Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Large Language Models Are Effective Code Watermarkers

Rui Xu, Jiawei Chen, Zhaoxia Yin, Cong Kong, Xinpeng Zhang

TL;DR

CodeMark-LLM presents a training-free, language-agnostic framework for watermarking source code by embedding semantically preserving transformations guided by LLMs and extracting watermarks via differential comparisons. The dual-module design—Semantically Consistent Embedding and Differential Comparison Extraction—enables robust, cross-language applicability without bespoke rules or model fine-tuning. Empirical results across C, C++, Java, JavaScript, and Python show high fidelity (BitAcc ≈ 98–99%), strong robustness to attacks, and favorable efficiency relative to training-based baselines, with near-100% functional preservation. This work demonstrates that LLMs can provide scalable, generalizable code attribution mechanisms, enabling practical ownership verification in open-source ecosystems.

Abstract

The widespread use of large language models (LLMs) and open-source code has raised ethical and security concerns regarding the distribution and attribution of source code, including unauthorized redistribution, license violations, and misuse of code for malicious purposes. Watermarking has emerged as a promising solution for source attribution, but existing techniques rely heavily on hand-crafted transformation rules, abstract syntax tree (AST) manipulation, or task-specific training, limiting their scalability and generality across languages. Moreover, their robustness against attacks remains limited. To address these limitations, we propose CodeMark-LLM, an LLM-driven watermarking framework that embeds watermark into source code without compromising its semantics or readability. CodeMark-LLM consists of two core components: (i) Semantically Consistent Embedding module that applies functionality-preserving transformations to encode watermark bits, and (ii) Differential Comparison Extraction module that identifies the applied transformations by comparing the original and watermarked code. Leveraging the cross-lingual generalization ability of LLM, CodeMark-LLM avoids language-specific engineering and training pipelines. Extensive experiments across diverse programming languages and attack scenarios demonstrate its robustness, effectiveness, and scalability.

Large Language Models Are Effective Code Watermarkers

TL;DR

CodeMark-LLM presents a training-free, language-agnostic framework for watermarking source code by embedding semantically preserving transformations guided by LLMs and extracting watermarks via differential comparisons. The dual-module design—Semantically Consistent Embedding and Differential Comparison Extraction—enables robust, cross-language applicability without bespoke rules or model fine-tuning. Empirical results across C, C++, Java, JavaScript, and Python show high fidelity (BitAcc ≈ 98–99%), strong robustness to attacks, and favorable efficiency relative to training-based baselines, with near-100% functional preservation. This work demonstrates that LLMs can provide scalable, generalizable code attribution mechanisms, enabling practical ownership verification in open-source ecosystems.

Abstract

The widespread use of large language models (LLMs) and open-source code has raised ethical and security concerns regarding the distribution and attribution of source code, including unauthorized redistribution, license violations, and misuse of code for malicious purposes. Watermarking has emerged as a promising solution for source attribution, but existing techniques rely heavily on hand-crafted transformation rules, abstract syntax tree (AST) manipulation, or task-specific training, limiting their scalability and generality across languages. Moreover, their robustness against attacks remains limited. To address these limitations, we propose CodeMark-LLM, an LLM-driven watermarking framework that embeds watermark into source code without compromising its semantics or readability. CodeMark-LLM consists of two core components: (i) Semantically Consistent Embedding module that applies functionality-preserving transformations to encode watermark bits, and (ii) Differential Comparison Extraction module that identifies the applied transformations by comparing the original and watermarked code. Leveraging the cross-lingual generalization ability of LLM, CodeMark-LLM avoids language-specific engineering and training pipelines. Extensive experiments across diverse programming languages and attack scenarios demonstrate its robustness, effectiveness, and scalability.

Paper Structure

This paper contains 24 sections, 10 equations, 8 figures, 12 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Method
  4. Preliminaries and Problem Formulation
  5. Semantically Consistent Embedding
  6. Differential Comparison Extraction
  7. Evaluation
  8. Experiment Setup
  9. Watermark Accuracy
  10. Transparency
  11. Efficiency and Economic Cost
  12. Robustness
  13. Conclusion
  14. Prompt of CodeMark-LLM
  15. Prompt Design of Semantic Consistent Embedding
  16. ...and 9 more sections

Figures (8)

  • Figure 1: The overall framework of CodeMark-LLM.
  • Figure 2: Natural semantics metrics for CodeMark-LLM, SrcMarker and AWT$_\text{code}$. "Original" refers to the unwatermarked code.
  • Figure 3: Prompt template for watermark embedding in CodeMark-LLM.
  • Figure 4: Prompt template for watermark extraction in CodeMark-LLM.
  • Figure 5: A code snippet watermarked by CodeMark-LLM.
  • ...and 3 more figures