Prevent repository scripts from being ran locally
'Proposal 1:
When compiling a script on the repo, inject code that does 2 things:
- Checks the server to verify the user running the script
- Add a check to see if the script is running locally. If so, flag it as pirated.
This code can be injected in the "onStart" method (create one if none exists), as well as at the top of the "run" method. It can be broken up and obfuscated as far as we want.
Proposal 2:
When compiling a script on the repo, inject code that:
- Adds "markers" to various classes, methods, etc randomly throughout the script. Each compilation can have a different combination of markers in various places.
- Markers can be unique fields, java annotations, methods, classes, and even algorithms.
In the client code:
- When a local script is loaded, do an iteration over all of the script code and look for those markers. If any exist, flag the script as pirated.
When a script gets flagged:
- From the client code, send a message to the server detailing the offending user
- Add in a timebomb to the script execution so that it stops after 15-45 minutes
- Flip a toggle in the API that causes it to act wonky. For example:
- Have NPC, Object, Interface, Item find methods return the wrong values
- Multiply all sleeps by 3-15 times
- Log fake exceptions occasionally
- After the timebomb triggers, override the script completely and spam in chat "I'm a bot", as well as drop everything in the inventory, as well as the bank if one is nearby.