is encrypted with AES-256-GCM, the same encryption standard used by governments and financial institutions worldwide. Each file receives a unique encryption key derived via HKDF-SHA256, meaning even if one key is compromised, no other files are affected.
The encrypted output is saved as a .stlx file — a custom container format that bundles the ciphertext, a 96-bit nonce, a GCM authentication tag, and embedded metadata. The auth tag ensures any tampering with the encrypted data is detected immediately upon decryption, preventing bit-flipping and other modification attacks.
Key derivation is handled entirely in Rust memory using the zeroize crate, which guarantees that sensitive key material is overwritten as soon as it is no longer needed. Decrypted mesh data never crosses the IPC boundary to JavaScript — it stays in Rust from decryption through to slicer handoff.
Key capabilities
- AES-256-GCM with per-file unique keys
- HKDF-SHA256 key derivation
- 96-bit nonce + GCM authentication tag
- Custom .stlx container format
- Key material zeroized after use
- Decrypted data never reaches JavaScript
License Management
Token-based access control for every buyer
STL Shield uses a token-based licensing system built around the SHLD-xxxx format. Each token is generated per-buyer and tied to their email address, giving you a clear audit trail of who has access to what. Tokens are hashed with bcrypt (cost factor 12) before storage — even a database breach would not expose usable token values.
Device locking prevents casual sharing. When a buyer activates their token, STL Shield generates a SHA-256 hardware fingerprint from their machine. Each token supports a configurable maximum number of activations (default: 3), so buyers can use multiple personal devices without enabling redistribution.
Key capabilities
- SHLD-xxxx token format with bcrypt hashing
- Per-buyer, per-product token generation
- SHA-256 hardware fingerprint binding
- Configurable max activations (default: 3)
- One-time online activation, then offline use
- Full activation audit log with timestamps
Forensic Watermarking
Invisible marks that survive any export
STL Shield embeds 5 independent watermarking methods into every protected file. These marks are applied at sub-printer-resolution levels (0.001-0.005mm perturbations), making them completely invisible in both the printed object and slicer preview. Yet they are robust enough to survive mesh re-export, format conversion, and even moderate mesh editing.
If a protected file appears on a piracy site, you can extract the watermark to identify the exact buyer who leaked it. The redundancy of 5 independent methods means that even if an attacker discovers and removes one watermark, the remaining methods still identify them.
In Maximum protection mode, watermarks are applied in-memory within the Rust process, and the marked mesh is handed directly to the built-in slicer engine. The watermarked STL never touches disk or JavaScript — it exists only in protected memory for the brief moment between decryption and slicing.
Key capabilities
- 5 independent watermark methods
- Sub-printer-resolution perturbations (0.001-0.005mm)
- Survives re-export, format conversion, and mesh editing
- Buyer identification from leaked files
- In-memory watermarking in Maximum mode
- Zero visible impact on print quality
Analytics Dashboard
Real-time visibility into every activation
The STL Shield dashboard gives you a live view of how your protected files are being used. See activations in real time, broken down by product, geography, and time period. Identify your most popular designs, track revenue-generating products, and spot unusual activation patterns before they become a problem.
The piracy alert system (Watchdog) continuously monitors up to 9 popular 3D model marketplaces for unauthorized copies of your designs. When a match is detected, you receive an immediate notification with the listing URL, seller information, and forensic evidence for DMCA takedown requests.
Key capabilities
- Real-time activation monitoring
- Geographic distribution maps
- Per-product usage analytics
- Watchdog piracy detection (up to 9 platforms)
- Automated DMCA evidence generation
- Anomaly alerts for suspicious patterns
Desktop Viewer
Cross-platform app with direct slicer integration
The STL Shield desktop app is built with Tauri v2, delivering a native experience on Windows, macOS, and Linux with a fraction of Electron's memory footprint. Buyers drag-and-drop their .stlx file, enter their token, and the file is decrypted and sent to their preferred slicer in seconds.
In Standard mode, the app supports 9 popular slicers including OrcaSlicer, PrusaSlicer, Cura, Bambu Studio, and more. The decrypted file is passed via a secure temporary file with restricted permissions. In Maximum mode, the built-in CuraEngine handles slicing entirely within the Rust process — the decrypted mesh never leaves protected memory.
Key capabilities
- Tauri v2 — native performance, tiny footprint
- Windows, macOS, and Linux support
- Drag-and-drop .stlx file handling
- 9 supported slicers in Standard mode
- Built-in CuraEngine for Maximum mode
- Automatic slicer detection and handoff
API & CLI
Automate your entire protection workflow
The STL Shield API and CLI tools let you integrate file protection directly into your existing workflow. Batch-encrypt hundreds of files, generate tokens programmatically, and manage your entire product catalog without touching the dashboard. Perfect for designers with large libraries or those selling through multiple storefronts.
Webhook integrations notify your systems in real time when tokens are activated, products are accessed, or piracy alerts fire. Build custom automations — automatically generate tokens when a sale completes on your Shopify store, or trigger a Slack alert when Watchdog finds a match.
Key capabilities
- RESTful API with full documentation
- CLI tool for batch operations
- Programmatic token generation
- Webhook integrations for real-time events
- Shopify, Gumroad, and Etsy connectors
- Rate-limited and authenticated endpoints
Start protecting your files
Create a free account and encrypt your first file in under two minutes. No credit card required.