Transparency and Security about JumpKingPlus

2021-08-03

This is an in-depth blog post about the transparency and security concerns about JumpKingPlus that people could have.
In this post, every possible concern (that could be found by kebb#9498) will be explained and clarified.

Before talking about this, I highly suggest you to join the official Nexile / Jump King Discord server, also to give more proof that this is safe, that can be found by clicking on the following badge.

Who’s behind JumpKingPlus?

My name is Phoenixx19 (or Andrea).
I am the founder and main JumpKingPlus developer, repository and website creator. Also one of the owners of the official JumpKingPlus’ YouTube channel. You can contact me through these following links:

Phoenixx19#0001 on Discord (add me for more inquiries about JumpKingPlus or about me)
@phxx19 on Twitter
Phoenixx19 on Github

Clarifications about JumpKingPlus

The most common question that everyone wants to know on first glance:

Is JumpKingPlus safe to install?

Yes, it is safe to install.

The modded version of the executable file (JumpKing.exe), the dynamic library link (JumpKingPlus.dll) and the JumpKingPlusInstaller (the executable file that is used to install JumpKingPlus) are all open source.

The modded JumpKing.exe file can be accessed using a debugger. My personal choice is dnSpy for its relative simplicity in coding and reading code, but you can use anything that decompiles C#.
The JumpKingPlus.dll source code, which is used together with the modded JumpKing executable, can be found inside the main Github repository.
The JumpKingInstaller has been made recently open source, the code used in the Github repository is still used nowadays on the installer.

The installer was made public and open source because of recently; the goal of making it public recently was to proof that the installer installs only the strict necessary. Made with WixSharp installer library.

Is this a virus, does it have malware?

I can not stress this enough; it is NOT a virus.

JumpKingPlus is open source, has hundreds of downloads, speedrunners use it for its fast reset time along with other features. If you need proof, head back to the FAQ page.

Is this even official?

Not official by Nexile, but approved by Nexile.

There are multiple occasions where official Nexile developers endorsed it or shown interest on it:

Cool mod! https://t.co/cvsia7kYgj
— Nexile (@nexilegames) November 8, 2020

Exciting to see the community devoting many hours into fan made content! Fan made maps even. https://t.co/dj34hSLnlJ
— Nexile (@nexilegames) July 25, 2021

Can workshop maps have viruses?

No.

A map or custom level; to get approved onto the site, needs to go through a Google Forms application on the Workshop section of the site. In a couple days, the creator will get in contact with one of the “JumpKingPlus custom levels team” through Discord about the custom level.

The only type of files that a published map should have inside of the mods folder are:

.xnb (packed MonoGame images or music)
.xml (various settings files)
readable .txt or .xml variants (like .ravset also known as the bird settings)

There is nothing in a custom level that can be used to inject malware or viruses however, every other file is strictly prohibited and the map application will still be rejected.

What dependencies JumpKingPlus has?

¯\_(ツ)_/¯ idk just a discord rpc library