A handful of issues where the backend API does not verify the validity of requests has been patched. These issues were noticed by @zenka and brought up in the following threads.
- Removing anyone’s algo is allowed
- Stealing algo from any team
- Ability to enter competition with anyone’s algo?
In addition, this patch contains other minor fixes, including an issue where the ‘loser’ is listed as the winner when match data is serialized