Lorem ipsum dolor sit amet, elit eget consectetuer adipiscing aenean dolor

World.json now encrypted?

I’m not sure if this is just till the servers come up or if it’s a permanent change, but it seems like the World.json, which was used by a number of people (eg @Lyya and @MrSnake) to create fan resources is now encrypted to some degree? It’s not longer in plan text…

@Sirrian or @Nimhain is this an intended permanent change?

2 Likes

patch notes said it was going to be harder to cheat… maybe this is ONE of the steps?

It is intended.

1 Like

Ouch, fair enough. How will that impact fan resources like yours that used that information directly?

I’m not entirely sure yet. A solution will eventually be forthcoming. I’m awaiting guidance from @Sirrian and the rest of the dev team on this.

4 Likes

I discussed a little with @Nimhain about that for my app (ToDo Monitor).
For me, the best solution is to provide an unencrypted version of this file that GoW don’t use (WorldUnused.json).

This is what @Sirrian had mentioned when I chatted with him on the matter, as well. I don’t need the live file, though any deviations between the “unused” file and the actual game file will of course result in accuracy errors in my database.

Same for me.
It must easy for them to push both files (before and after encryption) and used only the encrypted one.

In fact, I didn’t know if devs did that to avoid spoilers or not. But the other spoiler files are not encrypted so it’s only for the hacking issue, apparently.

Was this hacking issue widely publicized and I missed it? I’ve seen multiple references to it in the past few hours, and frankly I didn’t even know it was a problem.

It wasn’t widely known, and I don’t know of what it exactly entailed, but it seems it was enough for them to tighten security. Or at least do so in case people start trying to take advantage of things with the new PVP system where there is more actual interaction between players (ie the Ladder). That’s just my speculation though.

i think @Lyya, @turintuor and me have proven that we dont use the Wolrd.json source File to get an advantage over other players - nor to realease hidden informations to the whole community^^

its just a source for our applications that are a gift for the community…

so my opinion is the same like turintuor, the best would be we to access to an uncrypted version of this file

My suggestions @Sirrian, @Nimhain :
u can flag our accounts for a kind of special review to make sure we REALLY use the file only as data source for our own projects^^

is there such a possibility?

I’m not sure the accounts are something they can tag in that fashion. And it would require them to have a separate file just for those flagged accounts, and then make sure the file doesn’t get pushed to anyone else.

I think the unencrypted version that the game doesn’t actively use would be the simplest option. Assuming that the main reason for encryption is to avoid hacking.

1 Like

maybe my english just was too bad to understand :smiley:

thats what i simply meant - not that we get an uncrypted version delivered in our game folders with a patch - just grant us access to such an uncrypted file via link / email or somehow. so we can download it and use it as sourcefile for our applications…

Ah right fair enough. Yeah that could work. But if they’re doing that then there might not be any real reason not to have it available for all.

Yeah, you are right…

It would help a lot if such file is available in game directory - but is not used from the game^^
if someone make changes in there, nothing would happen ingame

and we have our datasource!

lets wait what the Devs think about it - i hope they assist us in this case… otherwise @Lyya, @turintuor and me have some little big trouble :disappointed_relieved::peace:

If they’ve encrypted the file, then presumably people were editing it, and it actually had an effect when playing. However, if the game can decrypt it, then it should be possible to determine the encryption method and key from the client data. If they’ve used an assymetric encryption method, providing a plaintext version shouldn’t jeopardize the encrypted file, because even though someone would be able to decrypt it, they wouldn’t be able to properly encrypt a modified version.

1 Like

Yep. Editing the file did affect the game state, and that is why they encrypted it, not to thwart tools or data inspection. It’s definitely possible to find and decrypt the file locally, but it’s not trivial. I’d rather have a “supported” solution. I’m confident the devs will give us something when they’re not fighting release fires.

3 Likes

but why should we start trying to decrypt the files (that obviously would give the opportunity to change values again), if the possibility exists to get an uncrypted version if we just ask for it?!

we just need the data of troops, classes, spells, traits, weapons bonuses and so on^^
we wont change any values - its to keep our tools running for the community :wink:

1 Like

They probable did it as a half measure to fight hackers, like my old self, from doing any damage. To complete the half measure they need to make a non-edible copy file that does not interact with the game. A file similar that contains a terms of use that can be easily read would be nice too.