The bot is easily bypassed thanks to Discord.

[anna-rmrf]

I got interested in trying the bot so I tried it for a day with friends. 80% of the attempts, it only reacted by the time the server was entirely nuked. And sometimes, it didn't react at all. It can be helpful for normal excessive actions but not actual nukes.

Im not here trying to put the maker and his work down (I like the verification bot by the way) or anything but it actually is not his fault. It's Discord's.

1) Discord's Audit Log has inaccuracy: alot of false positives especially when you request that endpoint a lot in a very short period of time. And also if the server is having A LOT of entries being logged regardless of the action type (a large server for an example or a very active server in general). Discord has a habit of returning false log entries when requested a lot. And sometimes.... none (until after few hours which is not very helpful). 2) There are unfortunately 3 easy ways to break the audit log in a server for at least 3 hours (null entries). Nukers already do it to hide their 'trace' before nuking. This renders the bot pretty much hopeless thanks to Discord.

There are a lot of bypasses that I would like to mention (that are related to the bot), but I won't do that here so that people don't make use of them. I can dm you them via Discord if you want.

One more thing, Discord will sometimes throw an error regarding this line https://github.com/TrueXPixels/discord-guardian/blob/e20b540b044caa452b52a21740020f16743f4c13/structures/Guild.js#L185. Roles should first be filtered.

[Zorotic]

There are ways we can do this differently. Which in theory should work, and that would be to rely on the separate events we get from discord. rather than audit logs.

This would be better for lots of cases as there isn't that awful delay when fetching audit log entries, It would also be super good as we aren't making useless api calls.

[anna-rmrf]

@ZoroSC That is even worse. You don't know who did what relying on events. And there are for sure innocent stuff that can be caught. I can just kick hundred people and all you would get is member guild leave events which are honestly useless because then, you would not know if these people left on their own or were actually kicked. Apply that on every other event.

From what I've heard, Discord is working on it's own system regarding nukes (and the v8 s supposed to eliminate it and it will be a thing very soon). I recommend not bothering much and not putting more time into this.

[Zorotic]

Yeah, I'm not a developer of this bot. But development is going to come to a stop due to this.

[anna-rmrf]

Good work with the verification bot!

[Zorotic]

Thanks!

[anna-rmrf]

You can now delete the integration of a bot without caring about your position. Someone at the very bottom with Manage Server can kick the anti nuke by deleting its integration Told you it was not worth it to waste any more time on this :D