Ov2.5
This open-source library is designed for experienced developers looking to create custom anti-tamper solutions on the client side.
🐼 Ov2.5 - Open Source Client-Side Validation Library
This open-source Roblox Lua library is designed for experienced developers looking to create custom anti-tamper solutions on the client side.
For Advanced Users Only!
This library is intended for developers who understand client-side security and are capable of securing the library and its implementation themselves. Being open-source, the base code is inherently vulnerable if not properly integrated and protected.
If you are not confident in securing client-side Lua scripts, consider using a more managed solution like SVAL or the Panda V3 Internal Library with Virtual Script Storage.
This documentation provides instructions for a Roblox Lua script that sends a user-specific key and a Hardware ID (HWID) – in this example, the UserID – to an external server via an HTTP request to validate a service key.
⚠️ Warning & Disclaimer
Use at Your Own Discretion
Your use of this documentation and the provided script examples is entirely at your own risk. The key system provider (Panda Development) offers limited support for this direct endpoint usage and does not assume responsibility for any security issues, vulnerabilities, or damages that may arise from your implementation.
You are responsible for implementing your own security measures to protect your scripts and systems.
If there are any updates to the service endpoints (
https://pandadevelopment.net/...), you will be responsible for manually updating your script accordingly.This open-source approach means potential attackers can also see this code. Secure it well!
🛠️ Implementation
1. 🆔 Identifying your Service
This is crucial for the validation system to know which service the key belongs to. You need to replace "Your_Identifier" with the actual identifier provided to you by Panda Development for your script/service.
local Identifier = "Your_Identifier" -- ❗ IMPORTANT: Replace with your actual service identifierHow to get your identifier? This is typically provided when you register your service with Panda Development.
2. 👤 Player & Server Configuration
Set up variables for the user's key, Roblox services, the HWID, and construct the server validation URL.
-- User's Key (this needs to be obtained from the user)
local UserKey = "KEY_HERE" -- Example: Get this from a TextBox, saved variable, etc.
-- Roblox Services
local PlayerService = game:GetService("Players")
local HttpService = game:GetService("HttpService")
-- Hardware ID (HWID)
-- In this example, we use Player.UserId.
-- For better security, consider using a more unique and persistent HWID from the executor.
local UserID_HWID = PlayerService.LocalPlayer.UserId
-- Server Validation Endpoint (Constructed for ValidateKey function)
-- Note: This specific URL construction is shown as an example.
-- The ValidateKey function will construct it dynamically.
-- local ServerConfiguration_Example = "https://pandadevelopment.net/v2_validation?key=" .. UserKey .. "&service=" .. Identifier .. "&hwid=" .. UserID_HWID3. ✅ Validating the Key
This function sends the user's key, service identifier, and HWID to the Panda Development V2 validation endpoint.
function ValidateKey(key, serviceId, hwid)
-- Ensure HttpService is available
if not HttpService then
warn("[Pelinda Ov2.5] HttpService not available.")
return false, "HttpService not available"
end
local validationUrl = "https://pandadevelopment.net/v2_validation?key=" .. tostring(key) .. "&service=" .. tostring(serviceId) .. "&hwid=" .. tostring(hwid)
local success, response = pcall(function()
return HttpService:RequestAsync({
Url = validationUrl,
Method = "GET"
})
end)
if success and response then
if response.Success then
local jsonData, decodeSuccess = pcall(function()
return HttpService:JSONDecode(response.Body)
end)
if decodeSuccess and jsonData then
if jsonData["V2_Authentication"] == "success" then
print("[Pelinda Ov2.5] Authenticated successfully.")
return true, "Authenticated"
else
local reason = jsonData["reason"] or "Unknown reason"
print("[Pelinda Ov2.5] Authentication failed. Reason: " .. reason)
return false, "Authentication failed: " .. reason
end
else
warn("[Pelinda Ov2.5] Failed to decode JSON response.")
return false, "JSON decode error"
end
else
warn("[Pelinda Ov2.5] HTTP request was not successful. Code: " .. tostring(response.StatusCode) .. " Message: " .. response.StatusMessage)
return false, "HTTP request failed: " .. response.StatusMessage
end
else
warn("[Pelinda Ov2.5] pcall failed for HttpService:RequestAsync. Error: " .. tostring(response)) -- 'response' here is the error message from pcall
return false, "Request pcall error"
end
endBreakdown of ValidateKey:
Constructs the
validationUrlusing the provided key, service ID, and HWID.Uses
HttpService:RequestAsyncwithin apcallfor safe HTTP GET requests.On successful HTTP request:
Decodes the JSON response body (also within a
pcall).Checks the
V2_Authenticationfield in the JSON data.If
V2_Authentication == "success", it returnstrueand a success message.Otherwise, it prints a failure reason (if available) and returns
falsewith an error message.
On HTTP request failure or JSON decode failure: Logs a warning and returns
falsewith an error message.
4. 🔗 Obtaining the Key Link
This function generates the URL that users can visit to obtain their key for your service.
function GetKeyLink(serviceId, hwid)
return "https://pandadevelopment.net/getkey?service=" .. tostring(serviceId) .. "&hwid=" .. tostring(hwid)
endHow to use GetKeyLink:
Your users will need to access this link. Common methods include:
-- Example:
local serviceIdentifier = Identifier -- From your configuration
local playerHwid = UserID_HWID -- From your configuration
local keyRetrievalLink = GetKeyLink(serviceIdentifier, playerHwid)
print("Visit this link to get your key: " .. keyRetrievalLink)
-- Or copy to clipboard (if the executor supports setclipboard/set_clipboard)
-- setclipboard(keyRetrievalLink)
-- print("Key retrieval link copied to clipboard!")⚙️ Usage Example
Here's how you might put these functions together in your script:
-- == CONFIGURATION ==
local Identifier = "Your_Identifier" -- ❗ Replace with your actual service identifier!
local UserKey = "" -- This should be obtained from the user (e.g., a GUI input, a saved file)
local PlayerService = game:GetService("Players")
local HttpService = game:GetService("HttpService")
local UserID_HWID = PlayerService.LocalPlayer.UserId -- Or your custom HWID logic
-- == FUNCTIONS (as defined above) ==
-- function ValidateKey(key, serviceId, hwid) ... end
-- function GetKeyLink(serviceId, hwid) ... end
-- == SCRIPT LOGIC ==
-- Step 1: Provide the user with a way to get their key
local keyLink = GetKeyLink(Identifier, UserID_HWID)
print("To use this script, please get your key from: " .. keyLink)
-- You might prompt the user to enter their key after they visit the link
-- For this example, we'll assume UserKey is populated somehow.
-- Example: UserKey = some_gui_textbox.Text
-- Simulate getting the key from the user (replace with actual input method)
if UserKey == "" then
warn("[Pelinda Ov2.5] UserKey is not set. Please obtain a key and set the UserKey variable.")
-- return -- Stop script if no key is provided
end
-- Step 2: Validate the user's key
if UserKey ~= "" then -- Only attempt to validate if a key is provided
print("[Pelinda Ov2.5] Validating key: " .. UserKey)
local isValid, message = ValidateKey(UserKey, Identifier, UserID_HWID)
if isValid then
print("[Pelinda Ov2.5] Key is VALID. Welcome!")
--
-- ✅ YOUR SCRIPT'S MAIN FUNCTIONALITY GOES HERE ✅
--
else
print("[Pelinda Ov2.5] Key is INVALID. " .. message)
-- Handle invalid key (e.g., stop script, notify user)
end
else
print("[Pelinda Ov2.5] No key provided for validation.")
endLast updated