I have locally stored data that will be used for leaderboards and needs to be secure. I am using md5 to save a hash with the data and the hash is validated when the data is loaded.
For example:
PlayerPrefs.SaveInt("score",value);
PlayerPrefs.SaveString("score_hash",Md5Sum(value.ToString()+secret));
then on load, we have:
int value = PlayerPrefs.GetInt("score");
string _hash = PlayerPrefs.GetString("score_hash");
string hash_check = Md5Sum(value.ToString()+secret);
if(!_hash.Equals(hash_check)) {
Debug.Log("SH: Error, invalid hash "+_hash+" ; "+hash_check);
return null;
}
My question is, how secure is this method? Can unity apps be decompiled or hacked into where the user will be able to find the secret key?