BeatSaber-IPA-Reloaded icon indicating copy to clipboard operation
BeatSaber-IPA-Reloaded copied to clipboard
verified publisher icon nike4613

OpenComposite detected as piracy tool, triggers "Invalid installation" error

Open InvoxiPlayGames opened this issue 1 month ago • 5 comments

InvoxiPlayGames avatar Nov 14 '25 06:11 InvoxiPlayGames

Unless you can provide me with valid usage of this tool, I am not supporting it as this kind of tool and Revive are often used in pirate installations.

Meivyn avatar Nov 14 '25 11:11 Meivyn

I had the INI file left over from using the WMR portal directly with Beat Saber 1.29.1 for lower latency, so there's the valid usage.

Image

I would be interested in asking, what "piracy" could even come from a replacement to the OpenVR DLL? That's a really strange assumption to make considering Steam API ownership is checked via the Steam API DLL (note: not the OpenVR DLL, they have been seperate since 2016) before the VR backend is even initialised... at least with ReVive, sure, the VR API is tangled with the actual ownership API, but come on.

InvoxiPlayGames avatar Nov 14 '25 14:11 InvoxiPlayGames

The problem is that most if not all pirate installs use native files that store their config in .ini files, making it hard to prevent piracy while not preventing third party tools to work. The whitelist is the only thing that I could think of that would alleviate that. I'm open to suggestions though. So far the checks in place have proven to be extremely effective, but I know it's not perfect.

Meivyn avatar Dec 04 '25 14:12 Meivyn

steam_api64.dll (as well as the Oculus equivalent, if such thing ends up in the Plugins folder) has a digital signature that can be checked to be from Valve's certificate, or checked if the name starts with "Valve" against the Windows trusted certificate store.

InvoxiPlayGames avatar Dec 04 '25 20:12 InvoxiPlayGames

This doesn't prevent DLL hijacking which a lot of illegitimate installs are using.

Meivyn avatar Dec 06 '25 03:12 Meivyn