The simplest way is just to have a register that can be read out in some
manner that has a permanent value. This is a lot more like a serial number
than a "watermark". If you mean a thing that affects the logic operations
in some subtle way, I really can't imagine how to do that. Some FPGAs do
have laser-programmed unique serial numbers built into the chip.
Disregarding any way to actually read out the signature, it seems like a
no-brainer to simply write your signature to a multi bit register loaded
at startup. Just make sure the register is not synthesized away due to
no output use.
There are at least a few requirements that are unknown:
1. Shall the watermark be readable from the FPGA bit file? In other
words, an FPGA is not even needed for the IP to hold the watermark.
2. Shall the watermark be readable via some mechanism? If not, I can't
see any reason for it.
3. I believe FPGA vendors are starting to provide security features.
Will one of those vendor products meet your needs for a lot less effort?
What *problem* are you trying to solve with "watermarking"?
Only after defining that can you begin to think whether
watermarking is a sufficient solution.
"If you think cryptography will solve your problem,
you don't understand cryptography and
you don't understand your problem".