What causes a plain-text JSON save that players edit to grant items?

The save is human-readable JSON with no integrity check, so anyone can open it in a text editor, raise quantities, and load the file unchanged.

How do I catch this when it only happens for some players?

Capture it automatically from the player's device with the full stack trace, the device and OS, the build, and a breadcrumb trail of what they did. That turns a vague complaint into a specific, reproducible issue you can fix without owning the hardware it happens on.

How to Fix a Plain-Text JSON Save That Lets Players Edit In Items

Quick answer: Add a keyed HMAC over the serialized payload and refuse to load when it does not match, or validate every loaded value against game rules before applying it.

Your save is a JSON file with fields like inventory and gold that the game trusts verbatim on load. A player opens it, changes a number, and the game accepts it because nothing checks that the contents are unchanged. The fix is to verify integrity and sanity-check values.

How to fix it

1. Sign the payload with HMAC

Compute HMAC-SHA256(payload, secret) over the serialized save and store the tag alongside it. On load, recompute the tag and reject the file if it differs, so any edit invalidates the save.

2. Validate values against rules

Even with a tag, clamp and check loaded values: reject negative gold, item counts above what the game can grant, or unknown item IDs. Treat the save as untrusted input, not as ground truth.

3. Keep the secret out of obvious reach

Do not store the HMAC key as a clear constant next to the save code. Derive it or obfuscate it so casual editing cannot also recompute a valid tag, while accepting that a determined attacker on their own machine can.

Catching the ones you can't reproduce

The hardest version of this to fix is the one you can't reproduce — it only happens on a player's hardware, OS, driver, or save state, under conditions that simply aren't present on your machine. A report that says “it crashed” or “it froze” gives you nothing to act on, so the bug survives release after release while quietly costing you players.

Automatic error capture closes that gap. Each failure arrives with its full stack trace, the device and OS, the build number, and a breadcrumb trail of what the player did right before it broke, so even a failure you have never seen becomes a specific, reproducible issue. Fold identical failures into one signature ranked by how many players each hits, and your worklist sorts itself worst-first instead of arriving as a stream of vague complaints.

This is where a tool like Bugnet earns its place. Its SDK captures every error automatically with the full stack trace plus device, OS, memory, build, and game-state context, folds duplicates into one grouped issue with an occurrence count, and ties each to the build it first appeared on — so you fix the problem that hurts the most players first and confirm it is gone when its signature disappears from the next release.

The bug you can't reproduce isn't gone — it's just invisible until you capture it from the player's device.