Have you considered something like ProfileService? It seems like a lot of your structure closely matches how it works, but it also has the added benefit of having a central data saving system with individual profiles.
The issue is that you’re always going to have to have a server/client divide to stop bad actors. I think the general rule of thumb is that you keep everything computationally intensive on the client, and then do necessary checks and data changes on the server. You can make a fairly neat web of remote events/functions doing this. I think holding data client side should only ever really be for unimportant mechanics, otherwise I don’t see a scenario where you couldn’t achieve the same outcome with events.