Hi everyone, I’m making a game in unity and I am adding obfuscation to my project to prevent pirates and other code thieves.
Now before you say that ‘anybody who wants to steal your code can do it’, I use lambda’s, iterators and local variables wherever possible throughout my code, however, I think that this is not enough protection, especially for my anti-pirating module, which is very vulnerable.
I’ve tried using several professional obfuscators but they seem to not work with unity 5 upwards.
I also took a look at unity obfuscator, which only has support for unity 2 and 3.
When using redgate’s SmartAssembly obfuscator, it tells me that my game’s executable and assembly.dll files are not valid .net assemblies, though ILSpy has no issue decompiling them…
So which options are best for protecting a unity program?
-Causticlasagne (^^)
Obfuscation is not the answer to piracy. DRM follows the same mistaken reasoning that you can prevent piracy by simply making it harder for pirates to steal. However as history has shown, many pirates are smart and they usually have the motivation to overcome said obstacles and all it leaves you is simply inconveniencing the wrong people (developers, honest consumers, etc.). All it takes is one hardcore pirate to break a game open for an entire population.
The real solution to solving piracy is to understand why there is a need for piracy in the first place. As Gabe Newell, the guy behind Valve’s Steam, has said (2011): “Our goal is to create greater service value than pirates, and this has been successful enough for us that piracy is basically a non-issue for our company…”. His philosophy is that piracy primarily stems from a supply and demand issue, that products are pirated because most users (usually foreign countries) can’t gain access to the said product.
If you provide a better service than the pirates then people won’t feel compelled to steal your work due to the inconvenience. and you can rely on networks like Steam to provide this type of service for you
This question has been asked several times, and the answer is always the same - you simply cannot have “properly protected” client-side code. At best, obfuscation slows down both your code development and execution and, at worst, it will break your game (callbacks won’t be found if their names have been changed during compilation, for example).
If code must be secure and tamperproof, keep it on a server. Anything else can relatively trivially be read, lambdas, iterators or not. Why does it matter?
Obfuscation does not buy you security, it buys you the time you need to stay ahead of the cheaters and give your community the great service they need in order to prevent them from cheating. This way, cheaters will never be able to add the features you have to their game and keep up with you. They will always be a few months/years behind, which usually stops people from starting in the first place.
