After six months of work, DRM developer Maurice Heumann has successfully cracked Hogwarts Legacy's Denuvo DRM protection system. Rather than hacking it for illegal reasons, Heumann wanted to hack Hogwart's DRM for the sole purpose of learning its intricacies. As a result, the developer left plenty of the details of his work vague so as not to promote illegal cracking.
Heumann reveals in his blog post that Denuvo utilizes several different methods to ensure that Hogwarts Legacy is being run under appropriate (legal) conditions. First, the DRM creates a "fingerprint" of the game owner's system, and a Steam Ticket is used to prove game ownership. The Steam ticket is sent to the Steam servers to ensure the game was legitimately purchased. Heumann notes that he doesn't technically know what the Steam servers are doing but says this assumption should be accurate enough to understand how Denuvo works.
I spent the last 5 months reverse engineering Denuvo's protection in Hogwarts Legacy and finally managed to bypass it using more than 2000 hooks 😂One of the toughest challenges of my life. Here's my blog post about it:https://t.co/DLf6g5nv0nApril 1, 2024
Once the Steam ticket is verified, a Denuovo Token is generated that only works on a PC with the exact fingerprint. This token is used to decrypt certain values when the game is running, enabling the system to run the game. In addition, the game will use the fingerprint to periodically verify security while the game is running, making Denuvo super difficult to hack.
After six months, Heumann was able to figure out how to hijack Hogwart Legacy's Denuvo fingerprint and use it to run the game on another machine. He used the Qiling reverse engineering framework to identify most of the fingerprint triggers, which took him two months. There was a third trigger that he says he only discovered by accident.
By the end, he was able to hack most of the Denuvo DRM with ~2,000 of his own patches and hooks, and get the game running on his laptop using the token generated from his desktop PC.
Denuvo Performance Impact
The developer also talked about the potential impact on performance as well. Specifically, he wanted to see if he could prove that Denuvo kills performance as much as many people believe.
While he was not able to provide a clear answer by running tests, he instead looked at the frequency of Denuvo calls — noting that if security checks aren't happening very often, it doesn't really matter if they cause a slight slowdown. He discovered that the amount of Denuvo code executed in-game is quite infrequent, with calls occurring once every few seconds, or during level loads.
This suggests that Denuvo is not killing performance, contrary to popular belief. Heumann's discovery seems to back up what Denuvo said officially about its DRM that its DRM protection does not hamper gaming performance.
While Heumann was technically able to successfully hack the Denuvo DRM protection in Hogwarts Legacy, his efforts weren't perfect. The game still crashes at times, as his primary goal was to reach the point where he could launch the game and get to the main menu. He says finding all the Denuvo hooks and patching them is certainly possible, but it would take a significant amount of time to accomplish—which wasn't his purpose. He only wanted to gain a better understanding of how the DRM works.