[naeem]

Just store it on the server. There was no reason for inventory information to be hosted client-side. If the data was stored on the server and fed real-time you wouldn't have the security issue. What you WOULD have is latency issues, which is the primary issue with Node-based games (from my own experience), so that's probably why they avoided it. In a real game, that's how you'd have to do it.

[troygoode]

The reason it is stored client-side is that it is just a demo app - there is no login, no truly persistent characters (I can't play the character I started at work from home), and no PvP.