Description
Dear Sirs,
While exporting the saves, I found that the generated file consists of a textual string. Upon further analysis, I recognized that it is a Base64 encoding. By deciphering the save, I was able to access the entire log of my events, resources, and other related data.
Next, I made changes to the parameters present in the save, and, once recoded in Base64, I re-imported the resulting string. In doing so, I was able to start a game with the modified values.
I understand that the purpose of the game is to provide a light-hearted and entertaining experience; however, finding exploits of this type can compromise the fun. Therefore, I would like to report this vulnerability to you so that you may consider implementing a more robust encryption algorithm, especially if in the future you should need to include textual strings of a sensitive nature, such as debugging information, in the save.
While I understand that the goal of the game is not to encourage fraudulent behavior, I believe that an improvement in this area could help provide a higher quality product to the community and give you more freedom in managing your save data.
I remain available for any clarifications and extend my warmest regards.
Translated with DeepL.com (free version)