Anti-Cheat Release: Valkyrie

A while ago, my friend Daily (daily3014TheGod) and I started working on an anti-cheat called Valkyrie, but we never finished it. There aren’t many comments in the code, so please don’t message us about how to get around it or if you find any problems. We’ve decided to stop working on this project for good, which means we won’t be updating or supporting it anymore.

And just to be clear, don’t try to sell this anti-cheat. Instead, use it as a learning tool.

Valkyrie Anti Cheat Release.rbxm (56.2 KB)

36 Likes

This is a huge W

EDIT: You can use some of these methods paired with Valkyrie to make sure no cheater gets through.

10 Likes

why does it say “Leak” in the file name?

7 Likes

Because that’s how I saved the file. I wrote the anticheat though

6 Likes

Nice work!
Maybe put it on GithHub if it isn’t already so more people can participate :slight_smile:!

2 Likes

This is also a good showcase of why “you should never rely on client” is bad advice

6 Likes

Comments like these are the reason im losing faith in humanity, its a bad advice because people often use it as a last line of defense against exploiters, They rely on patching cheats by the client when it can be done by the server and theres no reason to do it from the client if its gonna get penetrated.

Client security is only usefull against cheats impossible to patch via the server such as aimbot, and wall hacks.

8 Likes

Pretty sure he meant, that nothing is impossible, if you saw the source code, you would see that It tried or could detect namecall, index, and newindex hooks, same for remote spies, and function hooks.
It’s just that only a small % of devs know how to properly make client sided anti exploits.

1 Like

This is literally the argument every company makes for their anticheats and yet they get bypassed in a matter of days, I will not further reply to this as its not up for debate.

4 Likes

We are talking about roblox though, if you know how to patch the bypasses and reverse engineering, It doesn’t take more than 1 hour in most cases, you can see that in Citadel an anti cheat made 2 years ago, there’s not a single public bypass for it, and the anti cheat itself doesn’t ban people, so even though everything is “bypassable”, It doesn’t mean that the client sucks, It’s true that It can’t be trusted, but making a client anticheat isn’t bad either.

3 Likes

bro is loosing faith in humanity over a roblox anticheat :money_mouth_face:

11 Likes

Mine anticheats are more or less the first line of defense, data sent through the anticheat remote are encrypted with the keys stored inside the obfuscated anticheat (obfuscation plays a big part in anticheats). Unless you had the source to the anticheat, it would be really difficult to reverse engineer the exact encryption it uses and the key it uses for the encryption. Things like this make client anticheats reliable enough to use in big games without them getting bypassed in a matter of days.

Client anticheats are much much better at detecting what the server could detect. A serversided walkspeed detection will false positive a lot because you can’t check for the WalkSpeed property changing unlike on the client. You could hook the property on the client but no hook is perfect and valkyrie for example has a function made for detecting those imperfect hooks (PropertySpoofCheck), however for this release I snipped the function but Liker’s post has a simple method to detect most spoofs

Valkyrie and my past anticheats never had a full bypass. In Valkyrie nobody managed to bypass the serversided walkspeed checks OR the clientsided walkspeed checks. Nobody even came close to bypassing any of the clientsided checks. You are the prime example of a devforum user that replies with “You should never rely on the client” to every post about clientsided anticheats

4 Likes

I understand now XChris_vC, Have a great day!

lol im sure no one ever bypassed it when u aint even got a popular game

The popularity of my games doesn’t matter. If it was popular i’d have 5 skids there 24/7. The games attract actually competent exploiters through discord servers & etc, not through advertising the game through advertisements

Compare my newest anticheat (Valkyrie) that had only one testing session that lasted 2-3 hours to my older anticheat that was public for weeks then COMPARE those to my even older anticheat (that I still work on) which had a lot of testing sessions that would last hours but was never public for long periods of time
image
image
image

2 Likes

What’s the use for this is if ‘Byfron’ exists?

to defend against executors that bypass byfron

1 Like

Byfron is bypassed by using an android emulator like BlueStacks, This is used to fight hackers that bypass Byfron

Anticheats are going to be useless soon since Roblox teamed up with an exploiting company named Synapse X to destroy exploiters

It was mainly released because of byfron. You can also see in xnx’s post
“And just to be clear, don’t try to sell this anti-cheat. Instead, use it as a learning tool.” so it’s a learning tool for people

2 Likes

Hyperion biggest weakness is that It’s still usermode, so a kernel driver can easily bypass it, unless they make it kernel as well, so anti cheats aren’t going to be useless, for example, if an exploiter managed to bypass hyperion with a private executor, and there’s a remote event that gives money, they can easily get an absurd amount of money in the game, so protecting remote events and making anti cheats are still good.