Is it against the rules to obfuscate scripts?

I’ve been wondering if it’s allowed to obfuscate scripts with obfuscators, such as IronBrew, as I am very (very) paranoid of backdoors, and do not want any scripts to get stolen or leaked etc.


There is no reason to obfuscate scripts.

Security through obscurity is not real security. If you obfuscate your scripts you’re merely making it harder to understand, but your code logic is still there. You can lose performance by doing this, and debugging obfuscated code is going to be hell. Also, obfuscation is generally associated with bad scripts. So if someone comes across your scripts they might assume it is malicious and report it.

If your script is not malicious then there is nothing to hide.

Also deobfuscation exists, so yeah obfuscation provides zero security :wink:


Thanks! (30 charrrrrrrrrrrrrs)

I haven’t seen anyone fully deobfuscate known lua obfuscators, it’s more like getting the constants than deobfuscating.

Manual deobfuscation is possible as well. It might take longer, but is definitely possible. I have done it many times.

To answer your question: You are allowed to obfuscate your scrips.

However adding onto what @incapaxx said, there is not much point in obfuscating your scripts for security reasons because all obfuscating does it make code harder to read and understand. The best way to protect your game against backdoors is by having the appropriate server sided checks and not trusting the client. It is also impossible to stop exploiters steeling your scrips because those scripts are on the players client.

It is worth mentioning, an exploiter can only steel your client sided code so without the server that code is almost worthless because parts/most of the stolen code will rely on some of the servers input. If you are worried about people steeling your games code just make your game better than the stolen copies and if you suspect a game has stolen your code report it to Roblox.