🔰Safety

Anti-fraud & sustainability procedures

🔊About cheats Memory inspection Context There are many ways to cheat a game, let's list some and solve them correctly:

🌀The cheat engine and other cheat tools work by inspecting a target application's memory.

It creates snapshots of memory as a dictionary of addresses and data.

It is mainly used to search specific data content and change it.

🔊An example of a process for cheating using these tools:

🔔1. Create the first application memory snapshot;

🔔2. Search by content (eg current value of gold);

🔔3. Scan all memory addresses of results with that given content;

🔔4. Change this value in some way (eg spend gold or earn);

Look again for the new content;

Repeat up to 4 until only one result appears.

🟢Change it to whatever the user wants (give funds to yourself. Resistant to memory inspection Purpose: Hide sensitive data in memory All sensitive data is stored encrypted.

🟢The process works as follows: Symmetric encryption. For mutable data, the data space used for content is doubled.

One is for the encrypted data and the other is for the random key. This approach ensures that these search tools fail. Only advanced ones would work, and I don't know of anyone capable of exploiting it.

One for the encrypted data, one for the encryption key, and one for the decryption key. Memory location policy:

Every time data is read or written, the position of the data is randomly changed (within an array and using dynamic memory allocation and deallocations). So effectively each time the data is accessed it moves its position. This prevents the previously described search algorithm from working correctly. We effectively exploit garbage collection to store data in garbage sectors by creating baits to falsely trigger search algorithms.

🟢Storage Exploitability Purpose: Encrypt Local Storage All data on local storage is considered exploitable. Therefore, we encrypt data stored locally, but all sensitive data is stored on our servers. We locally protect users' wallet keys in an encrypted form via a user-supplied password, and not even developers can recover it. Therefore, if the password is lost, the wallet keys will also be lost.

🟢The user must secure the wallet keys elsewhere. If the password is lost, the user must reset the wallet with the password seed and then recreate the password. Users can set to remember passwords to unlock keys, but it is an exploitable security issue, so we don't recommend this when you become a targeted user (with big money invested).

🟢Data Packet Interception To address it, we use deterministic physics simulation. We transfer only the user inputs and validate the physics on the server side. Even if the user's position or other data in a game session has been cheated, it will not affect other players because we only sync the user's inputs, and in the eyes of other players, the cheater will be out of sync and disconnected.

🟢Every game session is unique. A seed is provided for each level to create small changes to each obstacle. At the end of a match, our servers take some time to check the validity of the match, and cheaters are permanently banned. Bytecode Tampering A released package can be tampered with to bypass many client-side protections.

🟢The server is at liberty to ask the client to hash random positions of client bytecode from time to time. We prevent jailbreak or rooted devices from running the game.

If All Fails We use enterprise-grade third-party solution services to secure the game