Making a game thats unhackable (as much as possible)

Making a game thats unhackable (as much as possible)
0

so i have normal and premium items in my game. so im using local storage to check if an item has been purchased or not. so doing this with normal items was easy right. i just set an item and get its value to check later if its bought or not. should i just do the same thing with items that are going to be IAP like should i store the data of if its bought or not offline? and only when someone is buying do that connection with iap? any ideas?

for IAP you should check and see if the items have been purchased from the app store you are deployed too. You can’t trust local storage.

Nothing is unhackable too.

2 Likes

yes but how do i store that data like i have a shop full of premium items like someone bought one how do i keep that data am i supposed to check if it was bought everytime they load the shop or even play with the character?

I make multiple checks and write results to local storage. However, given that local storage can be manipulated I then check again through out the game being played, at the end, if something else is purchased, etc, etc.

2 Likes

ok i wanted to make sure there isnt something people are using besides local storage. thanks this was the answer i needed :slight_smile:

There are surely many ways to do this. It is just what I do. I also use SQLite for storage and I update/replaces keys in SQLite frequently so they can’t copy a database back to local storage if it has been manipulated.

2 Likes

Local storage (especially on android) can easily be compromised. Your safest bet is to do as @slackmoehrle has suggested.

2 Likes

What about loading purchased items from appstore on app start and keep them in a global variable rather than local storage. So each time you will load items from app store and memory is not easy to manipulate isn’t it?

1 Like

umm, i honestly dont know how that would work because i still didnt even use appstore for any kind of purchases so like i dont know. i think it sounds like a great idea. plus i have 2 different scene :frowning: whats your current approach that you use in your games tho?

I define a global variable so it’s valid until exit the game.
My game is Super Mega Space Game. So I defined
window.smsg ={};
I put a lot of data in this object (even utility functions).
I load some settings from server on app start and use them runtime. You can use persistent nodes between scenes but global variable approach is much better and simple.

1 Like

i will try thanks :slight_smile:

If its okay to spend a few bucks: create a vserver (5 bucks a month).

Store and synchronize the items with the server. You also can store the items localy and hash them.

3 Likes

Perhaps make sure to obscure URLs, encrypt communication, firewalls up on server, etc, etc. just hardening where you will be hosting your data.

3 Likes

Store your localStorage Data in encrypt form so that hacker can’t update it directly.
In your code you have encryption/decryption key to set/update localStorage.
Though hacker can see your code to reveal the key but it takes extra steps to exploit your code rather than just updating localStorage directly.

2 Likes

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.