My friend recently developed a game with a UGC Limited as a prize and within the first few minutes the stock was entirely bypassed and stolen despite having the appropriate verification and limitations… or so we thought until we noticed this post (I will be providing valuable feedback upon sharing this post - this is not just a replica).
As a result the stock was entirely stolen wasting a good sum of robux and ruined the experience for several players who the prize was stolen from. I believe this is a critical issue that has been spanning for seemingly months if not years and is worth addressing with some level of priority.
That said, I understand how difficult it can be to solve exploit issues from bad actors as I’ve worked to solve many exploits from within my container for a long time now and knowing the arms race it can seem like the issues never truly get solved as resources get put into a solution only for a bypass to occur and make those resources feel seemingly wasted.
I propose a few possible solutions that bare minimum can help developers work around the issue or add some extra layers of security so that the developer has more options in combating the critical game breaking bug than the tools they currently have to work with.
a) In the settings for the asset you can assign a specific experience → Make it so you can assign a specific Place ID within the experience to claim from as an option so that developers can create restricted places to teleport users to in order to claim the item more securely.
b) I’m not sure what the current system for prompting the UGC purchase from the server is, but I would assume and if I’m incorrect I’d recommend: Server is called to prompt player with an item → Server temporarily creates a backend authentication system for the individual they provided the prompt to (ie this player is lined up to receive this item) → Prompt occurs for the player and the player accepts it → Any prompt attempting to claim a UGC item should go through the authentication system and double check if that player was prompted from the server and if that authentication lines up, accept the purchase or if authentication was invalid, reject the purchase.
c) Allow developers to interfere with prompted purchases that occur so that if authentication is invalid, the developer can interfere and reject the purchase outright before the item is claimed.
The first method is probably the easiest if not the hackiest but would be the simplest solution and the others would be the proper fixes. I could probably come up with other solutions as well if all of those would be unacceptable. The solution to the exploit arms race is always giving the developer the resources to combat the issues and then attempting to apply a total patch (imo).
A private message is associated with this bug report