Encrypted map file feature

I was thinking of making multiplayer puzzle maps and I’m concerned about making these maps private, so no user could explore them alone in noclip mode or decompile them and see what’s inside. IMO the most secure way to do it is to encrypt map file with a private key and decrypt it upon connecting to a server - the map file is opened and read through a decryptor supplied with the key from the server, but this map file is still encrypted while stored on drive. I know that still there can be a way to sniff this private key upon connecting, but I expect this to be much harder.

So, could this be done in S&box?

This is not really feasible, people are going to find a way around it anyway.

I also though about streaming map directly from server without saving it to user files, but I doubt it would be even possible.

Well, you could remove the map props, and certain stuff you could spawn via a C# addon and rely on some sort of BSP obfuscation, although this won’t guarantee protection it’ll certainly delay people from cracking your map. edit: doesn’t apply to source2

Keep in mind that Source 2 doesn’t use BSP, it uses vmap files

To elaborate more on this, there is no decompiler for compiled vmap files right now, that will probably change in the future though.

Ah apologies for the confusion :slight_smile:

Make the map require an addon/gamemode to be installed (yours) or it forces itself to shut down. I wonder if that’s possible?

Edit: this method wouldn’t work for decompilation.

yes i am sure it’s possible

but there is no way this will ever be a native thing.

just generate the meshes for the map serverside :smiley:


With an incredible investment of time and effort, you could probably find a few ways to delay people decompiling your map for about a week or two more than it would normally take them. I actually remember long ago there were a few popular maps in Garry’s Mod that included some spooky nodraw brushes outside the playable area that somehow prevented anyone from decompiling them using the software that was widely available at the time. However, people made new software within a year that did not have these issues.

Though that is very likely possible, it doesn’t take into account precomputed lighting, visibility or physics hulls. If you forego precomputed lighting altogether, performance drops would be substantial. As far as physics and visibility goes, there isn’t much of a point to mapping if nobody can run it (and even if they could they wouldn’t be able to stand in it).

1 Like

I think you could always rip the map as 3d object with some 3d ripper dx (or whatever people use nowadays)

Also, whats up with people trying so much to encrypt/hide their models and maps from other people?
I mean, yeah, it sucks when someone else ‘steal’ your work etc, but I think best thing you could do is make sure people will know it is your work originally

I don’t think I’ve ever seen something that people actually wanted to get at as far as game server stuff, which didn’t get got. At least privately.

We simply don’t exist in an age of privacy or real security and I don’t think we ever did.

So either be willing to sue people who are making money off of your stuff, or stop being afraid of the inevitable and make an experience that people really want to play and respect you for. This is the most you can hope for.

1 Like

My question was never about preventing people from stealing content, this doesn’t bother me that much. I’ve just described the problem and gave two possible solutions to it. I had some project in mind but if I wouldn’t find any way to solve this, I could switch to another more appropriate things.

I’m sorry, I misread the fact you are trying to prevent people from decompiling or exploring the map because it is part of your gamedesign choice for it to be misterious, right?
I understand the reason behind this and it is quite interesting aswell.

Still, I think the best approach here would be something like a modular / dynamic map, rather than encrypting and preventing decompilation etc
This way you could probably make things way harder for people to ‘cheat’.

Ninja Ripper maybe. Haven’t really looked into that kind of software before but I’m sure there’s loads of it.

1 Like

Assume anything you send to the client to be saved in a plain format. Anything you do will require the client to decode into a useable format, at which point your protections are useless…

Unless you want to get into an arms race, you’re not going to win and it will not be worth the effort. Honestly, at that point you’ll just get people distributing actual drawn maps, and you cannot do anything about that.

If you want a map that people can’t just figure out exactly what they need to do, just randomly change it on the server’s side. Locking doors to alter the floor plan is pretty standard, you can also just use a randomiser like the procedural city project.

Trying to stop people from enjoying your work will not work out the way you want it to.

Terrible perception of OPs question/problem. They dont want people cheating puzzles and secrets which in turn ruins the experience. They are trying to make it harder for players to cheat themselves of fun.

1 Like

His point is still valid: generate the map at runtime. Supposedly in the future serverside code won’t be able to be accessed, so that’s probably the solution OP will have to settle for.

1 Like

No matter what, the map needs to be loaded into the client’s memory to actually work. Unless you wanna rewrite how maps work in Source it’s always going to be bypassable.

What’s the point of that? If everything is being put in as you progress through the map, you might as well play it. And if you already found the secret or whatever, then you can upload it to YouTube already anyway.

@Phyksar unless you’re going for some sort of ARG a la Ready Player One, who cares if the secret is out? People that truly want to complete it won’t cheat, and if they do, it’s their loss. That never stopped other puzzle games from being played.

1 Like