I’m not sure if this is just till the servers come up or if it’s a permanent change, but it seems like the World.json, which was used by a number of people (eg @Lyya and @MrSnake) to create fan resources is now encrypted to some degree? It’s not longer in plan text…
patch notes said it was going to be harder to cheat… maybe this is ONE of the steps?
It is intended.
Ouch, fair enough. How will that impact fan resources like yours that used that information directly?
I’m not entirely sure yet. A solution will eventually be forthcoming. I’m awaiting guidance from @Sirrian and the rest of the dev team on this.
This is what @Sirrian had mentioned when I chatted with him on the matter, as well. I don’t need the live file, though any deviations between the “unused” file and the actual game file will of course result in accuracy errors in my database.
Same for me.
It must easy for them to push both files (before and after encryption) and used only the encrypted one.
In fact, I didn’t know if devs did that to avoid spoilers or not. But the other spoiler files are not encrypted so it’s only for the hacking issue, apparently.
Was this hacking issue widely publicized and I missed it? I’ve seen multiple references to it in the past few hours, and frankly I didn’t even know it was a problem.
It wasn’t widely known, and I don’t know of what it exactly entailed, but it seems it was enough for them to tighten security. Or at least do so in case people start trying to take advantage of things with the new PVP system where there is more actual interaction between players (ie the Ladder). That’s just my speculation though.
its just a source for our applications that are a gift for the community…
so my opinion is the same like turintuor, the best would be we to access to an uncrypted version of this file
is there such a possibility?
I’m not sure the accounts are something they can tag in that fashion. And it would require them to have a separate file just for those flagged accounts, and then make sure the file doesn’t get pushed to anyone else.
I think the unencrypted version that the game doesn’t actively use would be the simplest option. Assuming that the main reason for encryption is to avoid hacking.
maybe my english just was too bad to understand
thats what i simply meant - not that we get an uncrypted version delivered in our game folders with a patch - just grant us access to such an uncrypted file via link / email or somehow. so we can download it and use it as sourcefile for our applications…
Ah right fair enough. Yeah that could work. But if they’re doing that then there might not be any real reason not to have it available for all.
Yeah, you are right…
It would help a lot if such file is available in game directory - but is not used from the game^^
if someone make changes in there, nothing would happen ingame
and we have our datasource!
If they’ve encrypted the file, then presumably people were editing it, and it actually had an effect when playing. However, if the game can decrypt it, then it should be possible to determine the encryption method and key from the client data. If they’ve used an assymetric encryption method, providing a plaintext version shouldn’t jeopardize the encrypted file, because even though someone would be able to decrypt it, they wouldn’t be able to properly encrypt a modified version.
Yep. Editing the file did affect the game state, and that is why they encrypted it, not to thwart tools or data inspection. It’s definitely possible to find and decrypt the file locally, but it’s not trivial. I’d rather have a “supported” solution. I’m confident the devs will give us something when they’re not fighting release fires.
but why should we start trying to decrypt the files (that obviously would give the opportunity to change values again), if the possibility exists to get an uncrypted version if we just ask for it?!
we just need the data of troops, classes, spells, traits, weapons bonuses and so on^^
we wont change any values - its to keep our tools running for the community