Greetings! I'm starting to read through all the Economy documentation, and I was on-board reading through how it all works with unity services to let you set up currencies and exchanges between virtual currencies and using cloud code to make changes and whatnot to keep everything secure. But then I got to the player balances section of the SDK (https://docs.unity.com/economy/SDK-player-balances.html#SetBalance), I see there are methods available to call from the app to alter your balances. In my mind, this sounds like an exploitable vector if the client is allowed to tell the servers of currency changes. Is there something I'm missing here that makes this system secure? Thanks!
Hi keyskid, thanks for your feedback, you raised a very good point. Economy is still in beta, and we are really happy to get this kind of feedback as it helps us inform our roadmap. We are considering adding a more secure way of controlling this aspect of the service, meanwhile we are recommending to use Cloud Code to shield some of those calls and not use them directly from the game client.
Hi FabriR, Thanks for the response! Yea my intention is to use Cloud Code for everything related to the economy, I was surprised to see those other methods exist in the client SDK. Even if I don't use those client methods, I'd assume their existence means that somewhere there are endpoints that would allow users to change their balances and give themselves items. My two cents, if those methods need to stay, what might be nice is an option in the dashboard to disable modifying the economy from the client, so attempting to call those methods would cause them to fail, securing the economy for developers that wish to rely on the security of calling it from Cloud Code.
Thanks for the clarification, and I agree that we should give developers a choice. We are looking at solutions along the lines of what you described. I'll keep this forum updated with any news around incoming features
I would also like to add this feedback issue. I rather have my own server instance take care of some tasks. So I would hope there's way to authenticate only my unity server be able to modify player data.
I can't believe this hasn't been implemented yet. We need a way to push Economy changes from server to server. You have all the pieces right now, just change the auth mechanism on the existing endpoints to take a service account or client auth. PlayFab and Beamable already allow server to server communication for everything. As for what others have said about disabling client access, look at how PlayFab does it. I think it is useful to allow the client to decrement virtual currency ie lives, etc. but not increment it, PlayFab allows you to have granular control. But, right now for us we need Economy server api to use service account auth.
Any update on this? Right now, Economy is basically client authoritative and that really doesn't make sense. We have Cloud Save for clients to save non-exploitable data. Using Cloud Code only hides the legit code from clients, it doesn't stop them from exploiting the client endpoints.
Hey @goplayinc & @Desoro This is still very much on our radar, we absolutely recognise the importance of being able to selectively lock down areas of functionality to make them fully server authoritative. Some of the preparatory work is underway, I can't provide an ETA yet, but we hear you. I have added your voices to the feature request.
Wow! I was surprised by this functionality as well. Please patch up this exploit ASAP. We will be waiting on the fix before we can release our game.
Hey @lsaeteurn , @goplayinc , @keyskid , @SolidJuho & @Desoro Good news, we have started rolling out Access Controls to let let you lock down parts of your UGS LiveOps preventing client access directly. Please take a look at the UGS Access Control API 1.0.0 There is more information on this post over on the Cloud Save forum