What is the leeway you get from exploiters stealing your game when you place something in the workspace?

I’m trying to make my game as theft-proof as possible, so I’m putting as much code as possible in serverstorage and serverscriptservice.

I currently have it set up so that it checks the player’s save file to clone (a weapon) from serverstorage to the player’s backpack. There is a server script in there that, as soon as possible, places itself in serverscriptservice after setting a variable of the folder it is in.

in serverstorage:
image
goes from serverstorage to backpack and serverscript immediately runs the following:
image
then ends up here (still serverscript)
image

Is it fast enough to make it impossible for hackers to steal? As in, can’t read the code fast enough to dump it, since it’s kind of on the same-ish frame. If not, I already have another solution in mind but I don’t really want to rework my script if it’s not necessary.

1 Like

The player connects to the server after the server scripts start running, so I’d assume it would be enough time. I’d still put your script directly in ServerScriptService if you really are concerned.

1 Like

Unfortunately any hackers dedicated enough can intercept it no matter how fast you are. The chances of any hackers being dedicated enough to do this are very low, but technically it is possible.

It appears in the player’s backpack whenever they respawn.

Why does the code need to be in the backpack?

If you are using a script that needs to be on the player, you are out of luck.
If not, why is it in the backpack?

The folder needs to be in the backpack because it basically “unzips” its content where it needs locally. The script itself just needs a reference to this folder because it also relies on the attribute module for data on the weapon and such.

The alternative I had in mind was simply to add an objectvalue pointing to the folder to the script and place it in stray code to begin with, but that requires finding a line of code I haven’t touched in a few months so I want to make sure I don’t need to do that.

I think you have some misconceptions. It’s not possible for exploiters to decompile server-sided code, regardless of whether or not it’s within ServerScriptService. They can get the Instance itself, but that’s useless. That information is simply never replicated to the client.

Additionally, nothing is

If it replicates to the client, you can assume the client will be able to keep it indefinitely.

5 Likes

I was made aware of the whole “stealing of server-sided code” from one of my friends who found a .rar file on mediafire compiling stolen games.
That folder included:
Apocalypse Rising
Assassin!
Counter Blox Roblox Offensive
Epic Minigames
Lumber Tycoon
Mad Games
Mad Paintball
Meepcity
Polyguns
Pokemon Brick Bronze
Surf
Retail Tycoon
etc etc.

That rar folder dates from 2017, so unless roblox has changed something in that time I think it’s fair to say that it’s still something worth being mildly concerned with. Or maybe not, I haven’t checked the games in the folder, perhaps they don’t have scripts in them.

Edit: I checked retail tycoons and it had everything including things from serverstorage in it.

That was a specific major vulnerability with Roblox that was patched as quickly as possible. It shouldn’t be a concern again.

2 Likes

I think this whole topic should be scrapped and you should stop sacrificing productivity in hopes of trying to counteract something that will inevitably affect your game. You can spend hours trying to make some kind of weird system and have it cracked in just a few minutes or less.

Don’t focus on the fact that exploiters can steal your game because they can and probably will if they like what they see, they have something against you or are looking for a stupid cheap thrill. Focus on updating your game and not making work harder for yourself because you’re trying to avoid what you can’t prevent.

Game gets stolen? Outdate the released copies. Keep working away.

Here’s one of many hundred threads about game theft which has some valuable insight towards the matter. I strongly encourage you to take a look.

https://devforum.roblox.com/t/anti-game-steal/437441

I’m not in any hurry and I find it fun to program, whether it be content or just optimizing stuff. Thanks for your input, but for me that’s a hard pass.

That’s unfortunate, because I wasn’t suggesting any kind of hurry either. Unnecessarily overcomplicating your systems because there’s supposed entertainment value to derive out of it doesn’t really excuse bad code or align with your original intention which is to, in a sense, combat place theft - something that you are literally incapable of doing.

You’re assuming that my code is bad or overcomplicated; it’s not.

I’ve been scripting for a fairly long time, and you seem to have a gross misconception at how complex my code is. I literally started working on this 3 days ago using some salvaged parts of previous projects.

I consider that I am more than responsible enough to know what to prioritize when it comes to making these projects. My game is not laggy, has more or less the least client-server latency reasonable and is incredibly easy to add new weapons to.

I do find it fun, but I don’t do it for literally everything if it ends up impacting the game negatively, such as with lag or whatnot (which it doesn’t). So it’s not “supposed entertainment value”, it’s why I picked up programming as a hobby, it’s my drive to keep programming, and it’s partially how I learned and keep learning to code.

So again, hard pass. I appreciate your input, but it just simply does not apply in my case. A measly 7 lines of code that doesn’t affect the game at all isn’t gonna draw the line between a decent game and an unplayable mess.

I’m not making any assumptions, you put it on the thread yourself. You’re putting a majority of your code on the server to supposedly make it as theft proof as possible. That’s already treading into bad design territory. The server should not have to handle the majority of things because you’re scared about place theft which is inevitably a concern, despite Roblox places already being as secure as they can get.

How long you’ve been scripting for and when you started working on this project is moot; highly irrelevant to the current discussion. Same goes with a lot of the content proceeding this remark. Not sure why that’s a point. I don’t have a gross misconception about the complexity of your code and there is a simpler way to do this. One that you don’t want to do because of place theft that exists.

This is my personal advice in that trying to shove things on the server and using odd tricks simply because you fear place stealing is silly, but you do you. You want to “hard pass”, but there may be others who find that relying on tricks like this are pointless, as do I.

Here you are:
image
The large bulk of the entire game is contained here. I’m not shoving almost everything on the server. The only things being kept on the server side is storage and things entirely relevant to the server, such as cooldowns, sanity checks, save files and the likes.
So again, you were assuming. Still a pass.
Edit: if you want to continue on this, please do it via my messages, this is getting kind of spammy on this thread

This doesn’t coincide with the content of the thread nor of what I am disagreeing with, which primarily is trying to place a majority of your stuff on the server.

This is not an assumption, this came directly from your post, which you’ve only now disproved by showing a part of your structure. This is something you could’ve clarified much earlier.

I’m sensing an air of passive aggressiveness in your posts as well. The point of my posts is that overtasking the server because you fear place theft is arrantly silly. If you aren’t doing that, that’s great.

I do not need to hear three times that you are “hard passing”. If you do not agree with my feedback, then that’s you. Others read these threads and it does well to hold this kind of information or a differing perspective. Sacrificing good design by putting things on the server because of place theft is a bad idea and there are a lot of games that don’t bother - hence why when you open a leaked place, you’ll notice a significant portion of the client-side is still in tact.

Feel free to contact me via DM or wherever if you want to discuss further, but I will not be continuing conversation any longer at this point.

Have a good day.

1 Like