As the topic says, I am wondering if it is legal according to Roblox Rules to invite exploiters to a security game test, and pay them robux/usd if they make a harmful bypass under the conditions that I am informed of the vulnerablity that they exploited to do so.
Do note that I am well aware of the vulnerabilities of the client and the complexities in securing it including the fact that it is impossible to completely secure the client, but I do also believe that making exploiting more difficult for the general exploiters is better than making the game fully vulnerable. I’m well experienced in that debate, I am simply wondering if this would be allowed according to roblox rules.
Basically the idea is to have security in my game that is constantly tested by a competent group of exploiters / white hats who will attempt to destroy the security everyday, the bounty is simply there to encourage people to try and break the anti exploit and by nature, the longer this goes on for, the better it is for the security. And it will easily filter out the 99% of common exploiters who knows only basic lua while they attempt to cheat in games, not to mention the ones who does not even know lua / understand client-server relationship.
I’m sure some of us are aware that big companies such as Microsoft does this to create a formidable security, as you can read here.
Now of course I am just an atom as compared to them, and we know Roblox themselves work closely with white hats to improve their security. Basically what I’m wondering is what are the rules on this for us developers, are we allowed to somewhat adopt and act upon this idea for our game securities as well?
And if it is not allowed towards random exploiters, are we allowed to do so with boss white hat owners? Because I do strongly believe that this is a very healthy method in handling security. Again, I am not saying that this is a MUST for all roblox developers, but for those of us who do care this much in regards to security, are we allowed to create and act upon this idea?