I don’t think he accepts friend requests from random people. He’s a pretty busy guy. You’d an credit him in the description of your game without friending him.
Thanks for being his spokesman. I was just kidding! How do I decrypt the hash spokesman? I’m hardly random, just keeping the thread alive lol but seriously! How do I reverse the hash back into what it was? People I don’t know are always telling me what to do! shameful.
As stated previously, it is not meant to be decoded.
This is because it is not intended to encrypt/decrypt data for, say, communicating with a remote server but for use to store credentials (such as passwords) instead of the raw string i.e. If you have a password in your game, then instead of doing
local password: string = "password123"
which could potentially be discovered, ruining the point of a password you can do
local password: string = "ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f"
and then you can check the password by converting the input using the same hash function, for example:
local hashLib = require(script.HashLib)
local password: string = "ef92b778bafe771e89245b89ecbc08a44a4e166c06659911881f383d4473e94f"
local inputBox: TextBox
inputBox:GetPropertyChangedSignal("Text"):Connect(function()
local hashedString: string = HashLib.sha256(inputBox.Text) -- Doesn't matter which algorithm, so long as it is the same as the pre-defined variable
if hashedString == password then
-- Correct password
else
-- Wrong password
end
end)
Edit: I know this is 3 months after you posted but I only looked at this module now and figured it might still be useful.
Edit2: Came back to change code to Luau style guide format.
2 Likes
I appreciate your reply. I find this information very useful as it goes hand in hand with block chaining but the password scenario is even sweeter!
how to un-hash a hashed strings into a proper word using this module?
See boatbomber’s, buildthomases, and my own reply. You cannot “decrypt” a checksum (hashed text) because it is never encrypted. The whole point of hash functions are to create a deterministic checksum, that cannot be converted back (i.e. The hash function has pre-image resistance - given h(x) it should be infeasible to determine x).
3 Likes
I suggest you upload another variant of this as a Github Repository for people who wish to use this externally and from an official source.
Was just searching for this on Wally since I had HashLib vendored in a project I’m a collaborator on. Now that I know this exists and that it’s on Wally, I will be switching all my other hashing implementations over to HashLib. Nice to know this is available!
Super happy with this, it provides a wide range of hashing functions and looks to be highly performant too! My go-to module supports only SHA256 and I don’t dare find out if it’s really unoptimised. If anyone wants a use case, I use hashing to enforce the server being the only machine allowed to connect players to other places in an experience as the option is not natively provided.
Best part is that there’s no colon syntax on the exported functions so this works well with import destructuring when I’m only concerned about using one hashing method.
1 Like
Looking at the gist of original base64 module it looks like a new version has been released by the creator of it, perhaps worth taking a look at and/or making some changes if needed!
Also I recommend renaming the HashLib (main module) to “MainModule” for sake of easier requiring from an official online source (my Github OpenSource suggestion still stands)
local x = require(4544052033) print(x)
This module is for hashing text, and that also implies allowing for better security in games. Requiring IDs is not secure, and will take some extra time to load.
1 Like
Care to elaborate about
?
Also, I rather have latest & greatest version for safety rather than an offline & local version that can potentially become outdated without me knowing.
The module can be changed at any time, meaning a backdoor can be added, or functionality changes which breaks games without notice. I like to insert modules instead of requiring their ID because of this.
1 Like
This logic applies to all modules out there, and it doesn’t mean we should be staying away from using require’s convenient feature like this. Nor does this prevent you from using an offline version, up to the preference really. It’s all about having options to choose from.
Sorry for the necro but I think what hes trying to say is to not have a bunch of requires for your game for the following reasons:
- If it’s untrusted / gets into the wrong hands you could get a backdoor in your game.
- You are having to load in all of the modules at runtime for your game which is not good for timing as you might need them before they are loaded.
- You won’t get the intelisense because you don’t know the contents.
- As your game get’s older if the package updates it could break your game where as if you had a static module then it would work forever (unless roblox dose that thing where the deprecate features and break games)
Likewise, there are benefits of having a dynamic module like being always up-to-date (improvements of speed & quality and so on)
Thanks for highlighting the downsides though.
1 Like
how do i decode SHA256 with this? i dont see a function for decoding it.
This library provides hashing functions not encryption. SHA256 is a one way function. The entire point of a hash is to have a unique fingerprint of some private information, and be able to verify it without storing the private information in plain text.
1 Like
Hey, I am interested in using this library in an “anti-cheat” I’m working on. However, the MIT license used by this project isn’t really friendly towards my use case. Is it possible for us to reach an agreement that is sufficient to support both of our projects?