Yes, you forgot that it is possible to override the toString method of build-in objects. After the cheater changed Reflect.set to their own implementation, they just need to enter the following in the javascript console of their web browsers to break your cheat detection system:

Reflect.set.toString = function() { return "function set() { [native code] }" }

Alternatively, they could set a break-point before const myData and replace setTrap with a different function. Which might actually be really handy as an entry point for their own cheating functionality.

Sorry, but a browser-based anti cheat system is not going to work. The debugging tools of modern web browsers are just too powerful and the JavaScript language just allows too much runtime trickery.

Yes, your strategy for detecting manipulation of the runtime forgets that it is also possible to override the toString method of any function. After the cheater changed Reflect.set to their own implementation, they just need to enter the following in the javascript console of their web browsers to break your cheat detection system:

Reflect.set.toString = function() { return "function set() { [native code] }" }

Alternatively, they could set a break-point before const myData and replace setTrap with a different function. Which might ironically be really handy as an entry point for their own cheating functionality.

Sorry, but a browser-based anti cheat system is not going to work. The debugging tools of modern web browsers are just too powerful and the JavaScript language just allows too much runtime trickery.

Yes, you forgot that it is possible to override the toString method of build-in objects. When after the cheater changed Reflect.set to their own implementation, they just needs to enter the following in the javascript console of their web browsers to break your cheat detection system:

Reflect.set.toString = function() { return "function set() { [native code] }" }

Alternatively, they could set a break-point before const myData and replace setTrap with a different function.

Sorry, but a browser-based anti cheat system is not going to work. The debugging tools of modern web browsers are just too powerful and the JavaScript language just allows too much runtime trickery.

Yes, you forgot that it is possible to override the toString method of build-in objects. After the cheater changed Reflect.set to their own implementation, they just need to enter the following in the javascript console of their web browsers to break your cheat detection system:

Reflect.set.toString = function() { return "function set() { [native code] }" }

Alternatively, they could set a break-point before const myData and replace setTrap with a different function. Which might actually be really handy as an entry point for their own cheating functionality.

Sorry, but a browser-based anti cheat system is not going to work. The debugging tools of modern web browsers are just too powerful and the JavaScript language just allows too much runtime trickery.