Hi! I’ve wanted to know : Can exploiters open local scripts in our game? I mean, like it’s opening in the studio. Or they can only see it in their explorer? Thank you for your help in advance!
1 Like
Exploiters are able to decompile local scripts but it is not the original and looks quite messy ( However the code is the same result it just doesn’t look the way you coded it), They are also able to decompile module scripts as long as it is in a location the client can access. Example being in ReplicatedStorage.
2 Likes
I’m trying to add a password argument while using my remotes events. Is there any possibilities to “encode” the argument in another language and when received in the server, decode it?
There is no reason to do this, Exploiters can just read the password when you fire the remote.
Is there any way to secure remote events/functions then?
Remote spies can read every argument that a remote is fired with.
You could probably do server sided checks if the remote was fired in the correct time, what was the delay, etc.
^^ Is therre any way then? (30 chars)
Yes, don’t just trust the client. The server should have someway to check that what the player is doing makes sense in the context of the situation.
I’m using a server-sided debounce. Is that enough?
There may be some latency though
You have to be creative with remote events checks, there is no real way of doing that.
1 Like
They can steal your localscripts and modules required by a localscript.
Can they changes values of a module script required by a local script? I mean, I have a module script required by both server and client.
They can change anything their client has access to.
The server-script’s bytecode is never shared with the client, so your server-scripts are safe.
Hum, I have a module script required by the client. The module script handles the prices of items in my game. Should I change that? I’m using an .GetPrice(itemName) function to get the price of the item.
Do the checks on the server, not the client.
Oh, the checks are made in server. I’m just getting it from the client to show the price, not to make shopping.
Then you shouldn’t worry…
So, when they change something to the module, server will ignore it and keep the old values, right? Since to get the price, I’m doing GetPrice(itemName) too on the server.