Sorry your browser is not supported!

Yeah, I noticed there is a lot of old/outdated code in there that could be trimmed. Thanks for looking into that to help keep development of AppGameKit viable.

Set some time aside today to explore bytecode options and I'll need to figure out how to get it to compile again, lol. After getting things set up, trying to compile the Windows interpreter results in:

Error LNK1107 invalid or corrupt file: cannot read at 0x85 interpreter \dev\AGKRepo\AGK\AgkIde\platform\windows\Lib\VisualStudio\Release64\AGKWindows64.lib 1

It apparently can't read its own Win64 library file. Usually that error occurs when trying to link an incompatible file (library for header or vice versa for example), but I'm pretty sure the include paths are correct. Who knows though, this was after a long workday. So I'll need to figure out why that is happening before I can even attempt to change bytecode loading behavior.

Basically, the compile process will just need to read the bytecode.byc file after it is placed in the \media folder, put it together as a memory block, append it to the end of the player (after it's copied to the project folder), then include a few markers for where to start reading the bytecode data into memory and how much data to read. Effectively much like reading a native memblock, just through the interpreter (simply reading the data from its own file).

You make it sound easy lol but it's probably beyond my skill level I have finally managed to build the HTML5 files in Linux so hopefully HTML5 exports still have a future.

Set some time aside today again to give this a shot, still get that same error message above and can't sort out why. I may just have to start over and try putting the whole thing together again in VS2022 from scratch.

The idea isn't too difficult, I've considered two approaches. Some theory below Basically, in 'interpreter.cpp', before this on line 182:

if ( agk::GetFileExists( "bytecode.byc" ) == 1 )

A new step would be added to check for a special marker value in the EXE itself indicating the bytecode is present inside the EXE file itself. Something like (added to the pool of available AppGameKit calls or its own operation):

if ( agk::GetBytecodeMarker() == 1 )

If present, the interpreter would then load the data starting from the marker to the end of the file in exactly the same way it would read it from the '\media\bytecode.byc' file (just skipping the data contained in the interpreter file first). You can see the principle in action now by simply adding the bytecode file onto the end of the interpreter with something like (simple Tier1 example):



Putting it together is literally that simple (could even use AGK's Tier2 calls to do the same thing internally when compiling). Attaching the bytecode data that way will still allow the EXE to run as normal (you can try it if you like), it simply now contains the bytecode data with it. Since the bytecode would no longer be in the \media folder, the default AppGameKit broadcast window will appear when the EXE is run on its own. So the interpreter/player simply needs a way to detect that the bytecode has been attached to the EXE (via some kind of marker check) and then read the data like it always does, just from the EXE instead of the separate bytecode file.

This allows the EXE to be self-contained, no need for unreliable virtual environments (that get flagged by A/V programs) while also eliminating the biggest security gap AGK/C/S has had by giving developers a way to codesign their game to keep things safe and 'locked'.

The only other possible route I can think of would be to generate a SHA512 hash after the bytecode.byc file is built, then attach that internally to the end of the interpreter EXE file, then have a check to compare the internal hash with the hash of the bytecode file at launch, then load and run as normal if they match or exit if they don't match. This binds the interpreter to only one byecode file, allowing the specialized interpreter to still be codesigned for security and not allowing anything other than the one bytecode file to run without breaking the signing/security.

The internal attachment approach might be best, but anything would be better than leaving a potentially signed player capable of running any bytecode file.

Sorted out my linking problem and have managed to put together a hash integrity system in prototype form that I'll be developing further. It's very customized to my projects for the time being, but if things check out and work like they should going forward, I'll plan on cleaning it up and making it more generic for broader use. Then others can compile their own versions of the players they need with hash protection.

Couple of side notes. My approach does require implementing OpenSSL to better generate SHA hashes from files. So that needs to be installed and linked into Visual Studio (as static also, not dynamic so no external DLL's will be required). It can be installed via the vcpkg manager (vcpkg install openssl:x64-windows-static), then some linking additions are needed for the project to link to the generated 'libcrypto.lib' file once 'x64-windows-static' is built:

C/C++ > General > Additional Include Directories > vcpkg\installed\x64-windows-static\include\openssl
Linker > General > Additional Library Directories > vcpkg\installed\x64-windows-static\lib
Linker > Input > Additional Dependencies > add libcrypto.lib

That's the only additional installation step, everything else is just custom code added to the player to perform a hash retrieval from the EXE, hash capture from the bytecode, then comparison to validate.

Excellent! I'd be interested in trying this once you feel your code is ready to share.

I guess as long as this forum is still alive, I can post some initial details here in code format (as trying to post such things on Discord just gets lost in the void and lacks practical searchability). I'll send you a preview via forum DM and we can review it to see if anything might need to be changed or improved.

I'm on holiday for a few weeks so I can't do a lot at the moment, so I'm unable to help sorry. Can you PM your email address as I don't use Discord and I've forgotten my password for the syntaxbomb forum now as well which doesn't help

AGK has suddenly become very complicated due to TGC and their decisions

E-mail address and preview of a how-to guide sent over forum PM.

Ok thanks. I have made a copy of your messages before the forum closes and I lose access to them

I am not sure what this is totally, but it looks important. I want to invite you to post info and links about it on the subreddit!

https://www.reddit.com/r/DarkBasicDev/

I hope I'm not out of line. I'm just not sure how to present this or what information is important.