I’m working on a game where I’m going to be having a few values I want stored and saved. Lives, number of stars on each level, and different skins that can be unlocked. My question is that since I’m using JSON right now the files for these variables is super easy to read, however once the game is released I was wondering if this would be a risk for pirates. So that they could just change the variables for the number of lives or just unlock anything they liked. Would it be better to encrypt this information using OpenSSL. Is it worth the risk of me not using it properly and having some users maybe lose their data?
Maybe this wil be useful for you
schroederapps/corona-settings - A Lua module for easy saving & loading of user settings in Corona SDK projects
This is a Lua module that is designed to add easy saving & loading of user settings in a Corona SDK project. Settings are saved to the app’s documents directory as a set of 2 text files:
- settings.data is a base64-encoded JSON string containing key/value pairs that you define in your code.
- _settings.data is a SHA-512 hash of that same JSON string, used to check for any tampering.
While savvy users could technically dig into their settings file and modify the key/value pairs within settings.data, the module prevents tampering by checking that a fresh hash of settings.data matches the saved hash and reverts user settings to your pre-defined defaults if they do not. Since the key used to generate the hash is not stored in the save files, users will not be able to recreate a matching hash.
No matter what you do you will get hackers and players abusing your IAPs too - it’s unavoidable. Encryption obviously helps.
This module is so dope! It makes keeping track of my stuff so much easier! Thank you so much!
Maybe this wil be useful for you
schroederapps/corona-settings - A Lua module for easy saving & loading of user settings in Corona SDK projects
This is a Lua module that is designed to add easy saving & loading of user settings in a Corona SDK project. Settings are saved to the app’s documents directory as a set of 2 text files:
- settings.data is a base64-encoded JSON string containing key/value pairs that you define in your code.
- _settings.data is a SHA-512 hash of that same JSON string, used to check for any tampering.
While savvy users could technically dig into their settings file and modify the key/value pairs within settings.data, the module prevents tampering by checking that a fresh hash of settings.data matches the saved hash and reverts user settings to your pre-defined defaults if they do not. Since the key used to generate the hash is not stored in the save files, users will not be able to recreate a matching hash.
No matter what you do you will get hackers and players abusing your IAPs too - it’s unavoidable. Encryption obviously helps.
This module is so dope! It makes keeping track of my stuff so much easier! Thank you so much!