VALIS ensures the client is launched *only* from the official, unmodified KohaClient Launcher. It creates a cryptographic handshake using a dynamic, single-use token, making unauthorized client execution or tampering at launch impossible.An overview of the proprietary, multi-layered framework that protects your data and ensures client integrity.
Ensuring every session starts from a verified, trusted source.
VALIS ensures the client is launched *only* from the official, unmodified KohaClient Launcher. It creates a cryptographic handshake using a dynamic, single-use token, making unauthorized client execution or tampering at launch impossible.VALIS. Upon starting, the game client must present the valid token provided by the launcher. RIV verifies this token's authenticity, confirming the client is running in the secure, intended environment.Protecting all data that travels between your client and our servers.
SRG manages the primary, persistent WebSocket connection to KohaClient's backend services. It uses end-to-end encryption for all real-time data, including your cosmetic loadout, friend status, and party information, securing it from eavesdropping or manipulation.SRG tunnel. EVAS is optimized for latency-sensitive data, providing end-to-end encryption for all in-game voice chat. It also manages the secure streaming of dynamic assets (like capes) to prevent them from being intercepted or spoofed.DSPI acts as an integrated, behavior-based firewall for all game-related network traffic. It actively monitors data packets for anomalies, identifying and neutralizing malformed packets designed to exploit client-side vulnerabilities before they can be processed.Actively defending against real-time threats, cheats, and modification.
ASV constantly validates the memory integrity of all active client modules. If it detects an unauthorized modification or injection (e.g., from a cheat engine) that bypassed launch checks, it immediately triggers a session invalidation to protect you.OMI makes reverse-engineering the client and developing compatible cheats exponentially more difficult.UCIS securely validates all user settings and keybind files upon loading. It checks configurations against a strict, known-good schema, preventing malicious code execution or exploits that could be hidden within a malformed config file.Verifying that all loaded assets (cosmetics, textures) are official and safe.
DAA protocol protects you from asset-based exploits. Every cosmetic, cape, or custom texture loaded by the client must pass a digital signature check. This guarantees that you are only seeing and loading official, unmodified assets, rendering third-party texture hacks ineffective.TRIP secures the entire client rendering pipeline. It ensures that all UI components and fonts are loaded from the client's verified internal manifest. This protocol neutralizes UI-based threats, such as invisible buttons or credential-stealing overlays.Securing your social interactions and third-party connections.
SPHE protocol governs all social graph interactions. It encrypts all friend requests, party invites, and status updates within our SRG tunnel, preventing unauthorized users from spying on your social activity or sending spoofed invitations.TCA secures the client's command system. Instead of granting broad permissions, this protocol issues a short-lived, single-use authorization token for *each* command you execute. This prevents any possibility of permission escalation.C-API signs every outgoing request with a short-lived session certificate, proving that the request is originating from a valid, VALIS-authenticated client and not an impersonator.EXIS sandbox. This protocol operates the integration in a low-privilege container, strictly preventing it from reading client memory or interfering with core game processes.CELA is a high-frequency protocol that monitors the client's main event-processing loop. It provides constant "attestation" (proof) that the event bus has not been hijacked by unauthorized listeners, ensuring all your inputs and client actions are processed securely and as intended.