I run a FiveM server and we’re dealing with fear of people with softwares from public discords and private marketplaces where it gives them access to dumping/encrypting and stealing our resources / scripts. One of the owners is not sure to drop the server because they’re worried someone will steal our scripts. I want practical, defensive steps we can implement now to reduce risk and make theft harder to profit from. We’re asking for defensive guidance only.
If you are worried about client scripts, the good news is that there is nothing you can do about it. Script dumping is a part of most UGC games, mainly because that content has to reach the client. And if the client game can read it, so can other programs on the PC.
Server-side scripts cannot be dumped, since those never reach the client.
The only thing that you can effectively do is to use server-side scripts as much as possible. This not only makes the server itself more secure, but it also makes the dumped files worthless (since they only have access to the client-side scripts).
You can also try escrowing your own resources on the production server. This makes the script only a little more secure (considering the current platform issues), but the downside is script errors won’t be able to help you identify the problem. So, imo, I would not do it.
One of the owners is not sure to drop the server because they’re worried someone will steal our scripts.
I would worry about having players first, to be honest. Server dumping doesn’t usually happen unless you have some custom mapping that a lot of other people might want (which is more or less the only meaningful thing that they get), or if you piss off the wrong people (which I have done. Many times.)