CREATE YOUR AI CUM SLUT ON CANDY.AI TRY FOR FREE
x

Ren'Py New Ren'Py Token Check (when creating a save)

zmeydoom

Newbie
Jan 2, 2018
65
39
You aren't deprived of your right to choose

save file that clearly and openly looks corrupted.
A damaged save is a save that leads to a crash, the impossibility of further progress in the plot, or simply does not load due to damaged structure (interrupted file download as an example). There are clearly working files here. It's just that the protection is made on the principle of "protected" videos from iTunes... Because it was worth breaking the verification algorithm - everything worked again. What enraged me was the obvious mockery in the form that the "Yes" and "No" buttons lead to the same result - why did the "choice" dialog have to be done at all if there was a ban on loading saves everywhere anyway? But as I said right away: this is my strictly personal opinion.
 
  • Like
Reactions: Astral Corruption

anne O'nymous

I'm not grumpy, I'm just coded that way.
Modder
Donor
Respected User
Jun 10, 2017
11,009
16,295
A damaged save is a save that leads to a crash,
I wonder, could it be the reason why I wrote "looks corrupted", and not "is damaged" ?


What enraged me was the obvious mockery in the form that the "Yes" and "No" buttons lead to the same result
And as I said, it's not Ren'Py's fault. When the save file is correctly edited, choosing "yes" lead to the save file being loaded. If it isn't don't blame Ren'Py, blame whatever you used to edit the file.


this is my strictly personal opinion.
If it was an opinion, you would have took the time to effectively read what I answered you, and to think about it. But you didn't bothered with this. You don't care to know why you can't load the file, you just want your conviction to be confirmed.
 
  • Angry
Reactions: Chaos La Croix

zmeydoom

Newbie
Jan 2, 2018
65
39
I wonder, could it be the reason why I wrote "looks corrupted", and not "is damaged" ?

And as I said, it's not Ren'Py's fault. When the save file is correctly edited, choosing "yes" lead to the save file being loaded. If it isn't don't blame Ren'Py, blame whatever you used to edit the file.

If it was an opinion, you would have took the time to effectively read what I answered you, and to think about it. But you didn't bothered with this. You don't care to know why you can't load the file, you just want your conviction to be confirmed.
And here you are partly right. This is where about my conviction. Because all this checking is generally an unnecessary function. But about a properly edited file... I think if the file is edited correctly, the engine will not even see the substitution. And there will simply be no dialogue. I'm not a programmer or even a coder, but font files in Unity games are edited in a similar way when translating games. Both the security key and the size up to a bit will match. And since intelligent people are engaged in writing viruses, this function, if effective, is not for long. So far, it has proven its effectiveness only against save editors. Well, at least let the authors of games with a lot of grind be happy)) After all, I've seen a game with a built-in anti-cheat))
 

anne O'nymous

I'm not grumpy, I'm just coded that way.
Modder
Donor
Respected User
Jun 10, 2017
11,009
16,295
This is where about my conviction. Because all this checking is generally an unnecessary function.
I get that you never buckle your seat belt, don't care to turn off the gas, and so on, right ? After all, only idiots suffer from car crash and other catastrophes. Like only idiots can suffer from .


But about a properly edited file... I think if the file is edited correctly, the engine will not even see the substitution.
Except that the security is done through a public/private key combination. It's not because, technically speaking, both are private since on your computer only, that it change something to the level of security. Unless you know the key used for the encoding, you can't fake it.


I'm not a programmer or even a coder, [...]
And therefore you should ask instead of assuming that you know...


And since intelligent people are engaged in writing viruses, this function, if effective, is not for long.
It's been more than three decades that security is done through a public/private key procedure...
Of course, Ren'Py use a lowest level of security, this being mandatory since save file sharing need to stay a possibility. But it doesn't mean that it's not strong enough, just that it's not the whole content that is encrypted.

So far, it has proven its effectiveness only against save editors.
No. It's save editors that proved its effectiveness, what is different. By generating corrupted saves that Ren'Py refuse to load, they demonstrated that it's not possible to alter a protected save file in a transparent way.


Well, at least let the authors of games with a lot of grind be happy)) After all, I've seen a game with a built-in anti-cheat))
It's been years that there's Ren'Py games with built-in anti-cheat. The first one was already near to be completed when I registered mid 2017.
But anyway most players use the console to cheat, it's way easier and way faster.
 
  • Angry
Reactions: Wooloomooloo

zmeydoom

Newbie
Jan 2, 2018
65
39
I get that you never buckle your seat belt, don't care to turn off the gas, and so on, right ?
You don't have permission to view the spoiler content. Log in or register now.
After all, only idiots suffer from car crash and other catastrophes.
But this is a clear inflection - here is the principle of personal and collective luck (or bad luck?).

Like only idiots can suffer from .
I strongly agree. The only time in the last several years when I downloaded someone else's save, and especially not from a site I trust, was just a file with an example of malicious code) I was disappointed in Avast, he did not consider the file problematic and kept silent even after loading it in the game ( And immediately after that he scanned when booting the system.

Except that the security is done through a public/private key combination. It's not because, technically speaking, both are private since on your computer only, that it change something to the level of security. Unless you know the key used for the encoding, you can't fake it.
As long as there is no need for it. There was still no protection that would not be hacked. It all comes down to one question: Who needs it?

And therefore you should ask instead of assuming that you know...
And so I assumed, not claimed.

Of course, Ren'Py use a lowest level of security, this being mandatory since save file sharing need to stay a possibility.
But there is almost no sense in it. A person with a 99 percent guarantee will pass the game in a different way than I will. It's easier for me to try again if the saves don't work. The only point is to send a save to the developer if you managed to make a save before a recurring bug / error in the game.

No. It's save editors that proved its effectiveness, what is different. By generating corrupted saves that Ren'Py refuse to load, they demonstrated that it's not possible to alter a protected save file in a transparent way.
And here you still didn't want to understand what I wanted to tell you. As it was said in the article you cited, the probability of the spread of infected saves is extremely small. In addition, at all times, the best antivirus has always been the head on the shoulders of the user. And if it goes on like this, then mods will soon be under a similar ban, because it's even easier to spread viruses through them. Developing paranoia further, who prevents the release of a game with already embedded malicious code? The same DDLC proves that no one prevents.There, the game itself removes saves, learns the name of the user account in the system, etc. But only now the developers of the engine are stirring (I wonder what has changed, that they are stirring?).

use the console to cheat, it's way easier and way faster
But here I disagree. It's one thing to just edit a save and quite another to look for variables in it, copy their console (which still needs to be turned on, which is a waste of time) and edit them there already. And so most likely more than once.

Yes, it's been a long time since I've typed so much) Only it doesn't make any sense at all. We call it "kitchen politics".
 

MrRaynor

Member
Apr 3, 2018
230
146
If the keys are what's bothering, you can solve it in a few steps.
Beware it permanently revokes security keys. Do at your own risk
Buckle-up it might be rocket science for some.

1 - Open the security_keys.txt (%appdata%\roaming\renpy\tokens) and remove both the keys contents (not their header, only the characters string).
2 - Save
3 - make the file read-only (right-click, properties, read-only checkbox, OK).
5 - Run your game and load your savegame
6 - Facepalm (optional)
7 - Enjoy
Tested on 04/11/2023 on Love & Sex: Second Base made by Andrealphus.
Works like a charm!!
You just have to remove the string after the - .
Remember to do a backup file in case you mess up or it doesn't work on your game!!
See the images!!
 

anne O'nymous

I'm not grumpy, I'm just coded that way.
Modder
Donor
Respected User
Jun 10, 2017
11,009
16,295
You don't have permission to view the spoiler content. Log in or register now.


[...] I was disappointed in Avast, he did not consider the file problematic and kept silent even after loading it in the game [...]
Breaking news, anti-virus can only be preventively efficient against effective code, whatever direct one (software) or indirect one (embedded in data).
When the first JPEG flaw appeared, offering the possibility to execute code through the simple display of an image, not a single one got it, because not a single one expected to have active code processed through a passive data file. And it happen that not only it's the same for Ren'Py save files, but the flaw itself do not rely on effective code. No anti-virus will ever protect you against this.


As long as there is no need for it. There was still no protection that would not be hacked.
But there's need for it... As I said Ren'Py save files security is based on a method that is the base of all encrypted communication since more than three decades... While the implementations obviously had some flaws among the time, the method itself don't have one.
And for once I'm affirmative in my saying, because it's been more than a decade that all the security agencies around the world are fighting against that method in order to find a global way to break all encrypted exchanges.

As for Ren'Py's implementation of the method only have three flaws:
1) An already compromised host permit to get the key and therefore to fake the security header. But there's no need for that since you already have full access to the computer.
2) The redistributed version of the game can have been altered to bypass the security check. But there's no need for that because, if you can alter that version, you can directly put your malicious code in it.
3) You can simply remove the security header, but then Ren'Py will warn you that the save is potentially dangerous, and ask you if you want to continue.


But there is almost no sense in it. A person with a 99 percent guarantee will pass the game in a different way than I will. It's easier for me to try again if the saves don't work. The only point is to send a save to the developer if you managed to make a save before a recurring bug / error in the game.
Five years that you're a member here, and you still haven't noticed that a vast part of the members pass their time asking for save files because they don't care about the game and just want to beat their meat to the new porn...


And here you still didn't want to understand what I wanted to tell you.
Make no mistake, I totally understood you.

It's not because I'm responding to what you write, that I'm talking to you. I'm addressing the points you try to make, but to the attention of the readers, not to yours.
This because there's obviously no reason to explain whatever to you, you know nothing about what you talk about and will never question what you think you know. You also are totally unable to project your thought outside of your personal reality and to understand a concept as basic as the fact that not everyone is you, and therefore not everyone act like you ; refer to the metaphor you discarded at the starts of your answer.


As it was said in the article you cited, the probability of the spread of infected saves is extremely small.
Like the probability to be involved in a car crash or to have your house damaged by a gas leak... Yet people take precautions against this, because they aren't idiots.
Also like the probability that you get a virus on your computer, yet you use an anti-virus, or like the probability to have a bike crash, yet you... Yeah, no, you surely don't wear a helmet...


And if it goes on like this, then mods will soon be under a similar ban, because it's even easier to spread viruses through them.
My god, nothing less than a ban... Life must be hard for someone who, like you, take every little constraint as a personal attack against his freedom...


Developing paranoia further, who prevents the release of a game with already embedded malicious code? The same DDLC proves that no one prevents.There, the game itself removes saves, learns the name of the user account in the system, etc. But only now the developers of the engine are stirring (I wonder what has changed, that they are stirring?).
Critical thinking isn't your strength, right ?

Of course, it's perfectly possible to spread malicious code directly through the game, and through mods. It's a threat that have always existed. Most users are totally aware of it, taking their precautions.
But there's way to partly prevent it beforehand, and they are applied. Every games linked in a game thread is scanned before being presented to the members. And if someone raise a legit suspicion regarding the integrity of the game, the links will be immediately removed, the time to investigate further.
Exactly like there's way to partly prevent the security issue caused by Ren'Py saves, ways that are applied through the mechanism that offend so much your vision of the world...


But here I disagree. It's one thing to just edit a save and quite another to look for variables in it, copy their console (which still needs to be turned on, which is a waste of time) and edit them there already. And so most likely more than once.
Oh god... Dropping a one line file into the "/game" directory is a waste of time... A one second operation (when done correctly) is a waste of time compared to the need to upload, then download, a save file to edit it...
 

zmeydoom

Newbie
Jan 2, 2018
65
39
You don't have permission to view the spoiler content. Log in or register now.

You don't have permission to view the spoiler content. Log in or register now.


Breaking news, anti-virus can only be preventively efficient against effective code, whatever direct one (software) or indirect one (embedded in data).
When the first JPEG flaw appeared, offering the possibility to execute code through the simple display of an image, not a single one got it, because not a single one expected to have active code processed through a passive data file. And it happen that not only it's the same for Ren'Py save files, but the flaw itself do not rely on effective code. No anti-virus will ever protect you against this.
And meanwhile, the same Avast found viruses both in pictures and in videos back in the days of the popularity of DVDs with different multimedia.



3) You can simply remove the security header, but then Ren'Py will warn you that the save is potentially dangerous, and ask you if you want to continue.


It's easier to do as Pinsel advised, then there will be no warnings, and it's easier to restore.


Five years that you're a member here, and you still haven't noticed that a vast part of the members pass their time asking for save files because they don't care about the game and just want to beat their meat to the new porn...
Saw. And I have always wondered why these people are not on the video hosting site, of which there are thousands for all tastes, both in the public domain and in the darknet...


Make no mistake, I totally understood you.
Not quite.

This because there's obviously no reason to explain whatever to you, you know nothing about what you talk about and will never question what you think you know.
I know what I'm talking about from the user's point of view, and you're explaining to everyone a technical point of view that is interesting only to developers and other tech-savvy people.So everything is created for the end user, right? No?

You also are totally unable to project your thought outside of your personal reality and to understand a concept as basic as the fact that not everyone is you, and therefore not everyone act like you
You don't have permission to view the spoiler content. Log in or register now.

Also like the probability that you get a virus on your computer, yet you use an anti-virus,
This probability is very considerable
or like the probability to have a bike crash, yet you... Yeah, no, you surely don't wear a helmet...
You don't have permission to view the spoiler content. Log in or register now.

My god, nothing less than a ban... Life must be hard for someone who, like you, take every little constraint as a personal attack against his freedom...
You don't have permission to view the spoiler content. Log in or register now.



Critical thinking isn't your strength, right ?
Ha ha ha. Funny (no).

ways that are applied through the mechanism that offend so much your vision of the world...
You don't have permission to view the spoiler content. Log in or register now.

Oh god... Dropping a one line file into the "/game" directory is a waste of time... A one second operation (when done correctly) is a waste of time compared to the need to upload, then download, a save file to edit it...
You don't have permission to view the spoiler content. Log in or register now.
 

Bloodmoon22

Member
Oct 17, 2020
180
112
Well as much as I hoped to keep using my Ren'pl save editor, I just do not understand why my personal save files from my game need to not be able to work. I do NOT use other people's saves. I will just not use it. I am not a computer/program person.
 

mrtr

New Member
Oct 4, 2018
5
8
You Sir, you deserve a Medal Of Honor thank you omfg, i was so pissed off i can't edit my own save but now i can thanks
 
  • Like
Reactions: WuzzyFuzzy

Arturvo

New Member
Jul 20, 2017
12
2
Thing to note. Just started playing Oppai Odyssey which according to the log file is running Ren'Py 8.1.3.23091805. Had some settings file issues where I would set something in settings. But it wouldn't actually save it. If I closed the game and opened it later it would set settings to a default. Turns out that using the save token fix mentioned here of blanking the token file and setting it to read only caused it. Tested by deleting the file and letting the game create a new one and lo and behold settings now save when closing the game. I don't know if this was something that was always a thing since the fix was found or if its a recent renpy update but seems like Renpy dev is trying to annoy us into using the save token thing.

Edit: Just did some basic try to fix it myself by just straight up editing renpy code and deleting save token code. Not frankly sure if all of it would need to deleted but for settings I just searched for "savetoken" in the persistent.py code since that is what dictates the persistent file which is where settings are stored and worked for me. Though this might be a bit more code monkey than some people might be used to. No idea if this can be done with some tool or not instead of having to do it manually for each game running newer Renpy versions.
 
Last edited:
Apr 30, 2020
276
200
Hello, I have a quick workaround for this
Here is a python script that can use your local tokens and overwrite the save signature to unlock it

How-to-use it

0) Make sure you have python3 installed and it accessible from console + install ecdsa using 'pip install ecdsa'
1) Unpack python script into your test folder.
2) You need to find your save location and copy "security_keys.txt" to folder with your script
3) copy savegame (1-11-LT1.save for instance into location with Your script)
4) run script 'python3 repack-savefile.py security_keys.txt 1-11-LT1.save' (where first should be your tokens textfile, second is name of savegame). Path can be absolute or relative - should work in both cases.
5) copy savegame file back to savegame location, override it.
Be Aware! this script override "signature" file in your savegame, please make backup before use it.


Just open and follow the instruction

Tested on BigBrother and using
Nice save! Thank you and happy new year :D
 
  • Like
Reactions: WuzzyFuzzy

magistrate

Member
Feb 2, 2019
206
320
Just open and follow the instruction

Tested on BigBrother and using
Unfortunate that the only tool now is a website. No guarantee of uptime if it's not running on your local machine.
 
  • Like
Reactions: WuzzyFuzzy

WuzzyFuzzy

Well-Known Member
Jan 23, 2020
1,586
3,215
Just open and follow the instruction

Tested on BigBrother and using
Unfortunate that the only tool now is a website. No guarantee of uptime if it's not running on your local machine.
I did not realize this had been put online. derfirm didn't post that he had edited a previous post. :p I will update the OP with this new information.

Also, after going to the website I see they copied parts of my OP without permission! I should demand compensation of, what? Millions, thousands, cookies? :cool:
 

Animee

Newbie
May 24, 2019
27
8
Okay so.. I tried all things people here said on Knightly Passions ? Nothing worked, always get this traceback thingy after the game crashed. (I only cheated myself money)
 

Twistty

The Happy Beaver
Donor
Respected User
Former Staff
Sep 9, 2016
4,389
39,407
Okay so.. I tried all things people here said on Knightly Passions ? Nothing worked, always get this traceback thingy after the game crashed. (I only cheated myself money)
I do not know what you used before - but if you undo all that, and just use these 2 files - you should be ok.
Worked for ALL the games I tried so far....
 

Twistty

The Happy Beaver
Donor
Respected User
Former Staff
Sep 9, 2016
4,389
39,407
WuzzyFuzzy

Please tell people to not mess with the signing-key part of the "security_keys.txt" - it can and will cause issues later.
Also - making that "security_keys.txt" file - read only, is a path to failure.

The below attached .7z has 2 files.

The renpy folder has a savetoken.py that should over-write the old one.
The ren'py SDK's "savetoken.py" for the versions 8, 1, 1 - 8, 1, 2 - 8, 1, 3 etc., did change slightly with each version - but that file I provided works on all of them - and should work on futures versions as well!

The game folder - has an "extra_savedirs_fix.rpy" file - that stops the extra "sync" files *(redundant save files) from being created in the appdata/roaning/renpy/game folders. Those files are fairly useless - and wastes a lot of drive space. It also includes some of the most common, and used game fixes - that aid many games.

Cheers

Edit - Updated the mod to work an all versions - including ren'py 8.2.0+ and 7.7.0+ as well as older ren'py versions also.
 
Last edited:

Animee

Newbie
May 24, 2019
27
8
I do not know what you used before - but if you undo all that, and just use these 2 files - you should be ok.
Worked for ALL the games I tried so far....
I can play the game normally, I only get the gamecrash ect whenever I try loading the edited save file. So I'm good, but thanks anyway. I just hate grinding money in games-
 
  • Like
Reactions: Twistty

WuzzyFuzzy

Well-Known Member
Jan 23, 2020
1,586
3,215
WuzzyFuzzy

Please tell people to not mess with the signing-key part of the "security_keys.txt" - it can and will cause issues later.
Also - making that "security_keys.txt" file - read only, is a path to failure.

The above attached save lock fix.zip has 2 files.

The renpy folder has a savetoken.py that should over-write the old one.
The ren'py SDK's "savetoken.py" for the versions 8, 1, 1 - 8, 1, 2 - 8, 1, 3 etc., did change slightly with each version - but that file I provided works on all of them - and should work on futures versions as well!

The game folder - has an "extra_savedirs_FIX.rpy" file - that stops the extra "sync" files *(redundant save files) from being created in the appdata/roaning/renpy/game folders. Those files are fairly useless - and wastes a lot of drive space. It also includes some of the most common, and used game fixes - that aid many games.

Cheers
Thanks for the good news! I have updated the OP to reflect your fix and link to the mod. I would encourage you to start a mod page for your fix as I think most folks won't come here looking for a solution. A dedicated mod page would be easier to find (but I am sure you know better than I).

Regardless, thanks again for the help!
 
  • Yay, update!
Reactions: Twistty

Twistty

The Happy Beaver
Donor
Respected User
Former Staff
Sep 9, 2016
4,389
39,407
Thanks for the good news! I have updated the OP to reflect your fix and link to the mod. I would encourage you to start a mod page for your fix as I think most folks won't come here looking for a solution. A dedicated mod page would be easier to find (but I am sure you know better than I).

Regardless, thanks again for the help!
Ya I was thinking about making a separate post - then I saw your page.
Maybe I still will make my own?

Sounds like you tried them - and they worked for you?
I'm glad - if it helped!? ;)
 
  • Like
Reactions: WuzzyFuzzy