question about Love.js security

Questions about the LÖVE API, installing LÖVE and other support related questions go here.
Forum rules
Before you make a thread asking for help, read this.
atenzor
Prole
Posts: 17
Joined: Sat Jan 23, 2021 6:21 pm

question about Love.js security

Post by atenzor »

I saw some posts and topics on source code and assets protection.

It seems to be impossible to protect them, because there are tools out there to decompile.

Then, I noticed something called Love.js that can make the game online basically and what I was
wondering with that is it possible for someone to get the assets/source code from an online version
of the game?

How protected is the online version of the game is my question basically? or maybe better ways than
using Love.js? or maybe even actual new methods to make the code secure, even offline?

Thanks! :)
User avatar
ivan
Party member
Posts: 1723
Joined: Fri Mar 07, 2008 1:39 pm
Contact:

Re: question about Love.js security

Post by ivan »

It's the copyright/license that protects your game assets, not the technology.
The same holds true for books, music and other media.
Also, keep in mind that all I have to do is press the "Print Screen" button on my keyboard to copy your graphical assets.
atenzor
Prole
Posts: 17
Joined: Sat Jan 23, 2021 6:21 pm

Re: question about Love.js security

Post by atenzor »

I can understand assets, for me, it's mainly the source code. Can they somehow get the code?
User avatar
ivan
Party member
Posts: 1723
Joined: Fri Mar 07, 2008 1:39 pm
Contact:

Re: question about Love.js security

Post by ivan »

atenzor wrote: Sat Jan 23, 2021 7:44 pmCan they somehow get the code?
Yes and you are missing the point.
Xugro
Citizen
Posts: 90
Joined: Wed Sep 29, 2010 8:14 pm

Re: question about Love.js security

Post by Xugro »

If you are afraid that someone will look at the source-code of your game, then do not give it to them. The concept is called Cloud Gaming. The drawback is the increased complexity and the cost of the server(s).
atenzor
Prole
Posts: 17
Joined: Sat Jan 23, 2021 6:21 pm

Re: question about Love.js security

Post by atenzor »

ivan wrote: Sat Jan 23, 2021 8:02 pm
atenzor wrote: Sat Jan 23, 2021 7:44 pmCan they somehow get the code?
Yes and you are missing the point.
But how does it work exactly? Isn't the game file only accessible by the hosting server during runtime?

I will test it out soon, but from what I saw, you basically have a game.js and game.data file.
It seems like the content of the code is located in the game.data file, but why would that be available
for download or whatever? It should only be accessed by the server and restricted to the end user.

So end user literally only can "see" the screen of the game and control using keyboard or mouse or gamepad.

That seems like a poor implementation of love.js if it works like that tho... or maybe it's just a matter
of trying to restrict file access on the server, there has to be a way. Or I guess ultimately convert lua code to
some other game engine or framework to make it more secure idk... :(
atenzor
Prole
Posts: 17
Joined: Sat Jan 23, 2021 6:21 pm

Re: question about Love.js security

Post by atenzor »

Xugro wrote: Sat Jan 23, 2021 8:43 pm If you are afraid that someone will look at the source-code of your game, then do not give it to them. The concept is called Cloud Gaming. The drawback is the increased complexity and the cost of the server(s).
Is there any tutorial on cloud gaming and love2d? So I can protect my code like that?
Xugro
Citizen
Posts: 90
Joined: Wed Sep 29, 2010 8:14 pm

Re: question about Love.js security

Post by Xugro »

atenzor wrote: Sat Jan 23, 2021 10:22 pm But how does it work exactly? Isn't the game file only accessible by the hosting server during runtime?

I will test it out soon, but from what I saw, you basically have a game.js and game.data file.
It seems like the content of the code is located in the game.data file, but why would that be available
for download or whatever? It should only be accessed by the server and restricted to the end user.

So end user literally only can "see" the screen of the game and control using keyboard or mouse or gamepad.
What you described is Cloud Gaming. Love.js is just normal LÖVE but in the browser. So the player has your complete source code (everything in the *.love-file).
atenzor wrote: Sat Jan 23, 2021 10:23 pm Is there any tutorial on cloud gaming and love2d? So I can protect my code like that?
No, there is not. There are several ways to do this. If you want to use LÖVE then I would suggest something like this:
Love2D-Cloud-Gaming.png
Love2D-Cloud-Gaming.png (25.7 KiB) Viewed 5247 times
Everytime the player inputs something (press of a button or click of the mouse) on his computer send the input to the server. Then your code takes the current gamestate and the input and computes the a new gamestate. Send that gamestate to the user. On the players computer love.draw() will use that gamestate to draw the game.
atenzor
Prole
Posts: 17
Joined: Sat Jan 23, 2021 6:21 pm

Re: question about Love.js security

Post by atenzor »

That makes sense yes. But so... what would you recommend to even accomplish that? I am assuming you are not talking about
the Love networking libraries right? You mean perhaps Love in combination with something else that does that networking?

Or is it possible somehow with the networking libraries to do that?
Xugro
Citizen
Posts: 90
Joined: Wed Sep 29, 2010 8:14 pm

Re: question about Love.js security

Post by Xugro »

atenzor wrote: Sat Jan 23, 2021 11:21 pm Or is it possible somehow with the networking libraries to do that?
This is completely possible with the networking libraries of LÖVE. You just need a way to send input from the players computer to the server and respond with a new gamestate. Why should the networking libraries of LÖVE not work for this?
Post Reply

Who is online

Users browsing this forum: No registered users and 42 guests