An idea for copy guard of a private avatar
tracked
digiponta
For copy guard of a private avatar, I think to need that the VRChat Client don't load the private avatar at least, if there is no player that had upload the private avatar, in the world.
If do so, nobody except the avatar thief will be able not to see the avatar of the player using a stolen avatar.
For example, a part of the private avatar data is encrypted with the avatar blueprint ID as a key and kept on the server side so that it is not saved in the HDD cache of the client PC.
The encrypted data part is decrypted on the server side by the avatar blueprint ID sent from the VRChat client, expanded to the DRAM in the client PC without being stored in the HDD cache, and used for 3D display. With such a mechanism, it may be possible to prevent avatar ripping from the HDD cache. His Avatar Blueprint ID for Private Avatar is associated with each player. As a result of this mechanism, I think that Avatar will not be displayed correctly on a VRChat client that has not been tampered with.
Given the current VRChat Avatar registration method, there is no review process, so I think it is impossible to prevent all cases of ripping by illegally modified VRChat Client, but it is not easy to rip.
I'm sure there are many other ways to do this, but first of all, I think it's worth considering measures to discourage Avatar thieves.
Log In
Flir
As was said earlier, any data the client needs in order to render something in game, can be ripped by someone with enough determination and know-how.
I think the only realistic way to deal with this is to add a signature to the mesh data. Something which doesn't render, and is hidden among the character's regular mesh so it's a real b#### to find manually, and the signature is hash of some characteristic so the software processing uploaded avatars can generate the hash sequence, check if it's present in the newly uploaded avatar, and auto ban the account if it finds the signature.
Only by creating risk and uncertainty can the back of this problem be borken.
Scout - VRChat Head of Quality Assurance
marked this post as
tracked
xxx_red_xxx
As long as you can view it in game you can rip it. There is no surefire way to fix this unfortunately.
@BLKZOR|八黑山|ㇰㇿ
Encryption has already been pointed out, but downloading certainly needs to be tightened up.
Simply adding the requirement of being in the same instance to the download request for private avatars should reduce the chance of being victimized, since only friends or users in the same world can download illegally.
V
Void Lore
They can just find a new way of ripping, they already can go to the Api and rip your avatar using VRC-X, but this may be a feature when they figure out how to hard encrypt their files, that will be never. Or soon.
f
floppy_disk
As long as the client has to display the avatar it will be possible to "rip" their contents.
Just adding encryption isn't going to change that.
Adeon Writer
Protecting 3D content is absolutely impossible. It is an endless arms race that can’t be won. Anyone who wants to download a .jpg from the internet can do so no matter how much of website attempts to hide the URL in the source code. If it can be displayed, the browser can download it. The same is true for models files in games.
G
GlitchyBeta
Adeon Writer: They can't prevent ripping from GPU cache/memory, but they could at the very least encrypt the files at upload time with something that is so far invulnerable without knowing the encryption key, like AES. User created content should be encrypted regardless of the platform anyway and VRChat are lagging behind since other VR social platforms already implemented such features.
Kyrah Abattoir
GlitchyBeta: That's useless since the client is going to need that decryption key to unpack the avatar for display anyway.
Flir
GlitchyBeta: As I mentioned on (https://feedback.vrchat.com/feature-requests/p/anti-avatar-ripp), you can't stop people from ripping data from the cache/etc, because the game needs that data to run. But what VRChat can do is introduce a formulaic sequence of vertices -- a signature --which do not form a renderable face somewhere hard to see on the model if you were looking at it in, say, blender's editor, whenever a model is uploaded, so that signature gets included whenever the game sends the model data down to a client. And if someone tries to upload a model with that signature, then bam, they get auto banned. It thrusts users of stolen models into uncertainty, and it adds a lot of extra effort on the part of rippers to "clean up avatars" assuming they knew what to look for. Hunting around 50,000 vertices for a signature doesn't sound like a fun time to me.
0xC0FFEE
The following URL is the source code that is doing the ripping, and I have confirmed that the API at the POST destination is indeed working.
I hope this is helpful.
Lexicus
Any content encryption scheme requires eventual decryption by the client to display it. If you really want to protect your assets, add watermarks to the texture atlases and maybe even hide stuff inside your geometry that credits you. Then just send VRC a DMCA for every instance of stolen content. If they refuse to respond, you can take them to court.
xxx_red_xxx
Lexicus: none of us want this game to die from being bankrupted.
Lexicus
xxx_red_xxx: Sending a DMCA Takedown Notice to VRChat isn't going to bankrupt them.
xxx_red_xxx
Lexicus: taking them to court probably will
CrookedToe
xxx_red_xxx: then they should remove any offending content
Kyrah Abattoir
xxx_red_xxx: VRChat is legally obligated to comply with DMCA takedowns.