Scripting Helpers is winding down operations and is now read-only. More info→
Ad
Log in to vote
1

How would I send and receive data while preventing exploits?

Asked by
8oe 115 Donator
3 years ago
Edited 3 years ago

Hey there.

I wanted to understand how to create an anti cheat for a game. Previously I have seen the idea of going through the whole game looking. I have been told this could and would create a lot of lag within the game and generally just a bad idea and well the client can basically 'spoof' it. What would be the best way to eliminate lag while also eliminating exploiters?

My goal here is to eliminate exploits from being injected but that is most likely impossible. So my new goal is to prevent data from being tampered with. My idea to this was probably checking through remote events at first to see if data was tampered with as I had no other idea on how to check once injected on.

The main idea I had was most likely using the _index metamethod. If the table’s index metamethod returns a value, rather than returning nil, the index would return the value that was returned from the function.

local metat = {
__index = function(self, index)
return  index.."value"
end

local tabl = {
["human"] = 1,
["goblin"] = 0,
}
setmetatable(tabl, metat)
print(tabl["Correct "])
}

Similar to this, how would I correctly send it between the server and the client to prevent cheating of spoofed data or better yet how could I check if data on the server is not tampered with?

0
"how would I correctly send it between the server and the client to prevent cheating of spoofed data?" Are you making a client sided anti exploit? People will easily bypass it by removing the code for it... greatneil80 2647 — 3y
0
I am not attempting to make a client sided exploit. 8oe 115 — 3y

1 answer

Log in to vote
1
Answered by
4thAxis 20
3 years ago

There are a lot of ways to go about having good game security. The most important one is to secure your remote events, don't just make random events like "Give Money", exploiters will just call this remote and exploit its use. You should be doing some checks on the server so exploiters aren't just sending their own arguments. Trying to keep good security on the client is hard but securing the server is good enough. One thing you should not consider doing is obfuscation, it is a pointless practice. For your main question, you should be sending your table through remote events. If this is communication from the server to the client then this is really hard to exploit. As long as you only reference that data that was sent your fine.

Ad

Answer this question