A Very Poor rated avatar (452,293 triangles) is being loaded as a fallback avatar on Windows with Safety Shield, even with max download size = 0 MB and Very Poor avatars blocked
tracked
WubTheCaptain
I've noticed Jaywasreal (usr_a68050b3-ddc8-46b5-9353-f4b7680ea723) was wearing a Very Poor rated private Avatar 'avtr_2c03efc2-cf7a-44a7-8416-87d68a3b3919' (Jays priv choco) with
452,293 triangles (Very Poor) as a fallback avatar
, while everyone else with a Poor or Below performance rank avatar was blocked (fallback/impostor). These kind of fallbacks (> 70,000 triangles) should be typically impossible, because custom fallbacks require to be "Good" rated performance rank on all supported platforms (excluding components that will be removed when over the limit). Loading this Very Poor rated fallback persisted even on rejoining the world.Video
(15,1 MB): https://files.catbox.moe/vqlj0s.mp42025.12.20 01:49:16 Debug - [AssetBundleDownloadManager] Download for avatar (Worn:0 Friend:0 Shown:0 Near:0) (53.5 MB) started 8 seconds and completed 11 seconds after queueing.
2025.12.20 01:49:16 Debug - [AssetBundleDownloadManager] Average download speed: 1392478 bytes per second
2025.12.20 01:49:16 Debug - [AssetBundleDownloadManager] [341] Unpacking Avatar (Jays priv choco by Jaywasreal)
2025.12.20 01:49:17 Warning - [Behaviour] Avatar has 1 colliders. These will add an additional performance cost when active and no mirrors/cameras are active.
2025.12.20 01:49:17 Debug - [Behaviour] CacheComponents: ParticleSystems 63, AudioSources 25
2025.12.20 01:49:17 Debug - Found SDK3 avatar descriptor.
2025.12.20 01:49:17 Debug - [Behaviour] Using custom gesture mask from base layer
2025.12.20 01:49:17 Debug - [Behaviour] Using default fx mask (all muscles disabled, all transforms enabled)
2025.12.20 01:49:17 Warning - Recovered 142 Network IDs from Avatar
2025.12.20 01:49:17 Debug - [Behaviour] Avatar is Ready, Initializing
2025.12.20 01:49:17 Debug - Measure Human Avatar Avatar isRemeasure:False
2025.12.20 01:49:17 Debug - [Behaviour] Initialize ThreePoint Avatar VRCPlayer[Remote] 56 False 7
In error logs, there is no AssetBundleDownloadManager manager error for Avatar 'avtr_2c03efc2-cf7a-44a7-8416-87d68a3b3919' (Jays priv choco). But the other avatars are being blocked for AssetBundleBadPerformance.
When Jaywasreal's Avatar 'Jays priv choco' was shown (not Safety Shield), alpenmilchschokolade (avtr_c9a20362-6680-49f7-b7e0-fb4815791a14) was loaded (Very Poor 591,031 triangles). (The logs get confusing to read.) This gets blocked by AssetBundleBadPerformance when Very Poor was blocked, but then Jays priv choco was loaded.
2025.12.20 02:13:30 Debug - [ModerationManager] Jaywasreal avatar is enabled
2025.12.20 02:13:30 Debug - [Behaviour] Switching Jaywasreal to avatar alpenmilchschokolade
The mobile version of this avatar is a 0 polygons avatar (Excellent). Neither 'alpenmilchschokolade' nor 'Jays priv choco' has impostors generated.
The VRChat client should probably also validate the fallback avatars meet the requirements (Good rated or better) in addition to server-side processing. Maybe Avatar 'avtr_2c03efc2-cf7a-44a7-8416-87d68a3b3919' needs to be sent back to server processing/security checks?
Log In
Dexvoid
marked this post as
tracked
Shinyflvres
Addition:
By making more research:
This issue affects VRC SDK 3.10.X down to 3.4.X and probably lower versions.
Another way to reproduce this issue is:
- Open VRC 3.8.X
- Create a Very Poor Avatar
- Create a Clone of the Avatar and remove all meshes
- Upload the "Excellent" Non Mesh Version to Mobile/Quest and set Fallback Tag
- Set Blueprint from Excellent Avatar to Very Poor version
- Click Upload.
50/50% Chance that it will now set your Very Poor Avatar as a fallback.
Tried it 3 Times in a row and worked "fine".
I will do more research later an provide more details and a easy-to-follow Video.
// EDIT
We made an Test in a Friends Group Instance a few hours ago. To make clear how important it is to fix this issue:
You are able to create a crasher avatar using Audio Sources, Animator Combinations and Particle Effects that hold Realtime Point Lights. With some "Sketchy" Methods you are able to spawm those with a Very Poor Fallback. With the test we made i was able to crash 21 Persons in an Private Friends instance that all had blocked my avatar.
Thus; People that may abuse this "Exploit" are able to crash instances even if the avatars are blocked by default (Depends also on shield levels).'
ALSO IMPORTANT:
Jaywasreal is a friend of us and did not intentionally cause this Fallback Exploit. it was found by accident. Just making sure he does not get banned at this point.
WubTheCaptain
WubTheCaptain
I was able to reproduce creating a minimal Very Poor fallback @ 70,348 triangles, which people would see with cubes located at feet. Avatar 'avtr_a65bd260-0e44-4bdf-920e-a319bcdc0b58' (Robot (Very Poor) by WubTheCaptain)
- I uploaded a Very Poor robot avatar (70,348 triangles) to Windows using SDK 3.10.1. (Required due to recent SDK version validation on the server, for new uploads.)
- I duplicated my Robot avatar in Unity scene, and removed the two 32k triangles cubes and body meshes to end up with only a Humanoid armature on mobile platforms (Excellent).
- I downgraded to SDK 3.8.1.
- I uploaded this Excellent Robot avatar avatar to Android platform.
- I unloaded the "Very Poor" scene in Unity.
- I set the fallback flag from SDK 3.8.1 builder, while selecting the Excellent avatar with the same blueprint ID as the Very Poor avatar. At this point, the avatar was Very Poor on Windows, and Excellent on mobile, but the fallback flag was available.
- I upgraded to SDK 3.8.2 (?).
- Through trial, error and testing to get the Very Poor avatar to load as a fallback instead of default VRChat Robot: I uploaded the Excellent Robot avatar with a body mesh but without two 32k triangles to Windows. I also uploaded to iOS and set the fallback again.
- I switched fallbacks to a "Good" avatar I have via website, and then back to "Excellent". At this point, the avatar was Excellent on all platforms.
- I uploaded Very Poor on Windows again. The fallback flag persisted. People would see my fallback as 'Robot (Very Poor)' with cubes at feet, when I switched to another Very Poor avatar and the other user had Very Poor blocked.
WubTheCaptain