can we get get client & server side encryption, or single use auth tokens for loading avatars, that way when we load in people cant just phish our avatar IDs out of dump files or use things like VRCX to pull the raw ID?

I'm well aware it wont stop the issue forever, but to hinder the rippers would cut the population down fairly well as in order to decrypt from a server level it would require them to inject code into the client.