Every result I’ve found for this topic never gave an actual clear answer (the only relatively useful topic ended with people arguing)
If a weapon is in replicated storage, and an exploiter moves it into their backpack, will it replicate to other players?
No because it will only be given to them on their side. Nobody else will have it in their game.
If you handle weapon logic on the client, although the physical weapon itself will not replicate to other players, the client logic will still run for that player. So, yes, they can use it - others would not see the weapon but it would affect them.
I’m not entirely sure, but I’m almost certain server sided logic will not work should this ever happen. So you should be able to rest easy.
Confused on how this works? How are other players being affected by client logic if it’s not replicated to them?
What I mean is if that logic interacts with the server (via remote) then whatever happens on the server as a result of that will replicate to other clients. Anything done to their own character on the client will also replicate because they have network ownership of it.
Because like let’s say you kill the player’s humanoid from the client-side, it will replicate to other clients*. I know it’s sort of a weird explanation but yeah. Sometimes it just breaks through the boundaries I guess.
iirc yes, it replicates. i know this was the case a couple of years ago but im not sure if they updated something
Really just depends, if the exploiter’s client can see an important RemoteEvent you should secure it.
Like if you have a server script that just listens and does this for the tool
Event.OnServerEvent:Connect(function(p)
p:Destroy() --> or any code here basically doing anything important
end)
thats where you’re in trouble.
The best practice would be to:
Make the tool & its localscripts inaccessible to the players unless they have it. They can decompile item’s that they don’t have and simulate their behaviour in some rare cases.
Check in your server scripts that the player actually owns the tool before doing any scary stuff.
Make sure the values provided in RemoteEvents are correct & the correct type on the server!
Refer to The official cheat mitigation examples to learn further!
Remember, never hurts to just make sure nothing goes wrong.
If you check if they have it on the server, you won’t have to worry about them using it against other players.
Thankfully all my remotes (such as the ones to legitimately get tools) have a serverside authentication process (and none of the tools use remotes in this case)
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.