>>44084764>>44080577>>44080386>How do you tell apart user generated data vs cartridge generated data?Public/Private key systems can handle it:
Everytime you catch a pokemon in-cartridge, GF's servers would be pinged in order to acquire an official 'signature' for your newly catched mon. This signature would be generated in the server by using the mon's Original Trainer name and info about their evolutionary line, encrypted with GF's private key and sent over to be saved alongside your mon's other data locally.
When joining an online match this signature would be decrypted and the decrypted data (OT and evolutionary line) would be cross checked against your pokemon's data for a match. Legal pokemons would only be those whose data matches their signature, and PKHeX would not be able to generate legal mons as it would have to ask GF's server for an official signature for them (Supposing the cartridge is the only one who is able to ping GF's server for a signature by proving it's a valid client-side application).
This would not prevent cloning of mons who have valid signatures, however, but an easy fix is only allowing pokemons with OT matching yours in online battles.
