Don't do anything shady, and we'll take good care of your code.
Pufus is completely free to use right now. You get access through an invite, which helps us keep the service fast and stable for everyone.
We might introduce paid plans or change what's included in the free tier down the road, but we'll be upfront about it. Using the service means you're okay with the fact that it could evolve over time.
Pufus uses polymorphic encryption and a custom virtual machine to make your scripts as hard to read as possible. In practice, this means anyone trying to decompile your output will face a serious wall.
But here's the honest truth about obfuscation in general: it is never truly unbreakable, and any tool that claims otherwise is lying to you. The reason is simple. No matter how heavily a script is obfuscated, it has to be executed at some point. The moment it runs, the Lua VM processes it in plain form. That means a determined attacker can always hook into the execution environment, dump memory at runtime, or trace the VM step by step until the original logic is exposed. This is not a flaw specific to Pufus. It applies to every obfuscator that has ever existed.
What Pufus does is raise the cost of that attack as high as possible. Static analysis becomes nearly useless. Automated deobfuscators fail. The time and skill required goes way up. For most attackers, it simply won't be worth it. But if someone is skilled enough and patient enough, no obfuscation layer will stop them forever. We accept no liability for any successful reverse engineering of your protected scripts.
We're pretty relaxed, but there are a few hard lines. Don't use Pufus for:
Break these rules and your access gets terminated immediately. We also cooperate with authorities if there's a valid legal reason to do so.
We take the security of our community seriously. As such, the following rules apply to all Pufus accounts:
Violation of these terms will result in permanent suspension of your account.
Your code is yours. Whatever you upload, obfuscate, or build belongs to you. We don't claim any rights over your scripts or projects.
Our engine is ours. The obfuscation system, virtual machine, algorithms, and infrastructure behind Pufus belong to us. You're welcome to use the output we generate. You just can't reverse-engineer or redistribute our tools themselves.
To keep the network healthy and prevent abuse, we collect some technical info like IP addresses and request patterns. This is purely for security: things like catching multi-account abuse or stopping attacks.
We don't sell your data. We don't share it with advertisers. The only time we'd ever hand anything over is if a legitimate legal request came through. By using Pufus, you're agreeing to this kind of monitoring.
We work hard to keep Pufus reliable, but we can't promise it'll always be up, bug-free, or perfect. The service is provided "as-is". If something goes wrong on our end, we're not on the hook for losses, damages, or issues on your third-party accounts.
If your account on Roblox or anywhere else gets flagged or actioned because of how you used the output, that is on you, not us. Use the tool at your own discretion.
We may update these terms occasionally. If something major changes, we'll let you know. Continuing to use Pufus after an update means you're on board with the new terms.
If you ever have questions, feel free to reach out directly. Messages get read.