Invisible · Survives obfuscation · Forensic-grade

Trace leaked code
back to the buyer.

Embed an invisible fingerprint — buyer email, order ID, anything — using zero-width Unicode characters. The bytes hide inside a normal string literal, survive minifiers, and round-trip through obfuscators. When a copy leaks, paste it here and recover the original buyer info.

payload: ts:2026-07-04
Original code
Watermarked· 152 invisible chars added
/* Just Obfuscate watermark — do not remove */ (globalThis.__jo_wm = (globalThis.__jo_wm || "") + "‌​‌​​‌​‌​‌​‌‌​‌​​​​​​​​​​​​​‌‌​‌​‌‌‌​‌​​​‌‌‌​​‌‌​​‌‌‌​‌​​​‌‌​​‌​​​‌‌​​​​​​‌‌​​‌​​​‌‌​‌‌​​​‌​‌‌​‌​​‌‌​​​​​​‌‌​‌‌‌​​‌​‌‌​‌​​‌‌​​​​​​‌‌​‌​​​‌​‌‌​‌​‌​‌​​‌​‌");
function greet(name) {
  console.log("Hello, " + name + "!");
  return { ok: true };
}
greet("world");

How it works

01 Encode
Your buyer payload is encoded as a frame of zero-width characters (U+200B / U+200C) with a magic prefix and length header.
02 Inject
The frame is placed inside a string literal assigned to globalThis. Dead-code elimination can't drop a side effect on a global.
03 Trace
If the code leaks, paste it on the Extract tab — even after obfuscation. The frame's magic header makes it locatable.

What it survives

TransformSurvives?Notes
Terser (mangle + compress)✓ YesString literal preserved verbatim.
esbuild / SWC minify✓ YesBoth preserve string contents.
Just Obfuscate (maximum)✓ YesRecover after one decode-deep pass.
Prettier / dprint formatting✓ YesZero-width chars are valid string content.
Manual rename of identifiers✓ YesDoesn't touch string literals.
Hand-stripping all comments✓ YesWatermark lives in a string, not a comment.
Re-typing every line by hand⚠ NoAdversary must transcribe invisible chars.