Dashboard

Changelog

Product updates, security hardening, payment improvements, and Lua VM changes shipped across Sure Lua Obfuscator.

QR Top-Up Payment Flow

Premium checkout now starts with clear bank QR instructions before the user uploads a transfer slip.

PaymentsPlanRDCW
RDCW Slip
verified
Amount299 THB
ReceiverMatched
TierPREMIUM
await fetch("/api/payment/slip")

const formData = new FormData()
formData.append("file", slipImage)
Payments
  • Changed the Premium plan button into a top-up flow that opens a dedicated bank QR modal.
  • Shows the server-configured receiver display name, exact amount, and masked transfer target before slip upload.
  • Moved slip image selection below the QR/account details so users know where to transfer before submitting proof.
Features
  • Added a safe payment configuration response on GET /api/payment/slip for client payment instructions.

Admin Prefix Controls and Oxfmt Tooling

This minor alpha release adds ADMIN-only build prefix customization and standardizes repository formatting with Oxfmt.

AdminFormatterRelease

$ sure build --tier premium

dispatcher: randomized

literals: protected

status: complete

{
  "tabWidth": 2,
  "semi": false,
  "singleQuote": true
}
Features
  • Added an ADMIN-tier prefix field on the obfuscation page for per-build VM identifier customization.
  • The UI obfuscation API now validates and honors custom prefixes only after confirming the user is ADMIN tier.
Tooling
  • Added Oxfmt as a local dev dependency with format and format:check scripts.
  • Configured Oxfmt for 2-space indentation, no semicolons, and single-quoted JavaScript and TypeScript strings.

RDCW Slip Payments and FiveM Runtime Coverage

Premium upgrades now use RDCW slip verification with receiver validation, transaction history, and an upload-first payment flow.

PaymentsAdminFiveMLua 5.4
RDCW Slip
verified
Amount299 THB
ReceiverMatched
TierPREMIUM
const formData = new FormData()
formData.append("file", slipImage)

await fetch("/api/payment/slip", {
  method: "POST",
  body: formData,
})
Payments
  • Replaced the placeholder Beam checkout webhook with authenticated RDCW slip verification.
  • Added JPG/PNG slip image upload from the Premium plan card with multipart verification.
  • Verified receiver display name, account name, proxy type, proxy value, and expected Premium amount from environment settings.
Features
  • Added persistent payment transaction logs for pending, completed, and failed slip attempts.
  • Added an admin Transactions tab with status filtering, search, pagination, and a detail modal.
  • Added FiveM optional chaining normalization so code like test?.hello compiles as (test or {}).hello.
Bug Fixes
  • Fixed Lua long bracket string and escape sequence handling in the bytecode compiler.
  • Expanded the sample runner to handle FiveM resource-style files without requiring a live game runtime.

Premium Obfuscator Hardening

A deeper compiler and VM pass raised Premium resistance with stronger state encoding, runtime guards, and Lua syntax coverage.

VMSecurityCompilerTesting

$ sure build --tier premium

dispatcher: randomized

literals: protected

status: complete

local output = Sure.obfuscate(source, {
  tier = "PREMIUM",
  target = "FiveM",
  vm = "cps-chain",
})
Security
  • Refactored the Lua backend into typed config, compiler, VM generation, random source, and post-processing stages.
  • Premium builds now use salted string-pool decoding, salted numeric constants, unique decoy states, and randomized dispatcher archetypes.
  • Strengthened startup anti-tamper checks with native function snapshots, debug hook detection, and stricter C-source validation.
Features
  • Expanded Lua coverage for recursive locals, table method declarations, floor division, bitwise operators, shifts, and unary bitwise NOT.
  • Added FiveM-friendly bit fallback resolution across bit, bit32, and pure Lua XOR runtimes.
Bug Fixes
  • Replaced silent unsupported compiler fallthroughs with structured Lua syntax diagnostics.
  • Expanded backend tests for premium variance, plaintext literal protection, table loop execution, and unsupported syntax errors.

Security and UI Overhaul

A platform stability release with hashed API keys, soft deletion, audit logging, OAuth expansion, and a full interface refresh.

AuthDashboardAuditAPI

$ sure build --tier premium

dispatcher: randomized

literals: protected

status: complete

Security
  • Implemented SHA256 hashed API key storage and soft-delete support across primary models.
  • Introduced detailed system audit logging for critical user and admin actions.
Features
  • Added code redemption for instant account tier upgrades.
  • Expanded authentication with Google OAuth alongside GitHub.
  • Integrated drag-and-drop file support in the obfuscation interface.
Bug Fixes
  • Resolved atomic usage increment race conditions in MongoDB.
  • Fixed remote pattern configuration for Google profile images.
  • Disabled API caching and added frontend cache-busting for real-time Admin data.

Initial Alpha Release

The first public alpha introduced the CPS-chain virtualization engine, user dashboard, and GitHub OAuth sign-in.

AlphaCPSFiveM

$ sure build --tier premium

dispatcher: randomized

literals: protected

status: complete

Features
  • Initial release of the CPS-chain based virtualization engine.
  • Added a basic user dashboard and GitHub OAuth integration.
  • Shipped the first FiveM FXVM compatibility layer.

Build history stays transparent

Follow release notes here for obfuscator engine changes, payment verification updates, API behavior, and administrative tooling.

Join Discord