Nex1942
Hi, as a world creator, I’d like to report a potential exploit in the persistence system:
  1. Players can run multiple VRChat clients simultaneously and join two different instances of the same world.
  2. In one instance, they intentionally spend all their in-game currency within the world.
  3. Since they remain logged in a different instance of the same world, they can leave and rejoin the first client to revert their spent currency by overwriting the persistent player.data file.
Currently, there appears to be no reliable way to detect or prevent this intentional rollback behavior. To discourage such exploitation and maintain fair gameplay, I recommend implementing a "Pull Player Data from Server" feature. Alternatively, introducing an automatic periodic sync mechanism (e.g., every 10–30 seconds) would help ensure that player data stays consistent across all active sessions.
I would greatly appreciate it if this could be addressed in a future update. Please keep me informed regarding any developments on this matter.