1. Native Initialization
Step 1 On build, native module creates a SHA256 signature of the game binary.
Step 2 On launch, the game checks runtime signature vs original.
Mismatch? If even 1 character is off, escalate to Authoritative Anticheat Backend.
2. Authoritative Authentication
Login User login triggers client-side SDK to generate a unique User ID.
Example User ID: a409C-4091-Df76
Token SDK also generates a session token.
Example Token: AEW2-10WP-9IOM-34BN==
Validation Backend checks SHA256 integrity + user behavior.
If clean: Allow login. If flagged: Move to anticheat action system.
3. Real-Time Behavior Monitoring
Alerts are triggered on suspicious actions:
- 3 alerts → Monitor user.
- 5+ similar alerts → Big Eye Mode.
- Less than 30 mins between reports → suspicious behavior.
Time-Based Watchlist Logic:
- 30-45 mins → Short Eye Mode
- 45+ mins → Little Eye Mode
If alert frequency increases again, re-escalate to Big Eye.
4. Ban Protocol & Enforcement
Ban is triggered when:
- SHA256 signature mismatch
- 15+ consistent behavior logs
- Detected inhuman behavior or data flooding
Actions Taken:
- Ban Device ID + IP
- Kick from game + prevent future access
- Send detailed JSON log to Discord webhook
- Delete data after sending for legal security
5. SDK Token Flow
Client SDK generates user ID + token at login.
{
"user_id": "a409C-4091-Df76",
"device_id": "ABC-1299-XYZ",
"game_signature": "sha256:ABC123XYZ",
"login_token": "AEW2-10WP-9IOM-34BN=="
}Backend compares token, device info, and signature. If mismatch → ban immediately.
6. Alert Staging Logic
- Short Eye Mode — Moderate alerts, gather more data
- Little Eye Mode — Minor alerts, monitor user activity
- Big Eye Mode — Heavy alerts, prepare for ban
If user sends more reports than possible by client SDK → escalate to ban logic.
7. Discord Webhook Report
Final ban action includes:
- Ban data: user ID, IP, device ID, timestamps, alert reasons
- JSON is sent to secured Discord webhook
- After delivery → data is securely deleted