Why are the cache files for RedM not encoded or hidden? At this point, each person can check our Triggers without Dumper …
Because you removed
svadhesive from your server files?
‘each person’ can do so anyway using
neteventlog or NUI devtools… nor should ‘checking triggers’ matter if you e.g. rate limit them, add checks or implement multi-peer consistency for anything ‘important’/‘critical’.
For this example - check on the receiving player if the reviving player is even nearby, only then send to the server that ‘sure, I accept this revive’, check on the server if the player has a medical kit or whatever you need, etc… even w/o OneSync you can ensure many things are not called inappropriately by checking on the affected client or others in the relevant area
It is enabled by default, i didn’t remove it.
I checked several servers, not only mine, and you can check the cache everywhere.
Like bubble stated above you can print them out in plain text anyway so I’m confused why does this even matter. If something this should be even more beneficial for you for creating honeypots for users who have tendency to trigger events with malicious intent. As of best practice you should never trust the data sent to server by client. Always expect the data to been tampered with.
For example if you need to give item to player you could whitelist items given by the specific command and check the location of the player to see if the player is somewhere where this even should have had triggered. Hide ratelimit factors in server callbacks, fetch menu data from server side and save time values when menu is opened and compare to purchase of items ie. This all makes it incredibly hard for the “hacker” to miss-use these triggers. After all this hacker needs to get it all right to exploit the given function every time, where you need to have him trip into one trap to get rid of him.