Protecting your resources.

[NegativeIQ]

A simple question, how to protect your client side resources from being stolen?

First thing first. I know about cache tag and its not solution in my case (well i could use it for a few important scripts but nothing more)

Lua scripts could be compiled (but that wont do any good as there is/are decompiler(s)), so any tricks to screw with decompiler(s)?

How to protect TXD,DFF,COL,image (as in png,jpeg...) files? One thing that came to my mind is placing anomaly inside files, and removing it just a moment before import, or completely encoding file, base64 or something like that, maybe even encoding and placing anomaly. But im afraid these would update last modification timestamp and client would ask to redownload those files next time...I dont know how MTA check if file was modified so any help on these is welcome.

[Ab-47]

Well MTA does not support self-compiled codes, so they implemented luac.multitheftauto.com to use their compiler.

You don't want to use that because people can decompile, so the only lasting solution on my mind is to call this simple function at the end of your code;

fileDelete 

So when the resource is downloaded and ran, it'll delete the file from it's directory but when the player joins again, he'd have to download it again. I've never used this function, but I assume it'll permanently delete the file, or maybe from the players directory. Use it client side and see what happens, keep a backup.

Sorry if I couldn't help, but that's all the knowledge I have in compiling. Also I assume such files such as .jpg or png have to be in their standard legal way to run in MTA, else it'll detect it as a threat and won't load. Afaik..

[Citizen]

As far I know there is no way to fully protect your client-side files because the MTA client need to be able to read your files. And if the MTA client is able to read it, then everyone can read or dump it somewhere on his computer.

But you can get rid of the low skilled stealers by changing the way the files are loaded.

First you can remove all your client-scripts from the meta.xml (but keep an easy to update list of them like clients.xml).

Then when a player joins, the server will load all client-script content and send it to the client side as a string using triggers and then use the loadstring lua function to load and run the code. Use the Ransom's code to send and load the scripts: viewtopic.php?p=337791#p337791

For the media files like sounds, textures, images etc, placing an anomaly inside the files is a good idea but must be done on the server files.

You will have two folders on the server side one containing all the medias without anomaly, and another folder with the same medias with anomalies (by using a c++, C#, Java, whatever application) and use the medias with anomalies in the meta.xml for the production environment and the medias without anomalies for the dev environment. And of course when deploying onto the real server, you won't upload the folder that contains the medias without anomalies.

[NegativeIQ]

@Ab-47 file delete would have same effect as cache disabled (keeping file only in memory).

@Citizen About meta and that topic ling, i think disabled cache parameter in meta is painless solution as it will have the same effect (keeping file only in memory), not what im looking for. But you did give me idea to try out, i could also place anomaly inside lua files, and use one small script that would be always downloaded from server (cache disabled, means only exists in memory), read client file(s), import into a buffer, remove anomaly and load using loadstring. (Just sharing my idea, hope someone may find it useful, or help me )

If i get some time and will to test it out i will share results, meanwhile any ideas, examples or simple experience sharing is welcome (Yep im that desperate )

EDIT: By the way anyone tested if these is gonna screw with decompiler(s)?

omfguncompilable = {{{{{{},{},{},{}}}}}}; 

[Citizen]

EDIT: By the way anyone tested if these is gonna screw with decompiler(s)?

omfguncompilable = {{{{{{},{},{},{}}}}}}; 

That's what Kenix suggested aswell in the same topic I linked: viewtopic.php?p=338904#p338904

But yours a just a bit more complex, I don't know if it's true though.

[SpecT]

Or you could put the client side script in the server side as a string and send it to the client and load it with loadstring.

Then they will just see the receive function and they wont be able to steal anything.

[Citizen]

Or you could put the client side script in the server side as a string and send it to the client and load it with loadstring.

Then they will just see the receive function and they wont be able to steal anything.

Ok toni012899, read carefully:

- First, that's exactly what I suggested in this post.

- Secondly, we CAN steal your scripts by doing that. It's just harder so "noobs" can't still your scripts even if it's still possible.

Please read other's posts so you know everything that has been said before posting the same answers/suggestions.

[SpecT]

Or you could put the client side script in the server side as a string and send it to the client and load it with loadstring.

Then they will just see the receive function and they wont be able to steal anything.

Ok toni012899, read carefully:

- First, that's exactly what I suggested in this post.

- Secondly, we CAN steal your scripts by doing that. It's just harder so "noobs" can't still your scripts even if it's still possible.

Please read other's posts so you know everything that has been said before posting the same answers/suggestions.

Oh, jeez ... I'm really really sorry I didn't read your post. Sorry once again ...

[Saml1er]

Well you can simply set cache to false in meta.xml for client side scripts. Clients will not download lua file, code will be executed directly. Altho someone with advanced programming knowledge can get the code from RAM and convert it from bytes to lua again but still not much people would like to go through this for stealing your code but still its possible.

[jingzhi]

Marked