Do not do this. This is an incredibly bad idea. If you let the client provide which player they are, this opens up a whole lot of bad possibilities for exploiters in your game, depending on what your game is. By allowing the client to provide which player they are, players can perform actions for other players.
Imagine a game with a trading system allowing exploiters to send trades for other players to themselves, just because the client has the power to tell the server which player they are. Not only would this upset the other player being stolen from, but that player could potentially have spent hundreds or even thousands of robux on your game that they’ve now wasted because the game’s system wasn’t properly secured.
As @Mighty_Loopy said, the solution is to make sure what a player does is actually possible. Staying on the example of a trading system, a simple way to secure the trade is to make sure that the items the player is sending are actually items they have.
All hiding your remote events/functions does is keeps a fair portion of exploiters from firing them. However, this is essentially pointless, since if this is your only line of defense from exploiters there are people who will get by this, and then you’ll need to start doing sanity checks anyway.