VRChat developers have ignored model copyright and basic protection for years now. Any model can easily be downloaded, they have absolute disregard towards basic encryption. Several unpatched exploits exist to completely download unity packages for models files. This should strictly not be allowed, the VRChat developers have turned a blind eye to this practice and expected model developers to obfuscate (CATS tool) to fix this issue as they've ignored it for years now, a complete disregard towards this has led to models being stolen and misused.