Obfuscated Plugins - Something you should be aware of.

[Arthran]

TLDR: Obfuscated plugins can harm your game's performance.

So this community has already seen a lot of debate about code obfuscation, to the point where the topic has seemingly already been beaten to death. But for some reason, I've never actually seen anybody bring up the biggest concern that I've always had about obfuscating plugins: the performance impact.

There are different ways that one can obfuscate code. More minor forms of obfuscation tend to have little to no negative performance impact. But there are also some more aggressive means of obfuscation, that can easily cut the performance of your code in half (or worse). If you're writing a website, or a simple web application, or something else that's not really performance critical, then there's probably not any issue with using the latter type of obfuscation. But if you're writing code for a game engine... it's generally considered to be very ill-advised to intentionally reduce the performance of your code to such a high degree.

Unfortunately, the obfuscation method that I have seen being used by some very ubiquitous plugin developers is actually that latter (aggressive) form of obfuscation. You might be thinking: "Who cares? There's no way it makes *that* big of a difference." Well here, let me show you a quick example of how much of a difference it can actually make:

Spoiler: Weather Effects Test

To summarize what you saw in that video, I used VisuStella Weather Effects to run a stupid amount of weather effects at the same time. Then, without changing anything else, I swapped the plugin out for a de-obfuscated version and ran the exact same weather effects. With the obfuscated version, I was averaging around 27-ish FPS. With the de-obfuscated version, I was getting a solid 60 FPS (and it possibly could have gone even higher, but it was capped due to VSync). That means that I more than doubled my FPS simply by de-obfuscating that one plugin. Another way to say it is that the obfuscation of that plugin was literally cutting my FPS in half (or worse).

Now you might be thinking: "Who cares? It's probably just an issue that's specific to Weather Effects, and I don't use that plugin anyway." Unfortunately, that's not the case. For those who don't know how plugins work in RPG Maker, I'll kinda summarize it. A plugin works by overwriting parts of the original engine. So when you install a plugin, you're overwriting chunks of your engine with that new code. So when you install a bunch of plugins with code that is sub-optimal, then you're essentially scattering doodoo all over your game engine. And unfortunately, with the method that VisuStella chose to obfuscate their plugins, it's pretty much impossible for their code to *not* be sub-optimal. I'll go ahead and explain some more tests that I have conducted, in case you want more examples, but I'll put it in a spoiler tag so that you can easily skip it if you don't.

Spoiler: Other Tests

I made a benchmark project (in MZ) that conducts a series of tests, using VisuStella's Events and Movement Core as its sole plugin (I left all parameters on their default values). I was using it for the sake of its Event Spawning and Self Variable functionality. It's probably not the most professional benchmark in the world, but I do think that there is significance to be found in the results that it yielded. It contains four different stress tests:

1. The first test continually spawns parallel events onto random coordinates of the map, which each parallel event continually firing off random animations at short, random intervals. The idea was to try to make the test force as much graphics/audio processing as I could.
2. The second test continually spawns events that do nothing onto random coordinates of the map. The events contain an actor sprite, but are otherwise empty (no movement route, no event commands, action button trigger).
3. The third test spawns parallel events that randomly walk around on the map, while generating some random numbers into self variables, for no particular reason.
4. The fourth test spawns parallel events that stand still, while generating a bunch of random numbers into self variables and doing a bunch of math on those random numbers.

Each test was scored based on how many events were spawned before my FPS dropped below 30 (for at least 2 seconds). Here are the results:

Events and Movement Core Obfuscated
Test 1: 181
Test 2: 473
Test 3: 330
Test 4: 238

Events and Movement Core De-Obfuscated
Test 1: 365
Test 2: 1051
Test 3: 707
Test 4: 470

As you can see, once again, simply de-obfuscating the plugin pretty much doubled performance in each test. A less optimistic way to say it is that obfuscating the plugin cut its performance in half.

I also ran one more benchmark, just out of curiosity, and it's not directly related to the topic of this post, but I found it interesting so I'll share it anyway. I decided to see what would happen if I took out VisuStella Events and Movement Core all-together, and instead used Galv's Event Spawner to spawn the events and Yanfly's Self Switches and Variables to handle the self variables. Here are the results of that:

Galv and Yanfly
Test 1: 767
Test 2: 7287
Test 3: 1650
Test 4: 755

As you can see, the Galv + Yanfly combo actually outperformed even the de-obfuscated plugin by quite a bit. I would assume that the reason for this difference is related to the fact that Events and Movement is a "super core" plugin that contains all kinds of other functionality that the Galv + Yanfly plugin doesn't have. So on one hand, it's not a fair comparison. But on the other hand, it's actually a pretty important comparison, because it illustrates that even though I wasn't trying to use any of that other functionality in the test, it still had a profound impact on the tests. So I guess what I'm saying is that you should maybe be careful about using a massive plugin when you actually only need a small percentage of the functionality that it offers. There is a potential cost for having that other functionality present, even if you aren't using it. This is especially true if said plugin is obfuscated, because then that cost is being doubled. The results of test #2 are especially concerning, since that is the test that involves static events that are just standing there, doing absolutely nothing at all.

--Btw, if anybody really wants it, I don't mind sharing the project files that I used to conduct these tests. However, I can't actually include any of the plugins inside that file, due to their ToS... so you'd have to get the plugins yourself and put them in there. But unless you know how to de-obfuscate the plugin, you can't really conduct a comparison, so I don't suppose that my project files would really serve you any purpose.

Hopefully by this point, you understand that the code obfuscation really is coming with a non-negligible performance cost. But you might be wondering why. What could it possibly be doing that is causing it to hurt performance to such an extent? Well, I'll try to explain it, but I also need to try to keep it vague, because I don't want to accidentally spur a discussion about how to actually de-obfuscate the code:

Spoiler: Obfuscation Loosely Explained

So here is an example of an obfuscated line of code. It wouldn't actually look exactly like this in the file though:

if (!VisuMZ[decrypt(0)][decrypt(230)][decrypt(77)][decrypt(1337)]) return;

Basically, decrypt() (it wouldn't actually be named this) is a function that takes an integer argument, performs some operations on it to transform it into a different integer, and then passes it to yet another function, which then uses that integer to return a string from an array of strings. Both of those functions may or may not also do some other irrelevant nonsense (at a performance cost, of course) to try to confuse you. The above line of code is calling decrypt() 4 times, and decrypt() is also calling yet another function each time. This means that that one line of code is calling 8 functions. Now here is an example of what the original line might have looked like:

if (!VisuMZ.SuperPlugin.Settings.Options.AddSuperManOption) return;

So the original code was simply checking the value of a Boolean property, yet the obfuscated version of the code is calling 8 functions that do a bunch of stupid nonsense and *then* it's checking the value of the Boolean property. So it's impossible for there to *not* be a performance penalty. Obviously, doing 8 things and then doing 1 thing is going to take longer than just doing the 1 thing straight up.

And it's not just one line of code where this is happening. Literally every single occurrence where a property or method of an object or class is being referenced is replaced with a chain of function calls, and every single string is being replaced with a chain of function calls. This means that it applies to almost every single instruction in the code. The reason that the code performs like dookie is because it's constantly calling functions that are completely unnecessary to the actual functionality of the plugin, some insane number of times every millisecond.

In addition to that, the fact that probably 90% of the code is essentially having to be decrypted at run-time is probably also blocking the code from being able to benefit from some performance optimizations that the JavaScript compiler would have otherwise made beforehand. But on that point, I'll admit that I'm not particularly knowledgeable about the inner workings of the V8 Engine, so I'm just assuming.

In addition to the function calling thing, they have also scattered some superfluous dummy code throughout the plugins. I.e. allocating new variables for no reason, doing weird conditional statements for no reason, etc. But honestly, the string decryption thing is really the biggest performance killer.

So does this mean that you should never use obfuscated plugins in your game?

I wouldn't go *that* far. Personally, I do use some VisuStella plugins. It is worth noting that most of my tests were being conducted under unrealistically extreme situations, so it doesn't necessarily mean that using an obfuscated plugin is absolutely going to ruin your game. You're probably never going to need to have more than 180 parallel events spamming random spell animations all over your map at any given time.

But on the other hand, it is important to note that I was only using one plugin for the tests, and I didn't have anything else going on (other than the test) at that time. In an actual game, you're going to have multiple plugins doing multiple things at any given time, and you might have all kinds of other stuff going on in your map at that time as well, so it's certainly feasible that those things could add up to create some performance issues, and heavy usage of obfuscated plugins will certainly increase the chances of that happening. Each time you add an obfuscated plugin to your game, you're overwriting more sections of your game's engine with poor-performing code.

So at the very least, I think it's important to be cognizant of the fact that there is a performance cost for adding an obfuscated plugin to your game, and to just make sure that your game can afford that performance cost, and that the functionality that the plugin provides is worth that cost. When considering using an obfuscated plugin, maybe at least make sure that you actually need/want most of the functionality that it provides. For example, if you *just* want to add self variables to your game, then maybe think twice before grabbing a plugin that does that plus 99 other things that you *aren't* looking for. In that case, it might be in your benefit to at least check for an alternative plugin.

And if you happen to be a plugin creator, I'm not trying to tell you not to obfuscate your code. That's your right, and it's not really my place to say anything about it. But I do still feel that it's important for you to be fully aware that in doing so, you *are* pushing a cost onto your customers, and onto the customers of your customers. So I would at least implore you to ask yourself if what you're gaining from obfuscating your plugins is actually worth the price that your customers/users will have to pay for it.

Well, I've kinda fizzled out and don't want to type any more at this point, so I guess I'll end things here. I do feel that I should add a disclaimer and mention that in making this post, my goal is not to try to stir up controversy. I was actually very hesitant to write this, because I don't want to interfere with somebody else's plugin sales, and I don't want to incite a witch hunt or anything like that. But at the same time, I do think that this is important information that people should know about, and I've never actually seen it mentioned before. Also, please do not ask me how to de-obfuscate plugins, and please do not discuss methods of de-obfuscating plugins in this thread.

 

[TheAM-Dol]

You're basically the Gamers Nexus of RPG Maker, we just need a few more graphs.
That's nuts. I didn't realize the extent of the obfuscation with VS plugins. Well, my opinion on them certainly hasn't changed
Honestly, this was compelling enough to convince me: contrary to your answer about not *never* using obfuscated plugins, considering I'm a dummy when it comes to programming, I will still only use un-obfuscated plugins. That performance is valuable, and judging by the number of screen shots and screen recordings I see of people playing RPG Maker games on screen resolutions of around 720p, I assume many folks run RPG Maker games on a potato, so a negligible performance impact may translate to a pretty large performance impact if they're running a Celeron or Atom chip.

edit:
looks like I had a bit of an anuerism when typing this up. Corrected a lot of my sloppy typing.

 

[Ahuramazda]

The very few plugins that I had ever tested that was obfuscated I did notice a performance drop when using them. I actually had a friend turn them back into a normal, actual useable plugin using whatever tool he uses to do those things, but in the end I decided to not mess with them at all.

I opted instead to manually port my entire games project folder of (mostly) Yanfly plugins from MV to MZ myself. It took a lot of time, effort, and trial and error, but the end result was being able to use the YEP library and fully customize/edit things to my hearts desire. I did I think it was 67 plugins and got them all working as good if not better than the MV counterparts and also added in more personal options since I had full control of what I was porting over.

One of the things I hate most about obfuscated plugins is the fact you cannot see exactly what they are doing and how they are doing it, so making a patch to work with them is nearly impossible, much less making minor edits to the code you otherwise would never bother someone to assist with (window positions, adding 1-2 more bits of info to a window, ect).

A bit of a post, but I agree with OP: Obfuscation can be a good thing, but it can also be bad depending on the level of protections in place. I avoid protected code like the plague because while a lot of plugins are great for my game... I may need a certain level of customization that plugin settings and calls cannot fix, and I'm not going to reach out to bother someone cause I need to find a way to move anythings x/y positions around on screen. -.-

 

[oooNUKEooo]

1st time im ever taking knowledge obsfuscated code existed... im shocked and certainly will be more aware of plugins i use.

thanks for the info.

 

[123edc]

I was actually very hesitant to write this, because I don't want to interfere with somebody else's plugin sales

regardless of what one might think about certain plugin - creators
[that topic's probably already been discussed to death here]

the information you provide and mention here within these tread is actually worth it's letters in gold ... especially for newer / hobbyist users with little technical knowledge about all the "behinds" [so basically the main audience, the maker is marketed towards]

and you say, you don't want to interfere in sombodys sales ...
but it's their decicion, to choose, what they choose
it's youre right, to inform others about youre knowledge / experience
and it's up to us, to use this knowledge to make an informed decicion

simple as that

 

[Arthran]

1st time im ever taking knowledge obsfuscated code existed... im shocked and certainly will be more aware of plugins i use.

thanks for the info.

If you're using MV, it's probably not something that you're going to run into too often. The only ones that I'm aware of are Olivia's plugins, and the few VisuStella plugins that exist for MV. It's more of an issue for us MZ users.

 

[Iron_Brew]

It's worth saying: Non-obfuscated plugins can harm your game's performance too!

Not being able to see inside a black box might be problematic because you can't be sure what it's doing, but that doesn't necessarily imply that they're inherently more harmful than "normal" plugins. I've seen some absolute dogs of plugins over the years, haha.

The experiment you did with obfuscated VS weather compared to non-obfuscated VS weather is super troubling though. How did you get a deobfuscated VS weather plugin? Isn't that against the ToS for those plugins?

 

[oooNUKEooo]

regardless of what one might think about certain plugin - creators
[that topic's probably already been discussed to death here]

the information you provide and mention here within these tread is actually worth it's letters in gold ... especially for newer / hobbyist users with little technical knowledge about all the "behinds" [so basically the main audience, the maker is marketed towards]

and you say, you don't want to interfere in sombodys sales ...
but it's their decicion, to choose, what they choose
it's youre right, to inform others about youre knowledge / experience
and it's up to us, to use this knowledge to make an informed decicion

simple as that

i agree.

If you're using MV, it's probably not something that you're going to run into too often. The only ones that I'm aware of are Olivia's plugins, and the few VisuStella plugins that exist for MV. It's more of an issue for us MZ users.

sounds bad enough already since olivias plugins are part of yanflys group of devs plugins. i was considering using some of her plugins but didnt because they werent compatible with what i was using...

 

[Frostorm]

I am so glad my project's in MV and not MZ, despite also owning MZ. Obfuscation makes me die a bit inside every time I see it. But I have also encountered obfuscation with Olivia's plugins, even though her plugins are advertised as "editable". It ended up costing me $ for no gain whatsoever, but I digress...

 

[TheAM-Dol]

How did you get a deobfuscated VS weather plugin? Isn't that against the ToS for those plugins?

This shouldn't really matter. For 1, it's no different than a user opening up their device to repair it. Yeah, it might void the warranty, but users have the right to open the devices they purchase. Secondly, without having a benchmark this information is useless. Benchmarking Plugin A against Plugin B, where A is obfuscated and B is not, is not a viable benchmark. In order to actually make a compelling point, you need to compare A to A, where A is obfuscated, and then again against A that is de-obfuscated.
Whether it's against TOS or not, I don't think that's a relevant point to what is being said here.

 

[Arthran]

It's worth saying: Non-obfuscated plugins can harm your game's performance too!

Not being able to see inside a black box might be problematic because you can't be sure what it's doing, but that doesn't necessarily imply that they're inherently more harmful than "normal" plugins. I've seen some absolute dogs of plugins over the years, haha.

It's definitely true that a non-obfuscated plugin can also hurt your game's performance. But if you take that same plugin, and obfuscate it, it's going to hurt your game's performance even more. The obfuscation inherently causes a significant performance penalty, regardless of how well-optimized the plugin was before it got obfuscated.

How did you get a deobfuscated VS weather plugin? Isn't that against the ToS for those plugins?

I de-obfuscated it myself, but I'm not going to say any more than that. Regardless of my personal feelings on obfuscation, I still feel that I should respect VisuStella's wishes and not tell people how to circumvent their security measures. Plus, the mods would probably shut this thread down pretty fast if the discussion starts heading in that direction, so I'd prefer if we could try to steer clear of that topic.

 

[Archeia]

I de-obfuscated it myself, but I'm not going to say any more than that. Regardless of my personal feelings on obfuscation, I still feel that I should respect VisuStella's wishes and not tell people how to circumvent their security measures. Plus, the mods would probably shut this thread down pretty fast if the discussion starts heading in that direction, so I'd prefer if we could try to steer clear of that topic.

RPG Maker Web also cares a lot about creators and their ToS so admitting it and making a post about it publicly is also very...Well...

 

[Arthran]

RPG Maker Web also cares a lot about creators and their ToS so admitting it and making a post about it publicly is also very...Well...

Spoiler: VS Weather Effects ToS

1. These plugins may be used in free or commercial games provided that they have been acquired through legitimate means at VisuStella.com and/or any other official approved VisuStella sources. Exceptions and special circumstances that may prohibit usage will be listed on VisuStella.com.

2. All of the listed coders found in the Credits section of this plugin must be given credit in your games or credited as a collective under the name: "VisuStella".

3. You may edit the source code to suit your needs, so long as you do not claim the source code belongs to you. VisuStella also does not take responsibility for the plugin if any changes have been made to the plugin's code, nor does VisuStella take responsibility for user-provided custom code used for custom control effects including advanced JavaScript notetags and/or plugin parameters that allow custom JavaScript code.

4. You may NOT redistribute these plugins nor take code from this plugin to use as your own. These plugins and their code are only to be downloaded from VisuStella.com and other official/approved VisuStella sources. A list of official/approved sources can also be found on VisuStella.com.

5. VisuStella is not responsible for problems found in your game due to unintended usage, incompatibility problems with plugins outside of the VisuStella MZ library, plugin versions that aren't up to date, nor responsible for the proper working of compatibility patches made by any third parties. VisuStella is not responsible for errors caused by any user-provided custom code used for custom control effects including advanced JavaScript notetags and/or plugin parameters that allow JavaScript code.

6. If a compatibility patch needs to be made through a third party that is unaffiliated with VisuStella that involves using code from the VisuStella MZ library, contact must be made with a member from VisuStella and have it approved. The patch would be placed on VisuStella.com as a free download to the public. Such patches cannot be sold for monetary gain, including commissions, crowdfunding, and/or donations.

7. If this VisuStella MZ plugin is a paid product, all project team members must purchase their own individual copies of the paid product if they are to use it. Usage includes working on related game mechanics, managing related code, and/or using related Plugin Commands and features. Redistribution of the plugin and/or its code to other members of the team is NOT allowed unless they own the plugin itself as that conflicts with Article 4.

8. Any extensions and/or addendums made to this plugin's Terms of Use can be found on VisuStella.com and must be followed.

Could you please point out which part of the ToS I violated? I could be blind, but I see nothing at all mentioned about obfuscation. I do see a clause that says that I'm allowed to edit the plugin to suit my needs, which is exactly what I did. I didn't do so with the intent to steal code, or even with the intent to look at the code... I just wanted to speed up my game.

*** edit *** Just for the record, the reason I had casually ignored the topic of the ToS the first time it came up is not because I felt guilty about something. Rather, I was doing it as a favor to VisuStella, to avoid encouraging people to start trying to de-obfuscate their plugins.

 

[TheAM-Dol]

RPG Maker Web also cares a lot about creators and their ToS

I don't see the harm in it if it was done personally, really. And, publishing these results should be valuable to any creator who wants to benefit their customers. There is a non-zero possibility that VS may not be aware of the extent of their performance impact, so by publishing this information (and not how to de-obfuscate their plugins) may prove valuable to VS or any other plugin creator who are more customer minded.

We shouldn't just bury our heads in the sand about practices that may be unhelpful or even harm the game their customers are trying to make. The world is a better place when we can look at these things objectively

 

[Archeia]

Spoiler: VS Weather Effects ToS

1. These plugins may be used in free or commercial games provided that they have been acquired through legitimate means at VisuStella.com and/or any other official approved VisuStella sources. Exceptions and special circumstances that may prohibit usage will be listed on VisuStella.com.

2. All of the listed coders found in the Credits section of this plugin must be given credit in your games or credited as a collective under the name: "VisuStella".

3. You may edit the source code to suit your needs, so long as you do not claim the source code belongs to you. VisuStella also does not take responsibility for the plugin if any changes have been made to the plugin's code, nor does VisuStella take responsibility for user-provided custom code used for custom control effects including advanced JavaScript notetags and/or plugin parameters that allow custom JavaScript code.

4. You may NOT redistribute these plugins nor take code from this plugin to use as your own. These plugins and their code are only to be downloaded from VisuStella.com and other official/approved VisuStella sources. A list of official/approved sources can also be found on VisuStella.com.

5. VisuStella is not responsible for problems found in your game due to unintended usage, incompatibility problems with plugins outside of the VisuStella MZ library, plugin versions that aren't up to date, nor responsible for the proper working of compatibility patches made by any third parties. VisuStella is not responsible for errors caused by any user-provided custom code used for custom control effects including advanced JavaScript notetags and/or plugin parameters that allow JavaScript code.

6. If a compatibility patch needs to be made through a third party that is unaffiliated with VisuStella that involves using code from the VisuStella MZ library, contact must be made with a member from VisuStella and have it approved. The patch would be placed on VisuStella.com as a free download to the public. Such patches cannot be sold for monetary gain, including commissions, crowdfunding, and/or donations.

7. If this VisuStella MZ plugin is a paid product, all project team members must purchase their own individual copies of the paid product if they are to use it. Usage includes working on related game mechanics, managing related code, and/or using related Plugin Commands and features. Redistribution of the plugin and/or its code to other members of the team is NOT allowed unless they own the plugin itself as that conflicts with Article 4.

8. Any extensions and/or addendums made to this plugin's Terms of Use can be found on VisuStella.com and must be followed.

Could you please point out which part of the ToS I violated? I could be blind, but I see nothing at all mentioned about obfuscation. I do see a clause that says that I'm allowed to edit the plugin to suit my needs, which is exactly what I did. I didn't do so with the intent to steal code, or even with the intent to look at the code... I just wanted to speed up my game.

*** edit *** Just for the record, the reason I had casually ignored the topic of the ToS the first time it came up is not because I felt guilty about something. Rather, I was doing it as a favor to VisuStella, to avoid encouraging people to start trying to de-obfuscate their plugins.

Personally it's like, it's obsfucated and if you deobsfucated it, keep it to yourself and just not mention it. Like it's just courtesy to keep it vague to not encourage such a discussion. It's like a game is DRM'd and then you publicly stated on an official site (while not just VS) that you "attempted" / "removed" it is just in bad taste? Especially when the first example is a paid product. I thought I read somewhere you don't use / pay obsfucated plugins too since I saw your posts once in a while so that didn't really help how it came across.

 

[Arthran]

Personally it's like, it's obsfucated and if you deobsfucated it, keep it to yourself and just not mention it. Like it's just courtesy to keep it vague to not encourage such a discussion. It's like a game is DRM'd and then you publicly stated on an official site (while not just VS) that you "attempted" / "removed" it is just in bad taste? Especially when the first example is a paid product. I thought I read somewhere you don't use / pay obsfucated plugins too since I saw your posts once in a while so that didn't really help how it came across.

I guess, in the grand scheme of things, I just don't really see why it makes a difference whether I de-obfuscated myself, or obtained it via some other means. Either way, it's already obvious that I do have a de-obfuscated copy, so I don't really see how the method that I obtained it really changes anything for you. But I guess that if it bothers you, then I apologize for having admitted it.

The reason why I was honest about it when he asked is simply because I didn't want people to think that someone from VisuStella leaked it to me, or that certain people are allowed to have de-obfuscated version and certain people aren't, or something like that. I actually thought that I was being courteous to VisuStella by making it clear that this is something that I did on my own, and that it had nothing to do with them. But I certainly could be wrong, in which case, I apologize. I can't really un-say what I already said, but I'll happily go back and edit that out of my post, if you'd like.

*edit*
I actually never said that I wouldn't pay for your plugins. What I said is that I would happily pay twice what your asking if they *weren't* obfuscated, yet I'm reluctant to use the obfuscated versions even if somebody pays me to (since I don't want to kill my game's performance). But I never claimed that I have not or would not pay for your plugins. I did purchase Weather Effects (the Wanderlust series actually), and I'd be happy to send you my receipt, if you need me to.

 

[Yanfly]

Hi, I'm Yanfly. I'm the one who leads team VisuStella MZ.

I'm going to make a couple of points.

1. Using extremely fringe cases in unrealistic situations in order to "prove a point" does the exact opposite to anyone reading the literature.

It pretty much tells the story that despite having the code obfuscated, the plugin will still run at 60 FPS with normal usage. Especially when following the guidelines outlined in our documentation found here: http://www.yanfly.moe/wiki/Weather_Effects_VisuStella_MZ#Keeping_FPS_Stable

The other case with the event spawning en masse also proves the exact opposite: you have to intentionally try in numbers past 100 to even make a dent on the FPS. I can't think of many valid scenarios in which this is viable for a normal RPG game. If you can, kudos to you, but I know my target audience enough to know this is a highly unrealistic extreme situation.

Now, speaking of highly unrealistic extreme situations, you've made mention that these are highly unrealistic extreme situations in your conclusion. Yet, you fail to include that in your "tl;dr". This is misleading. If that's intention, then this is considered malicious as well. I dare hope it isn't. I would recommend editing the "tl;dr" to be more concise that the experiments happened in highly unrealistic extreme situations in order to produce an FPS drop.

Now, onto my second point.

2. Yes, you are correct, there is no mention of obfuscation or deobfuscation in the ToS.

The reason we didn't include it in is because we thought that by obfuscating the code, we made it pretty clear that we didn't want people snooping around it and doing things (which is what brought upon the obfuscation in the first place). But it turns out what we thought would be obvious not to do is done anyway.

Also, you made mention that the reason you deobfuscated the code is because, in quote from later in the thread:

just wanted to speed up my game.

In just your first post for the thread, you mentioned these are unrealistic extremely situations. And I agree, there should be nothing that is jeopardizing the FPS. Because with the obfuscated Weather Effects plugin, running 10 weather effects simultaneously, though not recommended, doesn't put a big damper on the FPS if at all. Nor will using anything less than 100 spawned events doing all the crazy stuff you're suggesting. Are you actually doing these things in your game?

I question the actual motive for deobfuscating both of the listed plugins, but I'll just leave it at that you're a curious individual.

Now, for this part:

I do see a clause that says that I'm allowed to edit the plugin to suit my needs, which is exactly what I did

This is intended for the code that we provide in the JS Plugin Parameters. Because despite the fact that the code is visible and open for everybody, we have had a few members ask if changing the code in these segments would be okay, and that's what we've placed in for the ToS.

That all said and done:

Thank you for purchasing Wanderlust. None of the funds directly go to me personally, but instead, my team so that they can help maintain the library and produce other plugins.

Next time, if you have questions in regards to this, I recommend coming to our Discord server first and asking there.

 

[Frostorm]

@Yanfly I just wanted to thank you for all your hard work over the years. Besides the tactical battle system plugin I use (LeTBS), I almost exclusively only use the YEP suite of plugins for my project. Your plugins have been a godsend for me, and so I thank you. ^.^

 

[Ami]

i'm still scared to using Visustella Battle Plugin, 'cause that "Lowercase" problem, 'til now...

in the end, i'm still stick in MV. there's so many best plugin to get for my project

 

[Arthran]

1. Using extremely fringe cases in unrealistic situations in order to "prove a point" does the exact opposite to anyone reading the literature.

I feel that it's a big exaggeration to say that it does the "exact opposite". Stress testing is a very common and valid method to collect performance data. While it doesn't tell the whole story, the information that it yields does have significance. The point that it was meant to illustrate is that the obfuscated version of the plugin *does* perform significantly worse than the de-obfuscated version of the plugin. I feel that that point stands, and is undeniable. I never claimed that this fact will absolutely make a noticeable impact on the person's game, and in fact (as you know), I very clearly stated that it may not.

However, I do also want to reiterate that, while a real game is most certainly not going to contain such exaggerated scenarios as the stress test did, it's also true that the stress test was free from a lot of the various things that would be causing performance strain in a real game. Let's not try to pretend that RPG Maker games have a reputation for stellar performance. It's not exactly uncommon to run into games that have some performance problems, and piling a bunch of highly de-optimized plugins into such a game is definitely not going to help the situation.

Also, in no way does the FPS that I experienced in my tests prove that Weather Effects will run at 60 FPS with normal usage. All it proves is that it would run at 60 FPS with a reasonable amount of weather layers, in an extremely isolated test where absolutely nothing else is happening, on *my* PC. Unfortunately, other people won't be playing their games on my PC. Some will be playing on potato laptops. Some will be playing on mobile devices. By no means should I conclude that using extremely sub-optimal code is perfectly fine just because it runs alright on my device.

Also, remember that I was just using *one* plugin. Do you think that the results would be exactly the same if I were to pile on a few more of your "super cores" and overwrite the bulk of my engine with obfuscated code?

Yet, you fail to include that in your "tl;dr". This is misleading. If that's intention, then this is considered malicious as well.

It was certainly not malicious intent. It's just that, the purpose of a TL;DR is to give as concise of an explanation of the meat of the post as possible. If you add a bunch of explanations and disclaimers into a TL;DR, it stops being a TL;DR... it just becomes a post. And in this particular case, the reason I put it at the top of the post like that was moreso to try to interest people so that they *would* read the explanations and disclaimers. Due to the size of my post, I was worried that people would get scared off and just immediately leave, if I didn't state a clear point immediately.

Personally, I don't feel that it was misleading. I very clearly said that it "can" harm your game's performance, which is entirely true. I didn't say that it "will", and I didn't even say that it's "likely to"--simply that it is possible. And honestly, if I had malicious intentions, I probably would have said that it "will" harm game performance, because that wouldn't even technically be untrue. Using an obfuscated absolutely *will* reduce the performance of your game, even if that performance reduction doesn't result in a demerit that can be detected by the naked eye, but I did consciously try to be fair about how I worded the statement.

But to be more fair, I've gone ahead and edited the post in a way to draw more attention to the section where I explain about the unrealistic conditions thing.

The reason we didn't include it in is because we thought that by obfuscating the code, we made it pretty clear that we didn't want people snooping around it and doing things (which is what brought upon the obfuscation in the first place). But it turns out we thought would be obvious not to do is done anyway.

The thing is, people can't read your mind--especially not from all the way across the internet. But what they *can* read is the words that you type. So when you very clearly type "You may edit the source code to suit your needs", people are going to think that they can, in fact, edit the source code to suit their needs. Plus, I'm fairly certain that I've seen you state, on multiple occasions, that the reason you obfuscate your code is to prevent theft--not because you have some type of issue with people editing the plugins that they purchased from you.

I think that most people would wind up interpreting these two things as: "It's difficult to edit your code now, as an unfortunate side effect of us trying to protect against code thieves, but you are allowed to do it if you are able to."

In just your first post for the thread, you mentioned these are unrealistic extremely situations. And I agree, there should be nothing that is jeopardizing the FPS. Because with the obfuscated Weather Effects plugin, running 10 weather effects simultaneously, though not recommended, doesn't put a big damper on the FPS if at all. Nor will using anything less than 100 spawned events doing all the crazy stuff you're suggesting. Are you actually doing these things in your game?

Please see my explanation in my response to your first point. But just to add on to it, I think it's fairly normal for a game dev to want to optimize their game. If I can easily double the performance of the weather system in my game, without losing anything in return... why wouldn't I? That could make the difference between whether or not someone with a weaker system is able to comfortably run my game. Please bear in mind that while *you* may (arguably) have something to gain from the obfuscation of your plugin, I certainly don't, and the people playing my game certainly don't. So if removing it can potentially improve their experience, and also make the product that I'm releasing even slightly more pride-worthy, then I would obviously prefer to do so.

I question the actual motive for deobfuscating both of the listed plugins, but I'll just leave it at that you're a curious individual.

Since you brought it up anyway, you actually *didn't* just leave it at me being a curious individual. But I mean, why would I even lie about it? If my actual intent was to read/edit your code, I would have no reason to try to hide that, because your ToS explicitly gives me permission to do that, if I were so inclined.

But you're obviously free to think/say whatever you want about me. It won't change the validity of the things that I've said.

This is intended for the code that we provide in the JS Plugin Parameters. Because despite the fact that the code is visible and open for everybody, we have had a few members ask if changing the code in these segments would be okay, and that's what we've placed in.

Spoiler: Relevant portion of the ToS (for easy reference)

3. You may edit the source code to suit your needs, so long as you do not claim the source code belongs to you. VisuStella also does not take responsibility for the plugin if any changes have been made to the plugin's code, nor does VisuStella take responsibility for user-provided custom code used for custom control effects including advanced JavaScript notetags and/or plugin parameters that allow custom JavaScript code.

That seems a little bit weird, simply because it explicitly makes mention of both the plugin's source code *and* the code in the parameters, as two different entities, and it pretty clearly seems to be indicating that it's alright to edit either of them.

i'm still scared to using Visustella Battle Plugin, 'cause that "Lowercase" problem, 'til now...

in the end, i'm still stick in MV. there's so many best plugin to get for my project

Honestly, Battle Core is a very nice plugin, and I think it is one of the ones that are worth a potential performance cost.