: Using the platform's 3D Dice feature is often recommended, as these visual representations are harder to manipulate through simple packet editing.
GMs can use built-in Roll20 features to verify the integrity of dice rolls and prevent common exploits:
While Roll20 uses a "Quantum Roll" system to generate random numbers server-side, vulnerabilities often stem from how these results are communicated to and from the player's client. roll20-cheat-dice
: GMs should hover their mouse over any suspicious roll in the chat window. This reveals the formula breakdown , showing the actual raw die roll and every modifier applied.
: A non-technical "cheat" involves temporarily inflating ability scores or modifiers on a character sheet before rolling, then quickly reverting them before the Game Master (GM) notices. Known Tools and Scripts : Using the platform's 3D Dice feature is
Several community-developed projects on platforms like GitHub demonstrate these vulnerabilities for educational or illustrative purposes:
: Encouraging players to use official character sheet buttons rather than custom macros makes it easier to verify that standard modifiers are being used. This reveals the formula breakdown , showing the
: Some exploits allow players to "throw away" unfavorable rolls before they are finalized. Since the client reports the final result to the game log, a player can repeatedly roll until a desired number is generated, then only permit that specific packet to reach the server.