Issues with security against Explorers and scripting

Sorry if i’m in the wrong place, but i don’t think there is a better place for this doubt

Recently, I made a Gun (and it is working normally), my question is whether I can leave the Server Scripts inside this Gun (Tool), See:
Sem título

I was researching some Guns in the ToolBox and they all left their scripts in ServerScriptService, so I’m not sure if they did this for security.
In short, is it okay to leave the Script (which deals with important things like damage, etc.) inside the Gun?

Hi, so I’m not some high tech scripter nor really a scripter at all as I am a discord coder, however I do not think it matters because either way your scripts will relate to the tool when you script it in terms of like finding ReplicatedStorage or so. I hope this helps even though it was a little whacky.

1 Like

It’s fine to leave it there if that works for you. If you want to have a script for each gun, that works. Some people use an approach where there is a single server script which handles the events for all guns; this is another paradigm that works for them.

The real difference of doing it like that will be in maintainability and readability of code. Things like performance overhead or resource usage really won’t become a problem unless you are doing something really really wrong.

1 Like

I understood, but about what you said, about them leaving this only in a script on ServerScriptService, could you give me an idea of ​​how I would do this?

You can leave server scripts accessible to clients. The bytecode however is never sent to clients therefore they cannot be decompiled. It is impossible to steal server scripts.

Yes, u told me, only when i saw all the weapons in ToolBox using scripts in other places i wanted to understand the reason. thanks man, i believe in you.