Best way for encrypt dff and scripts

[h4x7o0r]

Hey there, I'm planning to release a public server but i must resolve some issues first.

I'm asking you which is the best way to encrypt my dff. models and also the scripts. I've read some time ago that scripts can be compiled and encrypted in luac or stuff like this (someone told me also that we can add at the final of some important scripts a function that 's clearing the cache from the client or something like that). the txd as i know can't be locked or encrypt somehow so i must do something with the model itself.

Can you give me some advices / methods of what is better to do ? also i think this could be useful to anyone.

Thank you in advance .

[50p]

I know you can lock your DFF files in 3DS Max before you export them but it doesn't stop people from importing them back to 3DS because all the "lock" does is add 1 byte at specific offset which can be changed manually to "unlock" the file but not everyone knows this. I'm sure you don't want people to use your scripts, deleting files after they quit would be one method but this doesn't stop them from Alt+Tab the game and copy the files before they quit. Since the scripts are loaded into memory you can delete them right after they're loaded. That's one way of doing it. As you said, you can also encrypt them with Luac and add the encrypted files to meta.xml instead of the original files which is much easier.

To protect your models (dff) and textures (txd) you can use file functions server-side to read the files and then send the content of the file to client as a string when needed. Once they are sent you can then create temporary files client-side which can then be loaded and deleted straight away. I haven't tried that but I'm pretty sure it should work. You could do this for all the files, even Lua script files.

[Anderl]

An ever better way to protect your Lua files is to read the Lua files in the server side and load its content with loadstring on client side.

That way of protecting DFF and TXD files that 50p said is basically the same idea I had for my download manager so people would not need to wait model files download to end when they joined the server. I'm pretty sure that works.

[h4x7o0r]

First of all, thank you so much guys for your prompt replies, i really appreciate this and also find 'em very useful.

I've just found a "tutorial" that's already posted on the tutorials section, i will put here the link just because maybe there's someone interested too (https://forum.multitheftauto.com/viewtop ... 91&t=36847, thanks to NeXTreme and SDK). Looks like this method combined with a encrypt of client-side file will be more than enough.

[Anderl]

That way isn't the best. There are still ways to steal the files with that.

My way of protecting Lua files is the best way imo because there's no way they can get it, the code is read from the server-side and loaded in the client-side. No client files needed, just save them in the resource folder ( you don't even need to add them to meta.xml ).