According to this topic, storing the UE Marketplace assets in the repository is not allowed, but is publishing just the game binaries and .pak files in their “bare” form better, since everyone who downloaded the UE (which is free) can extract the original assets in the unmodified form also for free? I guess that no, and if so, how to forbid downloading the assets bypassing the Marketplace? I understand that if one wants to crack you, he will crack you, but also I understand that programs, accounts etc. are cracked by just anyone, but well-protected ones - by the overwhelming minority. I do not need some obfuscators etc. for $5000, I just need the assets for which I spent money to not be downloadable for free by everyone. I have spent less than $500 for these assets during the entire life in all the shops, so needing of $1000 to download all my game content will be absolutely enough. How to reach this?
Hey @Etyuhibosecyu!
That topic is a bit wrong, because it seemed like the question wasn’t actually answered. You can share the marketplace assets with your team as long as it is used for the game, but NOT in a public capacity, ONLY private, such as a password-protected Perforce server for your team. The best way to do this is to add the marketplace content to the project you’re working on with your team. If there is any legal question and you told your team they are allowed to take it and use it for other things, then you’d be in trouble. Otherwise, they are stealing from YOU as well as the marketplace seller.
This isn’t pertinent to this specific question that comes AFTER that, but the post you linked to, which is a closed topic.
At least, I’m pretty sure that’s how it seems to read in the documentation.
Hope this helps!
Hello @Mind-Brain! I have already got an answer for the linked topic, the question here is how to publish packaged game to not broadcast the original content to everyone?
Just to be safe, you should encrypt it, but you can use Unreal Engine itself for that!
Look at the section called “Signing and Encryption” here! 
@Mind-Brain, thanks, I will try! (EDIT: I have tried and it seems to work!) And still a question, sorry if it is silly for you, but how to check whether the old builds without encryption have already been pirated or not? I understand that thief won’t write publicly that he is thief, but maybe there are some indirect signs that indicate that probability of this is larger than one per million? Because my site is really crawled by spam bots, and they have even downloaded the key technical file (.htaccess). So is it possible to identify that they might download the packages that I used in my game?
There would not really be a way to know that, that’s what the signature is for. If they downloaded your game and you didn’t encrypt it it’s out there, and they’d likely scrub it of a signature. Just take it down ASAP and put up your signed and encrypted version!
How are you actually distributing builds? From Epic storefronts or Itch / Steam… Or your own websites? If its your own site, you usually have to pay for services like this, but they do exist though. They are being used more and more by content creators across every creative discipline (think musicians / writers / filmmakers / game devs for starters) to stop AI ripping off people’s content for FREE… AI THEFT from Microsoft & OpenAI and so on. 
@Mind-Brain, and still one question: are .sig files necessary to publish, or I have to keep them secret?
@Etyuhibosecyu You should keep the .sig file private, only to the developers! It’s for use in determining if files have been corrupted or changed. They’re used for validation checking, so they should only be actively used by the developers.
If so, why opening the project without them fails?
Failed to open descriptor file ../../../<ProjectName>/<ProjectName>.uproject
OH I’m sorry, I misunderstood.
Yes, you send it packaged with the game in the game/content/paks folder. What I meant to say was “Don’t send the signature key.”
Sorry for the confusion!