Board Thread:Game Discussion/@comment-33870577-20180911000333/@comment-36299871-20180913115457

DrestinBlack wrote: Hint: I don’t believe packets sent back and forth between the FM servers and clients are encrypted ...

Rule 1: Encrypt everything sent over the Internet. Rule 2: Encrypt (or otherwise obfuscate) values stored in local app memory. Rule 3: All user garage/wallet information must be stored encrypted and in the cloud. Rule 4: All OMP and WTTT must be played while synced to the online copy of garage/wallet stats. Rule 5: Restoring from the cloud is a FULL rollback, EVERYHING that happened after the save being restore is lost; scores, cars, upgrades, everything.

How are you encrypting the data? Where are you keeping your encryption key?

Rule 5 is certainly a good rule but it probably requires a change on the server to hold your status in OMP and WTTT at the last save point. Certainly shouldn't be hard to implement.