Adonis icon indicating copy to clipboard operation
Adonis copied to clipboard
verified publisher icon Epix-Incorporated

Encrypt (and compress) oldlogs

Open ccuser44 opened this issue 1 year ago • 6 comments

What part of Adonis is this related to?

Other

What are you suggesting?

  1. Compress oldlogs
  2. Encrypt oldlogs
  3. Base64 encode the encrypted oldlogs because the datastore doesn't accept the full ANSI character range

Why?

  • Prevents users from tampering with the code
  • Respects privacy. Many developers may not want Roblox to (easily) see all the commands all users have ran.
  • Not encrypting them likely violates GDPR laws due to there being no easy way to remove them from specific users without nuking the whole datastore.

ccuser44 avatar Nov 09 '24 05:11 ccuser44

I don’t think Adonis needs to be nor should it be bloated any more than it already it is

btt-t avatar Nov 10 '24 09:11 btt-t

I don’t think Adonis needs to be nor should it be bloated any more than it already it is

I don't think that's really bloat. Users expect datastores to be encrypted anyways so it just does what users expect to happen. Besides I'm trying to remove as much bloat from Adonis as possible so I think the amount of bloat at least balances out

Just an FYI that the encryption + base64 literslly only takes a few more characters. The code would go from:

service.HttpService.JSONDecode(data)

to:

service.HttpService.JSONDecode(Remote.Decrypt(Functions.Base64Decode(data), Settings.DataStoreKey))

ccuser44 avatar Nov 10 '24 11:11 ccuser44

so I think the amount of bloat at least balances out

I don't think we need to 'balance' bloat so much as we need to eliminate it where we can.

Just an FYI that the encryption + base64 literslly only takes a few more characters. The code would go from:

I get that, but I also feel that encrypting datastores is unnecessary (at least nowadays). It's not so much about it further complicating the codebase so much as it is about the state of Adonis at the moment; it's already bogged down a lot by unnecessary features like the anti system that today stand more as ancient relics of the past than what's beneficial and of value today.

While I understand and appreciate that consistency is important, I feel that we should be aiming to unwind legacy systems, rather than continue to carry them over when they no longer useful. Imo encrypting datastores on Roblox is a novelty that ultimately doesn't achieve much and only serves to complicate the system, and I'm more in favour of doing away with it than extending it.

btt-t avatar Nov 11 '24 00:11 btt-t

Not encrypting datastores isnt a violation of GDPR, there has to be a way to erase user-data from the datastores when requested, so encrypting the said data might make it even harder or impossible to comply with the act. (e.g Encryption key goes missing and leaves personal data hanging with no way to retrieve/destroy it)

ocelot81 avatar Apr 11 '25 05:04 ocelot81

there has to be a way to erase user-data from the datastores when requested

There isn't. Unless you clear all oldlogs. That only works for user data, not for oldlogs

ccuser44 avatar Apr 19 '25 09:04 ccuser44

so encrypting the said data might make it even harder or impossible to comply with the act. (e.g Encryption key goes missing and leaves personal data hanging with no way to retrieve/destroy it)

That's only true for because the keys of Adonis datastores are encrypted and not the data. This won't change it either way

ccuser44 avatar Apr 19 '25 09:04 ccuser44