How safe are client-sided hitboxes and how do i make them safe enough?

THIS IS ABOUT HITBOXES USED FOR CLOSE COMBAT AND OTHER SITUATIONS WHERE SERVER DELAY MATTERS

I’ve been holding off from creating client-sided hitboxes for a long time since there are ALOT of security risks involved. But for the love of god i can’t handle the ungodly amount of server delay you get from server-sided hitboxes, it’s literally unplayable.

So like, how do I make a client-sided hitbox system that doesn’t use a damage remote or anything similar? I can’t really think of any other way to actually deal damage but obviously I can’t have exploiters running around one-shotting everyone.

Any help is appreciated, thanks!

I would recommend using a client-side system that uses raycasting to determine if a player is in range to be hit. This would be much more accurate than a system that uses a damage remote, and it would be much more difficult to exploit.

You would still need a damage remote to damage the people you hit