I have a few thoughts on how to prevent re-uploading of mods, which has been a problem for a long time. My idea would be 2 to 3 step authentication to protect mods from re-uploading and if leaked, to be able to identify the person who did it. However, this method is not suitable for mass distribution because the authentication method is complicated and time-consuming. And If the mod was re-uploaded, the need to download the mod once increase the risk (if virus was in it, high risk. If they make you a Paid mod, you have to buy it to check it out) A more advanced option is to create your own website, but that is difficult because you must also guarantee the users. (but, security to the mod would be more robust.) Recently, there seems to be an increase in the number of paid mods and private mods being leaked. I think there are many people who are really annoyed by re-uploads and leaks, so my idea would have a bit of demand. This is a quick idea, but let me know what you think about this idea and if you would like to know more details.
How would you protect a zip file ? Sure, you can add authentication and everything to download the file, but once it's downloaded, anything can happen to it.
I may have misspoken a little. It might be better to say "deter" re-uploading, rather than "protect" the mod file itself. Well, this method of protection is not very reliable. However, the more information that is obtained from the user, the greater the deterrence. When you download a mod on the website for this purpose, you must enter your "name," "address," and "phone number". I thought it would be better to authenticate by phone number, but it is difficult because it varies from country to country. Once the re-uploader has been identified, it is left to the discretion of each modder. Also, the identification code is tricky, and if its a lot of information that needs to be entered, the number of downloads might be reduced. When modders create a mod, they hide an identification code somewhere in the file that is unlikely to be edited without permission, so that they know who they are sending it to. You can hide it in several files just in case, but there is a possibility that they will find it. The identification code here does not have to be just a character code. For example, it can be the shape of a 3Dmodel, the position of a certain node, the color of a texture, etc. Either way, it would be nice to be able to protect ZIP files on the BeamNG side.
Another way could be to have a centralised system that is integrated with the game. This system would hold all the paid mods. These mods would be encrypted and when attempting to load a paid mod, it should first check if the user owns the mod, and then if they do, then decrypt the mod file. This would have to be done every time the mod gets loaded. The encrypted mod file can be stored locally but it should not be accessible as files by the user when decrypted by the game.
I really want to emphasize that this is actually a horrible garbage fire idea. Please do not give random strangers your personal information because you want a mod, this is a complete invasion of your privacy and could totally be misused in horrible ways. Unique identifiers are also completely useless because even if you could automate making unique hidden changes to to each mod you sell the folks who leak mods are probably on burner accounts anyways so it doesn't matter if you ban them. Developing a DRM for mods is probably way out of the scope of the BeamNG devs. Most of the suggestions I've seen would take far too much money and far too much time to develop and all of that would be wasted because the DRM would probably be circumvented in like a week. This sort of change would also likely serve to make the game more closed especially if mods were encrypted and needed an activation server, how could folks 'mod" mods or play offline? It would also likely make things much worse 10-20 years down the road when somebody wants to play BeamNG but half of their mods are looking for an activation server that is probably dead in a closet somewhere. In general piracy isn't something you can stop for good. If you have a reasonably sized community you can only prevent it for so long, and almost every step you take to prevent piracy you also take a step in making things worse for everybody who did pay.
The only real solution I can think of on this matter is making the game use a different file format for mods instead of zip. Some password protected format that only the game itself can read and convert, you provide a password when packing and have to provide the same one when unpacking. Downside: it would break literally all existing mods...
Or just password-protected zips, with passwords (and zip checksums) handled on the server side. Is it tinker-proof? No. Will it prevent 90% of users from fooling around your mods? Absolutely. Is it actually worth it? Absolutely not. Spoiler: Spoiler I mean, BeamNG has a glft exporter built in, even if you make a super encrypted zip/whatever, people still can rip your assets quite easily.
issue here isn't really assets but complete mods. IMO the best solution would be for the devs themselves to support paid mods, I would also be fine with them taking a small % of the price, would also generate some income for them.
I am surprised that the topic seems to be more controversial than I thought it would be. Posting for myself, I think it is indeed a bad idea too. As you said, handing over personal information is very dangerous and risks people who don't know how to handle the internet getting involved with someone who has malicious intent. Anyway, this is just one extreme example of my idea of "deterrence". but I think, in my opinion, that there are a certain number of trustworthy people within this forum. Believing that those people are safe...may be a shallow idea when using the Internet. I have another idea. Selling mods as objects, not data, on a private sale site. ebay, but I don't know because I've never used it (the auction site I know of has an anonymous shipping plan and a regular shipping plan, with regular shipping disclosing the names and addresses of both you and the other buyer). Well, this idea is useless, so I'll stop here. This is where it starts to matter. I suggest using this BeamNG forum account as a condition of downloading the mod. If the game cannot protect the mod data, modders has no choice but to choose who downloads the mods anymore. The idea is to establish a kind of screening process. A forum account is required to download the mods, and only those who pass the unique screening criteria can download the mods. (Criteria can be anything you can think of, such as account creation date 5 years ago, having created several mods, number of ratings you have received, etc. And… have the person who wants to download it write some statement of purpose?) It might also be a good idea to make it a requirement that forum accounts be steam linked or something like that. Whatever the method, it is inescapable that it will require a great deal of effort.
what about only encripting the dae files, this allows for mods to be fixed since you can touch the other files but you cant use it if pirated since you would just be using a floating car and thats just not fun. this also would help with stealing models without proper permissions (for repo mods) ive gotten some of my old engine mods reused in shitty meshsslaps before so that would also stop we came up with this idea in the mfd discord yesterday and it seems quite good
There is a game that sells track mods and they use pkz files that get locked to your game GUID so the mod will only work for you. You put your game GUID into your account on the website and when you pay for the mod it gives you a pkz locked to your GUID.
