I have created a token system to secure my events but I wonder if this helps/is enough.
My Script
local MaxTimeBetweenSendingAndRecieving = 3
local function EnCodeToken()
local SendTime= os.time()
local Rnd = Random.new(SendTime)
local Key = SendTime
for i = 1, Rnd:NextInteger(1, 20) do
Key *= Rnd:NextInteger(1, 5)
end
return {SendTime, Key}
end
local function DeCodeToken(Key)
local RecieveTime = os.time()
local SendTime = Key[1]
local Rnd = Random.new(SendTime)
local DeCodeKey = Key[2]
for i = 1, Rnd:NextInteger(1, 20) do
DeCodeKey /= Rnd:NextInteger(1, 5)
end
return SendTime == DeCodeKey and RecieveTime <= SendTime + MaxTimeBetweenSendingAndRecieving
end
It’s pointless. Remote keys of any kind don’t work because exploiters can just call your module functions that generate the key, or spy on them as they are sent through network traffic.
This will assuming I understand it require the server to initiate the conversation and block any data that it didn’t request. As noted already though, this won’t actually stop you from receiving any bad data. An attacking party just needs to intercept your question and send it bad data back within the time frame pretending to be the script you intended. This will allow you to trust it a bit more, but ultimately the attacker can just send any data they want anyways.