Avatar Encryption

Curious if there was a way to encrypt my avatars. I have had a few private ava’s ripped right in front of me. Kinda hurts your feelings all that hard work n now someone walking around in your skin.

2 Likes

Right now, not really, the way they’re being ripped is an issue with VRChat itself. I’ve reported the way it’s being done, as well as a few other people to my knowledge, but unless VRC reworks the way it sends the avatars to the clients, there’s not much that can be done on our side as creators.

That said, a thing that IS kinda working, is to absolutely nuke the avatar with blend shapes and using custom animations to fix the avatar into what it’s supposed to.

Though, your milage may vary.

1 Like

well thats progress

What about a report user option? So the support can delete ripped avatars?
Or how is the avatar ID working internally? Does the ripped avatar also have the same ID as the original?
Then it could be automated by a timestamp of upload of the original vs the ripped one?

It doesn’t have the same pipeline ID, but you can always report players that ripped avatars through customer service, since it’s against the TOS.

@Butterstuffs Its not easy to fix tho, or rather near impossible. To see your avatar people need to be able to download it… they might make it a bit harder, like encrypt cache, but at the end people would be able to get that encryption key anyways - as at the end the client need to get them to be able to see avatars.
So anything you do, someone will break in few hours and release a tool for it. Waste of dev time that could go into features.

1 Like

Yes and No, it’ll always be a cat and mouse game.
Data has to always be send to the client, however, the current way of doing is makes causally ripping a walk in the park.

If the Cache were encrypted, and the files send to the client were as well
(a more appropriate way of doing this would be decrypting it with a session token that lives in the client during active sessions) it’d stop the casual ripping and reduce the amount of people that are able to.

The focus shouldn’t be to prevent it, cause that’s an impossible task, but rather to make it as hard as possible.

But it takes one person to release a tool, and you can’t really change much sadly, because servers must be able to handle that. Encryption on servers would be expensive for the massive amount of content there is, yet easy to beat. Any changes would also add a lot of load due to required cache wipe or support layers of legacy modes… Propose something that could work on this scale and would be cost effective server side wise and would not be break once in first week and then become pointless.

what if it was a module you could add like data privacy to your avatars… then as they find a way to beat it that could be updated. Would also give people the option to opt in because it would have to be added or not.

Like I said, it’ll always be a cat-and-mouse game.
Some one will always spend time breaking the encryption.
But that doesn’t mean we shouldn’t do it.

Right now, nothing is done and anyone with sufficient knowledge can do whatever they want.
The point again, isn’t to stop everyone, it’s to make it as hard as possible to do in the first place.

Even if some one releases a tool, it’ll only be useful for a little while until things are changed again.

A cache, by it’s very nature, should technically already get wipes every once in a while anyway.
And yeah, a change to the way unity asset bundles are send would require legacy ones to be converted. That’s also the case whenever VRC updates to unity 2019. So nothing new there…

An encryption method wouldn’t actually break legacy support. It’d just require server side conversion.

Encryption isn’t actually that easy to beat, only off-the-shelf encryption without any modification is easy to beat. Look at APB:Reloaded, that game streams level data to the clients as well, and that encryption still hasn’t been cracked yet.

Additionally, not the entire package needs to be encrypted, only enough to break the decompilers, which would be the first 1 mb at the most.
Unity itself already has documentation on the topic, see: Unity - Manual: Protecting Content

On a technical level, the server would only need to encrypt the first block of the asset bundle for users using their authentication token. Which has negatable server impact.

Pretty much my original statement still stands, this stuff works on scale, as I’ve worked on this kind of stuff at scale before. Hell, I even worked on a streaming service where every frame of the stream was encrypted on the fly by the server with 20k viewers per stream.

Hell, VRChat wouldn’t even need encryption, it could very well do with XORing data with a key and XORing it back once it arrives and it’d already break 99% of all ripper tools for the next 5 months until they figure out how the XOR is done, and at that point you can just change the way the XOR is done.

1 Like

Legacy assed bundles are not getting converted on server side or anything like that, so its a different case… They never did any massive processing of packages on server side, its just too much processing.

Case of APB:Reloaded well, to break something first there must be any interest in that, in vrchat there is a lot of that. Random game with mixed reviews and not much interesting context… who cares?

People will just mod the game to extract already loaded avatars…

So again: vrchat does not do any processing of that kind on servers because costs, as game is free and people can upload shit ton of data. So i dont think any solution that requires server processing is valid here. And the best case scenario i see i stll just protecting the cache and http request itself.

I just not see any added value here… especially that also when looking at whole community… not that many people even care about that issue. So random guy with 0 friends will use my avatar for 2 days and then get bored and use another one, ye sure, whatever.

Still could be something to look into. This sounds like giving up to me.