Closed
Conversation
The old Windows64 port had no real player identity — it used hardcoded fake XUIDs, so anyone could impersonate anyone. This replaces that with proper auth supporting Mojang, Ely.by, and offline accounts. MCAuth library (new, MCAuth/): Mojang auth via MSA device code flow (XBL, SISU, MC services), Ely.by via Yggdrasil with 2FA, offline UUID generation matching Java Edition (MD5 v3 from "OfflinePlayer:<name>"). Multi-account manager with background token refresh, per-slot sessions, and on-disk token persistence. Server-side session verification via Mojang/Ely.by hasJoined API. Skin fetching and PNG validation from texture servers. Network protocol (version bumped to 80): Three new packets (AuthScheme, AuthResponse, AuthResult) implement a server-driven auth handshake before login completes. Player identity migrated from 64-bit XUID to 128-bit GameUUID backed by two uint64 fields (hi/lo). readPlayerUID/writePlayerUID now serialize 16 bytes on the wire. Old and new clients cannot connect to each other — version mismatch is rejected at PreLogin. Save migration: Map data mappings auto-migrate from old format: the old 64-bit XUID is placed in hi, lo is set to 0 as a sentinel. On first access by the real player, the sentinel entry is upgraded in-place to the full 128-bit UUID. Format detection is by file size (2080, 2112, or 4160 bytes). Player .dat filenames inside saveData.ms change from decimal XUID to dashed UUID — old saves need manual entry renaming in the archive. UI: NativeUIRenderer: immediate-mode drawing system (quads, text, 9-slice panels, scrollbars, focus lists) for rendering auth screens without Flash/Scaleform. UIScene_MSAuth handles device code display, Ely.by credential input with 2FA, per-account skin head preview, and multi-account add/remove/switch. Server: online-mode and auth-provider (mojang/elyby) in server.properties. Whitelist and ban checks validate against the server-verified UUID. Incompatible auth scheme logs which provider the server expects vs what the client is using. Also fixes a pre-existing exploit where any client could send a DebugOptionsPacket to grant themselves CraftAnything and other debug privileges on any server — now requires OP status server-side.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Adds a proper authentication system (Mojang, Ely.by, offline) to replace the old hardcoded fake XUID identity on Windows64.
Previous Behavior
The Windows64 port had no real player authentication. It used hardcoded fake XUIDs, which allowed anyone to impersonate any player. There was no session verification or multi-account support.
Root Cause
The original console codebase relied on platform-specific identity systems (Xbox Live, PSN) that do not exist on PC. The Windows64 port previously stubbed these out with static values, leaving the game without actual identity verification.
New Behavior
Players can now authenticate using:
The server now verifies sessions via
hasJoinedAPIs. Player identity uses a 128-bitGameUUIDinstead of a 64-bitXUID. Additionally, old saves will auto-migrate on first access.Implementation
MCAuth/): Handles Mojang MSA device code flow (XBL → SISU → MC services), Ely.by Yggdrasil auth with 2FA, and offline UUID generation via MD5 v3. Features a multi-account manager with background token refresh, per-slot sessions, on-disk token persistence, and skin fetching with PNG validation.AuthScheme,AuthResponse,AuthResult) to implement a server-driven auth handshake.readPlayerUIDandwritePlayerUIDnow serialize 16 bytes. Old and new clients will correctly reject each other atPreLogin.UIScene_MSAuthfor the login flow,NativeUIRendererfor rendering authentication screens, and updated the skin selection menu for authenticated accounts.AI Use Disclosure
AI was used during the development of this PR to: