So, I came up and made this concept into a repl, and it works surprisingly well.
I have a 64-digit code, and I put it in as a secret. I then hid some code among core module files (of which there are several hundred python files in) and hid some code in several of the files. When the repl starts, if the secret doesn’t match a certain value, it deletes all the files. Though it’s technically doable to get it working still, most people won’t spend the time to scan several hundred files (which can contain tens of thousands of lines of code).
That also doesn’t exist for anything but your end of the Repl, unless you put the URL to the DB in your code, or use a DB proxy. both methods which make it easier for someone to get the code.
In my opinion this doesn’t work. The best you can do is use a server verification link in which you send someone to a website where you do a captcha and check the owner using replit auth and send the info back that way
no they do not. However, any cover repl is forked so keep that in mind. That is, every time a repl is run, it is forked and put into a temp VM that gets deleted
they don’t work like that. They send a https request to a global server which stores the scores. Otherwise, if it’s a repl that uses deployment THEN the db is global otherwise it needs an external server
yeah sadly you can’t. You can know if it’s the cover repl or not but you can’t actually let it run normally on the cover page because replit doesn’t want to spend the afternoon adding proper security or even just deleting env vars after run + give some global ones ;-;
If you want to authenticate a user from a console repl to an external leaderboard, you should use repl identity, that way you can ensure that a request came from an account. You have to use an external leaderboard, because replit ‘ghost forks’ non-server repls.