← Back to context

Comment by bstar77

5 years ago

Is anyone doing this in Javascript (via electron) and encrypting the file in such a way that the data is protected and not an obvious sqlite db?

I have some ideas on how to do this, but I'm curious if there's a "preferred" way to do it.

10 comments

bstar77

Reply
pilif  5 years ago

SQLite has encryption plugin support, or you could encrypt the file yourself at rest. However, no matter what you are doing, as the application needs to be able to decrypt the file, you have to ship the key and thus the protection will be able to be circumvented.

It’s really not worth the effort IMHO

  • bstar77  5 years ago

    That's a good point... I don't want to have the game rely on "phoning home" to decrypt the db.

    • yellowapple  5 years ago

      On top of that, even if you did have the game "phone home", that doesn't do much against someone inspecting the memory of a running game; one could just wait until the game does have the decryption key.

gregmac  5 years ago

Why would you want to "protect" the data in this way? It's user-hostile, and anyone determined enough will be able to get at it no matter what you do.

If it's popular and valuable enough, instructions and/or code to break it automatically will then be published, regardless of how much money or time you invested into the protection. (For proof, look no further than the game industry's DRM over the past 30 or so years)

  • bstar77  5 years ago

    It's not meant to be user hostile, it's for a game. I allow data exports, but I don't want to expose the inner workings of the game via direct access to the DB.

    • lxdesk  5 years ago

      Data mining is an old gamedev worry. Nobody who's been doing it for a while particularly cares. If the game is remotely popular, data mining will happen. Disassembly to find the decrypt function is a talent possessed by many, many people who have the reverse-engineering bug. If you then obfuscate the code, you have made things interesting and then increasingly talented people will try to have a go at it. If you combine a changing obfuscating technique with updates, you can slow down community possession of the game with respect to modding etc., and Minecraft worked that way in its beta phases. But it's really all a question of your purpose at that point.

      If you haven't already, I suggest cruising through TCRF: https://tcrf.net/The_Cutting_Room_Floor

    • Vendan  5 years ago

      You do realize, exposing the "inner workings of the game" seems to be at least somewhat responsible for massively increasing the appeal of the game in other cases? see Minecraft, Rimworld, KSP as a few examples...

      3 replies →