I’ve been working on an anti-cheat. So far, it has been mostly server-side, and most of the anti-cheat is inside players. Deleting a localscript in the character or a script being deleted in the script, will cause the player to be kicked, since deletions in a character replicate server-side.
Yet one SUPER easy bypass is to instead just disable the localscript, and it will no longer detect walkspeed changes or humanoid changes. An attempt I’ve already tried was to fire an event from the localscript using a remote-event in the character (yep, it bans if you delete remote-events.) so it’ll fire an event every 4 or 2 seconds, and the anti-cheat that detects the remotes will reset a timer that goes down slowly to make sure lag spikes can’t cause your player to be kicked. although this can be a easy way to detect disables, it can also be easily bypassed if the script itself just fires the event themselves. I’ve thought of a sort of encryption that is different in every server, but remotespy can detect fires from the client, meaning that this can be still easily bypassed anyway.
Is there any solutions for this issue, and if so, how?