Seamless

Im responding to an anonymous account with 3 posts, almost no background, and practically zero useful information added to the discussion. On top of that, the topic title is misleading calling it "Lucera Source Code" gives a completely different impression from what is actually being presented. I didn’t say anything different. Therefore, I have no clue how his process produces the same desirable result. And here you are creating drama. Your topic title clearly says "Lucera Source Code," which is not actually the case, or at least that’s how it looked when I first clicked on it, so I don’t think I was completely off. There’s also no significant information about your process like what difficulties you faced, what tools you used, or anything else meaningful. Yet you still expect others to provide value based on what? I’m not talking about your project itself which, by the way, good job. I’m talking about the topic itself as a source of value for this forum, because right now it doesn’t really offer much in that regard. So regarding the semantics, yes, wording does matter.

You are not working with the original source code. You're working with educated guesses about what the original software might look like, and in the end, that's all you own "guesses". Does it compile? Yes. Is it the same as the original source? No. Your topic title is completely off and misrepresents how software development and reverse engineering actually work.

@Elfo Thanks for your reply. At this point, I’m more interested in your ai workflow rather than the actual implementation. Even if you don’t open source it, it would still be really valuable for research if you could share the technologies you used in each step. Great job Holy cow thats about 15k Webgl ?

First of all, its great to finally have something meaningful to discuss on this forum and good job pushing this community forward, even if its mostly dead. I always wondered why, in the last 15 years, no one has properly documented any of the source code (acis mobius) or at least exposed common functionality through something like a rest api, which is straightforward enough for most people to understand and use. I have some technical questions since im really interested Regarding real time features like maps and enchanting are you using technologies like grpc? And what happens when both a logged in player and panel try to enchant the same item at the same time? Do we run into a race condition how do you handle that ? Regarding fake player system external models calls typically take 1-2 seconds to respond, while an local models might take around 200-300ms. During that time a lot can happen in game. So when the plan becomes stale you override it and wait for the new one meaning the node handles everything in real time and the LLM simply sets the goal asynchronously. Is that the correct understanding ? Regarding the security aspect a lot can go wrong when exposing crucial server logic to the open web (experimental is good). My real concern is the mcp in the panel where a lot can go wrong with bad user input. Wasn't the game client always the limiting factor for l2j?

For the love of God, please turn off debug mode in production. @L2Emerge, I can literally see your environment variables. Before deploying something, spend some time learning how to do it properly instead of blindly letting AI do it for you. **and your code structure. Handle exceptions properly. Either send emails through a queue job so failures are handled properly and silently, or initialize and verify the smtp connection first. If the connection fails and email is part of your registration flow, don’t allow users to register until the mail service is available.

No matter what you are going to use, paid or non-paid or whatever, everything requires personal time investment and a lot of trial and error in many sectors of IT. I have used and seen (clients of mine) L2J Sunrise, Mobius, ACIS, and Lucera. Not even one was close enough to providing a decent outcome without the need for some heavy dev intervention. Even if you provide a decent pack, you will have to think about cheaters, marketing, monitoring, network protection, and the list goes on depending on the problem. Thus, I have no clue why people here debate so much about datapacks because I remember the days when we were playing on private servers with 80% less functionality than the current Lineage 2 emulator state, and it was enough to have fun. Now the leftovers are such a toxic community that I have no idea what drives people to open projects except money. My 2 cents choose whatever will ease your life in terms of development and your life/work/budget balance and dont spent months trying to figure out what datapack is superior over the other. You have more serious things to consider.

You should buy it then I’ll make a discount

This topic is genuinely amazing. So do we end up on l2jorion ?

correct. for example with semantic kernel sdk that exists also for c# and java you can do all sorts of things. even orchestrate an llm to call classes and manipulate objects or even execute database queries. you can literally simulate a real player process on a loop. and yes its costly if you use services like azure. but you can find cheaper alternatives or even free if you brave enough and have time

I suggest logging real player data such as positions, movement, quests, skills used in real time, and general actions and save them in whatever format you like. You need to organize and verify the data. If your data are not enough you can create synthetic data based on your existins real data. later you have 2 options You can fine tune a smaller model (for example, from hugging face). This requires time, money(compute power), and plenty of trial and error, but the benefit is that you can run it locally without relying on external services. Use existing LLMs and instead of training you can store your data in a vector database and let the LLM query it( im not sure if RAG is the right term here). This approach is faster to set up but depends on the model and the output you want to achieve(you will need some research there). Regardless of which approach you take you should expose only safe actions through a service or API. This can be done with MCP(model context protocol) or a custom api ensuring the model (local or external) can only trigger controlled api calls such as movePlayer, castSkill, etc etc, which are already implemented in most sources, but you will need to implement them for your models output and behavior. Doable? Yes by commiting a tone of hours and i dont think java code is the problem here. Is it worth it? If you’re doing it to learn then go for it. But if your goal is to create “real fake player” experience on your server or to sell it later its not worth it. Spend your time elsewhere yes they can

One thing i want to add is disabling root login, creating a new user with sudo privileges, setting up SSH key authentication and completely disabling password logins and also avoid exposure on port 80 completely. it's much better to manage them directly from your local machine using IP whitelisting on database user or firewall-iptables. This way, only trusted IPs have access. Even better ssh tunnel. Good job though.

Dude, seriously , how are you okay with publishing something like this as a public repo? I spent just 30 minutes reviewing your source code and already managed to bypass your API wall on the admin routes. You really need to rethink your server to client logic. What's the point of saving data both to your API and to the user's database? You first fetch the servers from your API and then save them to the database. What’s stopping someone from simply fetching their server data directly from the database and bypassing all the API logic? The client you provide as a public repo should only act as a wrapper around your service API and that's it. The API should handle all the logic, including connecting to the corresponding servers based on authentication key requests and so on. I don't even want to get started on the fact that your codebase is a complete mess...... unused variables everywhere, empty classes, and zero input validation. Anyone can pass whatever payload they want without restrictions. You seriously need to fix these issues before some poor guy who has no idea ends up buying your service. And don’t even start with "I'm still waiting for my server to get hacked" because no one is going to waste time trying to hack something that's not even worth the effort. just by checking this im 90% confident someone can find something. Also, you claim that 250 domains are already using your service? I seriously doubt that. also LOL

Great job! Its exciting to see control panels evolving with better technologies and modern libraries. Id love to see this implemented for other L2J sources beyond acis.

Every once in a while a "messiah" appears to throw garbage on a post in a dead forum, trying to revive something that is already long gone. The problem with this game isn’t corruption, donations, or even bad files. There are good projects with the same concept worth mentioning, but the reality lineage is old. Deal with it and move on. If you have the money, the infrastructure, and the developers, start building something new. In 2025, there are plenty of options, from Unity and Unreal to Godot. If you have ideas, put them into action and create something similar but fresh. After all, recycling trash still leaves you with trash

Happy sales. good to see something for wordpress.