Copy-protection is the task of encoding a program into a quantum state to prevent illegal duplications. A line of recent works studied copy-protection schemes under “ 1 → 2 attacks”: the adversary receiving one program copy can not produce two valid copies. However, under most circumstances, vendors need to sell more than one copy of a program and still ensure that no duplicates can be generated. In this work, we initiate the study of collusion resistant copy-protection in the plain model. Our results are twofold: The feasibility of copy-protecting all watermarkable functionalities is an open question raised by Aaronson et al. (CRYPTO’ 21). In the literature, watermarking decryption, digital signature schemes and PRFs have been extensively studied. For the first time, we show that digital signature schemes can be copy-protected. Together with the previous work on copy-protection of decryption and PRFs by Coladangelo et al. (CRYPTO’ 21), it suggests that many watermarkable functionalities can be copy-protected, partially answering the above open question by Aaronson et al.We make all the above schemes (copy-protection of decryption, digital signatures and PRFs) k bounded collusion resistant for any polynomial k, giving the first bounded collusion resistant copy-protection for various functionalities in the plain model.