Adjust volume of individuals
Similar to how we can mute users, a way to turn the volume up or down of people so that the quiet users can be heard more easily while the louder ones can be lowered could be a good idea. I have a friend whose voice is rather quiet and it's hard to hear her when surrounded by other people, namely those that are incredibly loud and overbearing. Muting should really be a last resort and I can hardly go around muting every other person on VRChat.
Scale performance grey robots
Scale those default grey hidden/unoptimized avatars to the right scale based on eye level. Or at least make it the average VRC avatar height rather then real world height.. it's so awkward to see that huge 1.8m floating torso while the rest of the avatars are around 1.6m and lower. But obviously correct height would be better. And as an even fancier goal, full body grey robots! And even fancier just custom for each player!!
Password Change Confirmation
I'd like to request that password changes to an account be confirmed via email address. It is true that we now have access to 2FA but that is no excuse to not have base protections in place for the average user. Users shouldn't need to jump through hoops to have their account protected in some way shape or form after registration. As it currently stands if a user does not have 2FA their account can easily be stolen and their password changed, to which their only recourse is contacting support, at which point the reply to such may be too late to recover from anything done.
Use Vroid's new multiplayer SDK to let users import avatars more easily.
VRoid has released a multiplayer SDK, here are the details (I translated this from their announcement using Google:) "In addition, a new “Multiplayer SDK” function will be added to the “VRoid SDK” SDK for developers that can call avatar models into games and services through VRoid Hub. This enables the development of services and games in which multiple players call and operate their own avatars on a single playground. With this SDK, developers can provide not only VR communication platform but also multi-player play of fighting games that bring their own characters." They are also updating VRoid to export lightweight models: "With VRoid Studio, a 3D avatar model making tool provided by the VRoid project, it is now possible to export a VRM file (a file format for handling 3D avatar model data) while reducing the drawing load of the created model Become. With this function, avatar users will be able to enjoy various game services using their avatar more easily than ever." Vroid has a contact form for any game dev to apply for their new SDK. This is a great opportunity to not only gain a new source of avatars, but use this in tandem with lightweight exporting so avatars run well on Quest too. Original announcement link: https://www.pixiv.co.jp/news/press-release/article/9174/ Their contact form: https://vroid.pixiv.help/hc/ja/requests/new?ticket_form_id=360000063802 Just translate each line before you put in information and you'll be good to go.
[Documentation] Merging Accounts
It would be nice if there was a documentation page on merging accounts. The most important thing it could list would be what to expect to happen to Friends, Favorites, etc. Having the information in the documentation would also allow the information to show up on Google searches. `/home/` is not indexed.
It would be good for avatar creators to have detailed analytics for their public avatars. Here is a list over a few points I think should be on there: - Current Usage (How many currently is using it) - Usage History (The amount of times the avatar has been used) - Favorites - Reports (General feedback?) This would be a good way to see what type of avatars the users are interested in
Allow authcookie to be used from a different IP address + extra features
First of all, authcookie's should not be bound to a single IPv4/IPv6 address as this would cause several issues with the VRChat client when the IP address changes. Users are still able to join instances through the friends list due to the Photon servers not verifying the authcookie but stuff like the friends list doesn't refresh and shows old information until the client is restarted, at which point a re-login is required since that authcookie seems to be the only thing that VRChat stores across restarts, which also causes users to pick less secure passwords (because who wants to type in a 20 character password with special characters every time they need to restart their game due to this limitation?). I do understand that implementing this would cause a security risk to be added to the entire system as authcookies can be stolen, even through other means than just a VRChat security hole, so extra steps need to be implemented to counteract against this risk: authcookie's should be "dynamic" bound by default, which means they can be used from any IP address if at least one or multiple of many comparison factors are met: Country where the IP address is assigned in according to it's whois, AS number of the IP address, Cloudflare datacenter and/or location the traffic has passed through, HWID if it's from the VRChat client or User-Agent if it's from a browser. If too many comparison factors fail the check, the client needs to reauthenticate. Once the client re-uses that same authcookie multiple times on different days with the same IP address, the authcookie turns into a "static" bound one which means it gets rejected when trying to use it from a different IP address, HWID/User-Agent, etc. than the one it is bound to or when at least one of the other comparison factors fail (other than the Cloudflare DC/location which should just be a fallback check for the dynamic bound option). Additionally, authcookie information, the bound type and which IP address or IP addresses each authcookie was used and at exactly what timestamp it was used, should be exposed directly to the user, at least through the website, and the user should be given the option to expire a certain authcookie through a single click operation as well as set the expiration time and force reauthentication time for authcookies (expiration time = expire when not used within X days; reauth time = force reauthentication, even on valid authcookies).
Fist bump, high five, like rec room, and BigScreen. Maybe even a limited head collider (camera shake) for fight sims?
The date of met friend
I want to know the date of the meeting with my friends at the homepage. If I don't manage my friends after spending a long time in Vrchat, I often don't recognize each other because of friends who quit or change their nicknames. If I can see the date of my first friendship at Vrchat, I think I can solve these problems better.