I'm making a game where the user can sell items he finds during the the "single player" adventure on an online, I was looking at ways to prevent any malicious user to create rare and expensive items from scratch to sell them on the net.
I tried obfuscation but soon or later someone will successfully break into my code and I can't afford that, for obvious reasons.
Items are stored in files, so I thought about making client add a digital signature to generated files but I have to keep the key on the client machine, so same problem: if someone finds his key he can apply digital signature algorithm to generate the valid key for any file he creates.
So I ended up think the only secure option was to make the single player adventure interact with the server (everyone around here tends to say this is the way to go, like this subject, in my opinion the accepted answer explains it well).
But what about the user-friendly aspect?
My game is divided in two parts. Firstly the "real" single player adventure, where you can cheat all you want because everything is stored on your pc and server won't ever use it (~24h), then you beat the final boss and you're notified you're able to go online to battle against other players with the stuff you acquired on the single player map. At this point of the adventure, my idea was to record everything the player is doing in singleplayer mode onto the server, so whenever he plays a tournament, his stuff is verified.
I can't verify stuff just before a tournament begins because overpowered items can be obtained but are very rare, I want to systematically know if it was hardly-obtained or cheated.
Do you think it would be acceptable for a player to play "single player mode using internet" if he was told this will allow him later to rank up online and be
The single player map will be kind of mixed with the multi player area, but maybe I can think about a feature to play totally offline but then you won't be able to use your "online items" during this time.