I have been living under a rock for the past 2 years and just discovered what Attributes are. I was ecstatic about it, as I have been working on an FPS framework for some time now and Attributes could be a game-changer.
However, I pondered if Attributes would be a secure alternative to Values and variables inside ModuleScripts. Secure meaning, “Would this be easy for exploiters to access and mess with?”
So, before I make the big switch to Attributes, I would like to hear your thoughts about the security of Attributes and if I should even use them at all.
Attributes much like value instances won’t replicate from client → server, so yes they’re secure in that regard. If your gunfire is client-sided entirely, the client could mess with the attribute on the client, but using a normal value/module script would pose this risk as well. Basically they can be used interchangeably and won’t cause any security issues beyond what the client can already do with module scripts and values (not much).