Thanks to you both. I am totally going down the GGData path. Looks good to me.
Thanks again!
Just curious. As soon as you use encryption, doesn’t Apple ask a bunch of questions and require an ERN authorization to be submitted?
One thing to note with GGData is that it doesn’t store data in an encrypted format. The data is fully readable in JSON format.
However GGData does add a hash to each entry that’s used to detect tampering.
I also noticed that variables that are set to false are reported as corrupt by box:verifyIntegrity(). When they’re true it’s OK.
this is really cool, and timely for me too 
, thanks.
if you use strings for all the variables you can use “false” and “true” no problem.
what would happen if a user shared their ‘box’ with someone else? ie bought the full version , then shared it with others including the ‘box’ ? are the hashes unique per device? i suppose you could store the device id but that’s a little controversial on android.
cheers!
Yeah. I’m a little confused by this “adds a hash to each entry” thing. What does that mean?
And, if it is not altering a true variable in any way, then would setting like “full game = true” mean that a user could still do what I’m trying to avoid them being able to do (alter a file to get the full version).
Sorry for the further questions. I just want to find the best solution for the easy full game hacks.
I’m a little confused by this “adds a hash to each entry” thing. What does that mean?
GGData stores your values in clear JSON text, but it also adds an extra table to the JSON data which includes a hash for each entry of your settings. If you look at the data file that GGData produces you’ll see what I mean. (In the Corona Simulator choose File->Show Project Sandbox, and open the file).
Even though the JSON data is clear text, users can’t tamper with the data as the hash is protecting the original data. What will happen if a user tries to alter the data is that the value that’s been tampered with will be reset to its default value.
Sharing a box will be possible if you give the same key to GGData for each device. If you come up with a way to specify a different key for GGData for each device you’ll be OK.
if you use strings for all the variables you can use “false” and “true” no problem.
Beware that “false” isn’t the same thing (logically) as false.
right , but it’ll work for what i need.
so given that deviceID is a little contentious on android (permissions wise) do you have any suggestions for unique key generation?
thanks for you help with this!
Sorry. It’s tricky to get anything unique within Corona without going native, and even then I don’t know what I’d choose.
Personally I’ve stopped worrying about pirates. It takes too much time and effort away from my development. The thing is, no matter how difficult you make it, there’s always somebody who finds a way around it.