Back to Directory Moderator Gating Spec
CrestDuty Specifications
A secure verification gate requiring password authorization for administrative command access. Developed and maintained by AdithyaDev.
Problem
If a moderator or administrator account is compromised (e.g. through credential leaks, session theft, or offline account hijacking on cracked launchers), the malicious actor immediately obtains full access to creative spawns, item drops, and game management commands, presenting a high risk of server griefing.
Architecture
CrestDuty intercepts administrative commands and creative inventory interactions using low-level event listeners. Upon joining, staff members are placed in a locked state. They cannot execute commands, open inventories, move items, or drop loot until they authorize by running /duty <password>.
Technical Highlights
- Initial Credentials Setup: Enforces password and nickname configuration via
/duty seton first use. - Activity Auditing: Isolates logs for commands, creative item spawns, drops, and coordinates during duty sessions.
- Locked State Pipeline: Hooks into movement, interaction, and chat events to deny unauthorized commands.
Results
- Protected Operations: Secures critical administrative features against hijacked staff sessions.
- Unified Event Audit Logs: Clean command logs allow quick investigations of staff activities.