Dear VRChat Team,

I am writing to formally report a severe and escalating issue regarding avatar ripping and unauthorized asset theft that is deeply affecting the creator community.

Recently, I discovered that my own private, original models were stolen. After researching the methods used by rippers, it is clear that they are utilizing modified VRChat clients to bypass EAC (Easy Anti-Cheat) protections. These malicious tools allow them to:

Directly access model cache files from the local system.

Use Hot-swapping techniques to replace the cache data and re-upload the models as their own.

As a dedicated creator, it is devastating to see hours of hard work being compromised by these loopholes. To protect the rights of players and creators, I urge the team to take the following actions:

Strengthen Cache Encryption: Implement more robust encryption for local avatar cache files to prevent direct extraction.

Ban Modified Clients: Enhance detection for third-party clients that bypass EAC.

Restrict "Hot-uploading" Methods: Patch the vulnerabilities that allow users to upload assets by manipulating cache files instead of using the official SDK flow.

I love this platform and want to continue sharing my creativity here, but the current security environment makes it difficult for creators to feel safe. I hope VRChat can prioritize avatar security to ensure a fair and respectful environment for everyone.

Thank you for your attention to this critical matter.