In the field of Unity game development, hot-patching technology has become an essential requirement for product iteration, bug fixes, and long-term operation. As the current mainstream native C# hot-patching solution, HybridCLR addresses the pain points of traditional hot-patching through technical breakthroughs such as comprehensive features, high performance, and low memory usage.
It is reported that HybridCLR has already been adopted by thousands of commercial games, with hundreds of them now available on both platforms, covering the vast majority of top-tier and mid-tier game developers.
While HybridCLR offers convenience, it also introduces new security risks. Hot reloading essentially involves dynamically loading external assemblies (DLL files), which exposes these DLLs directly to the client, allowing their full source code to be easily obtained using decompilation tools such as ILSpy or dnSpy. Even if developers apply basic encryption to the DLLs, memory interception tools can still easily extract the decrypted DLL contents at runtime.
If a DLL file is not encrypted, its source code can be reverse-engineered using DNSPy.
It has been observed that unencrypted DLL files pose the following security risks:
Leakage of core source code: DLL files contain the game’s most critical intellectual property, including core business logic, algorithms, and numerical configurations. If decompiled, competitors could easily copy them, rendering the game’s core competitiveness obsolete.
The rampant use of Cheats: Hackers can analyze the code in DLL files to identify key functions (such as damage calculation, item drops, and currency validation), and then create Cheats using methods like memory modification and function hooking, which severely undermine the game’s fairness.
Communication Protocol Hack: The logic for encapsulating and decapsulating network packets is typically implemented in DLLs. Once a DLL is hacked, the communication protocol is exposed, allowing attackers to easily mimic client behavior and carry out malicious actions such as account farming or resource farming.
Therefore, implementing robust encryption for hot-update DLLs is an essential measure for protecting a game’s core assets and maintaining a fair gaming environment; without secure encryption, the convenience offered by hot updates would turn into a significant security risk.
As an industry-leading third-party game security provider, JikGuard has become the first to implement comprehensive encryption support for HybridCLR hot-patch DLLs. This solution is custom-built for the HybridCLR framework, supporting both full-DLL encryption and function-level encryption, and is fully compatible with the framework’s features.
In addition, JikGuard offers features such as encryption of `global-metadata.dat`, metadata obfuscation, and structural virtualization. After encryption, functions are decrypted only on-demand during runtime. This provides robust security protection while reducing the resource overhead of game execution, ensuring smooth and seamless gameplay.
After JikGuard encryption, DNSpy resolution returns an error
JikGuard supports the HybridCLR hot-fix DLL encryption solution, effectively addressing code security challenges in HybridCLR hot-fix scenarios. Developers can retain the development efficiency and performance advantages of native C# hot-fixes while adding reliable protection to core code, eliminating the need to choose between “convenient hot-fixes” and “code security” and providing the necessary security safeguards for stable game operations.