Hey Guest! Ever feel like entering a Game Jam, but the time limit is always too much pressure? We get it... You lead a hectic life and dedicating 3 whole days to make a game just doesn't work for you! So, why not enter the GMC SLOW JAM? Take your time! Kick back and make your game over 4 months! Interested? Then just click here!
Hello everyone,
here I made a game by GMS like everyone else.
But is there a way to protect my game against a possible decompilation. I'm not worried that my game is copying but what I do not want is for people to access the code. I saw for GM8 that there was a decompiler and that on GMS there are other programs that can extract the data.win file.
What can be done so that the code is impossible to decompile or read (or encrypted)! Help !!!
for summary, is there a way before, during or after compilation to better preserve its code?
What does the YYC build allow?
Do not put shaders (?!?) in clear text ?
You can make it very, very difficult to decompile, though. I lost the source code to a 2012 project, and my team did such a good job of protecting it that I now consider it "gone forever."
Honestly, don't worry so much about people decompiling your game. YYC export is more than enough protection if you're truly worried about it.
In case you're wondering what that does, it basically converts your game to C++ and compiles to native code. Your game will take just as much work to decompile as anything else compiled as native code.
Some people argue (and loudly so) that GM should be encrypting the code, but we know exactly how much that helps - see: GM≤8.1, or pretty much any case with anti-tamper/anti-piracy measures - once a single person cracked the algorithm, it is instantly worthless, and also all existing works can now be extracted.
There is no algorithm to 'crack' with complied shaders. They are compiled into assembly and (for HLSL anyway) are digitally signed internally. So if you are fluent in shader assembly and able to bypass the validation, go your hardest.
I don't know that anyone has ever asked for 'encrypted shaders' in these forums. People are just asking for pre-complied shaders. YYG pre-create the texture pages, so why not? It's just a matter of running said shader through fxc.exe and add them into the data.win as a compiled shader object.
You could even take it one step further and complie the shader and add it directly to the source code. You won't even be able to view the shader in utilities like 'reshacker' as it is not merely an added resource.
Dumb question, I'm not a real programmer or CS person: what do people do after they decompile something, except maybe cut out any DRM check?
I totally get the principle of the matter, but I'm curious what the pragmatic upshot is.
I'm pretty sure if most of the posters upstream from me saw my source code, they'd gag a little bit and then just recreate my game from scratch in two weeks.
There are various reasons for decompiling things (none of which change anything about its legal status, regardless of the intention). Looking at the source code trying to learn from it, stealing parts of it for your own game, making modifications to the game, replacing all author data with your own and trying to sell it as your own (that has happened with (definitely open-source, not sure about closed-source) software before, I don't remember it specifically happening with games, though), removing DRM and uploading it to piracy sites, abusing knowledge of the networking code so you can attack, hack or cheat the game's servers, making troll videos on Youtube that try to pass something humorous that wasn't in the game before as authentic and enraging the comments, blackmailing the developer to pay you a fee because you'll otherwise release the source code publicly... and that's just a few things I came up with in a minute or two. The potential catastrophic effects scale in sort of a bell curve with the success of a game - useless for games that aren't generating much or any revenue, very harmful for mildly successful games which are selling a bit but not fully covering costs, and relatively harmless again when a game has become so popular that it would still generate substantial revenue even if a hefty portion of the players had pirated copies and the game might actually benefit from the popularity boost of resulting mods / videos / fan base increase (see Undertale).
Clear text is a bit rough though. At least make some effort to deter 99.99% of people.
They even compile the shaders properly in UWP as CSO files as this is a requirement for passing validation. You can't sell on Windows Store if you are compiling shaders at run-time.
Hello everyone,
here I made a game by GMS like everyone else.
But is there a way to protect my game against a possible decompilation. I'm not worried that my game is copying but what I do not want is for people to access the code. I saw for GM8 that there was a decompiler and that on GMS there are other programs that can extract the data.win file.
What can be done so that the code is impossible to decompile or read (or encrypted)! Help !!!
Yes. people can decompile your game. but its [Unimaginable list of swears here] Pointless.
all your code is useless encrypted unreadable garbage when its pulled from the .win
your strings, GMS Functions, and the names of your objects and rooms are readable, but what are you gonna do with the names of them? start a boy band?
now you can get textures and sprite sheets, but people who have your game even without decompiling it have those, so dont worry about it. there just .pngs
I've done this my own games, 1. because I gave myself permission. 2. to solve people decompiling my games
at the end of the day its pointless
you can edit your code with a hex editer but no ordinary joe blow is gonna waste time figuring out what byte of data does what.
and most importantly, why would anyone want to decompile your game? It gives them no benefits all your stuff is protected under copyright
so in summery,
Theres no point in doing so, and no one will want to unless they had a very (Hoover-Dam)-ned good reason too.
I know community guidlines say dont talk about decompilers, but the topic is how to protect myself from them, so im answering the question by being useful and sharing my knowledge on the issue. (nobanplz)
edit: also if you throw the .win in audacity as raw data you get all the sounds covered by static
I did this once, cleaned the static sounded like the game was saying "bow down to me"
How about this? Johnny sells his awesome shader kit for $50 on the marketplace. Like any good lad, and confident in his product, he supplies an exe demo so people get full disclosure on what they are getting.
Evil Steve and his mates come along and download his demo, open it in notepad, and get complete human readable access to his shaders. And being the naughty boys they are, aren't worried about copyright and use it in their own games.
Better still, Steve's best mate decides he will take these shaders and rewrite them a bit, change the variable names, and layout a bit. He then puts it on the marketplace for $10, destroying Johnnys hard work and efforts.
Better still, Steve's best mate decides he will take these shaders and rewrite them a bit, change the variable names, and layout a bit. He then puts it on the marketplace for $10, destroying Johnnys hard work and efforts.
I mean, they can also just buy your thing and then write a replica to undercut you (ex).
Or buy/download your thing and resell it as-is (ex).
Or buy your thing and resell it at third-party stores that are slower to ban people while allowing quick payouts.
Or even sell people access to a whole library of your assets (e.g. VK repeatedly declined to ban someone for doing so with my assets).
Pre-compiling shaders isn't going to magicallysolve this problem with assets specifically.
Also, this hypothetical shader is mining some sort of cryptocurrency, isn't it? For else it may be challenging to sell it without any competition.
I mean, they can also just buy your thing and then write a replica to undercut you (ex).
Or buy/download your thing and resell it as-is (ex).
Or buy your thing and resell it at third-party stores that are slower to ban people while allowing quick payouts.
Or even sell people access to a whole library of your assets (e.g. VK repeatedly declined to ban someone for doing so with my assets).
Pre-compiling shaders isn't going to magicallysolve this problem with assets specifically.
Also, this hypothetical shader is mining some sort of cryptocurrency, isn't it? For else it may be challenging to sell it without any competition.
Thats still a good idea to do, just with this instance, you really dont need to, plus if your publishing on an online platform (like steam) they have DRM for it too, with anti-cracking
Thats still a good idea to do, just with this instance, you really dont need to, plus if your publishing on an online platform (like steam) they have DRM for it too, with anti-cracking
I haven't got any Steam based GM games. But, usually you can copy files that are in use. Pretty sure that notepad wouldn't have any problems opening already in use files either. Either way, I am confident that I could gain access with out to much hassle.
If you can point me in the direction of any free Steam GM games I am willing to give it a crack (no pun intended) to prove the point.
From my experiences with buying marketplace code assets, investigating decompiler cases, and working as a professional maintainer of legacy code for 3 years... editing someone else's code usually is really difficult, even in the off chance it WAS written to be easily editable by someone else (like the marketplace assets allegedly were - some of the examples were definitely debatable on the "easy" part). If someone decompiles your stuff with a simple tool (rather than being a professional hacker that targets you specifically, which is unlikely and also means you've already lost), they're not likely able to make sense of how your code works... so they'll change assets and put stuff on top, but not be able to use any code that's not simple plug-and-play properly.
So, what can you do to deal with that?
Don't make any of your code self-contained. Have it rely on other systems so that you always need to copy at least 2 scripts to do anything meaningful.
Don't document any of your code IN your code.
Use single-letter variable names wherever you can.
Generate all audio and graphics at runtime (e.g. use exclusively vector graphics and use an extension to play a custom music format from individual instrument samples)
I mean, it's a lot of effort, but it's up to you to decide if it's gonna be worth it... (it probably isn't)
Other things you can do is to put links to your official webpages and stuff in your game, so even IF your game is stolen, they just give you more exposure.
Don't make any of your code self-contained. Have it rely on other systems so that you always need to copy at least 2 scripts to do anything meaningful.
Don't document any of your code IN your code.
Use single-letter variable names wherever you can.
Generate all audio and graphics at runtime (e.g. use exclusively vector graphics and use an extension to play a custom music format from individual instrument samples)
I mean, it's a lot of effort, but it's up to you to decide if it's gonna be worth it... (it probably isn't)
Is your intention to dissuade people from using a decompiled game's code or to torture anyone who's working on said game?
I mean, sure, all of this is theoretically an effective way of making it as unbearable as possible to work with the source... but the complications resulting from this are more likely to make people abandon the project or - god forbid - post a help topic about it on the GMC. Don't do this to us. T_T
Well, since a decompilation potentially gives an assailant access to the same code you had in the source, the only failsafe way to make the code impossible for them to deal with is to also make it impossible for you to deal with... eggs and omelets and all that.
I want to put another comment here: Companies actually reveal part of their codes as "Open Source".
To explain all of this, let's start with simple Universal physics rule : Under the very same conditions, if you push a ball 5 meters forward; you can put the ball back if you push the ball 5 meter backward. A hacker in this case would figure out the "very same conditions" to reverse engineer your game's code, eventually returns back to the point zero.
In this century, the only known way to prevent any illegal interferences from users is to separate them from the "core mechanism". This is why pretty much all AAA companies implemented some sort of servers for In App purchases. Once a purchase is done, they check it in their servers and then they grant the prize. With that said, there are softwares that lets you access to RAM directly, meaning that you can alter variables outside of the programs. In 2010, I have used "Cheat Engine" and joined a Game Maker game and changed my speed from 10 to 100, which get caught from the Admin(Sorry man, had to try )
All in all, there is no 100% safe way. In the era where Playstation servers are hacked, iCloud(APPLE!) accounts are hacked and millions of photos are leaked and most secure servers are crashed within minutes; you have to adapt a way to survive amongst all the things.
If you are worried about decompilation being an issue: I have a bunch of the GameMaker studio 2 source (obtained through illegal means but I'm not doing any harm please don't ban me I just wanted to know how to make plugins, perhaps if you would finally document it the world would be a better place). And yet YYG are still selling their software just fine.
Having the source to something doesn't make you able to sell it. That's a whole other ordeal.
Fun fact there was a company i forget the name of that was hired by a company that i forget the name off to make like a spreadsheet program well a programmer hid a easteregg in it because his boss had a strict no easter egg policy but they sent a demo to the company and they replayed back that there demo was outdated and they had got a better version and no longer required them. The company was confused and asked to see it which the other company said sure. Well when they saw it it looks strangely similar to there demo. The programmer put in there cheat code for the easter egg and sure enough Sailor moon poped up with there company name and credit date.
EDIT: my source for this story is from here ,so take that with what ever salt shaker you would like. Personally true or false its a cool story
1. Make a game soooo incredible no one would never want to do such a thing to it. (OK it may help)
2. Let them cheat. Create two files, encrypted to deter and a form of string files in which the player CAN get to. String files can be direct such as a .json or files that contain how to cheat. Of course if they do you can disable other options...until they figure that out.
There is no algorithm to 'crack' with complied shaders. They are compiled into assembly and (for HLSL anyway) are digitally signed internally. So if you are fluent in shader assembly and able to bypass the validation, go your hardest.
I don't know that anyone has ever asked for 'encrypted shaders' in these forums. People are just asking for pre-complied shaders. YYG pre-create the texture pages, so why not? It's just a matter of running said shader through fxc.exe and add them into the data.win as a compiled shader object.