I reverse-engineered the encryption used by @drugwars for fun, here it is. You will need Chrome to follow this guide.
All custom JSON transactions are now a string containing encrypted data. The encrypted data is the same format as before encryption started being used. The data is AES encrypted with a per Steem user key. This key can be obtained by opening the Network tab in Chrome's DevTools in DrugWars, and reloading the page. Find the WebSocket connection (use the WS button at the top), and go to the Messages tab. Go to the fourth message. Click the arrow beside the "1", then "response". You should see this:
The string beside "key" is important, save that as you'll need it. Now for the fun part: combining some JSON and the key to get the encrypted text.
- AES encrypt the JSON of the transaction, using CryptoJS, with the key you just obtained.
.toString()on the output of that
- Remove all double quote characters from that.
- Replace "=" characters with
- Replace all "/" characters with
- Replace all "+" characters with
Side note, it the method used for steps 4-6 was taken directly from a StackOverflow answer.
@drugwars, remember: all client-side encryption is terrible. Since only your server is supposed to be able to read transactions, it would be a lot better for everyone if you just skipped using a blockchain altogether. Just use a database!
Also, remember: DrugWars is centralized, in the state it's in right now.