Is Rust+ Companion Legal? Full EAC and VAC Compatibility Guide

What Rust+ actually is

Rust+ is the official companion service maintained by Facepunch Studios, the developer of Rust. It exposes a small set of server-state data through a public connection so that paired players can monitor their server from outside the game — originally for the official Rust+ mobile app, and (intentionally) extensible to community-built clients.

The official documentation lives at wiki.facepunch.com/rust/rust-companion-server and the API itself is reachable on any Rust server that has Rust+ enabled (the default).

Why it cannot get you banned

EAC (Easy Anti-Cheat) and VAC (Valve Anti-Cheat) detect tampering with the running Rust game process. The classes of behaviour they catch are:

• Memory reads of RustClient.exe (ESP, wallhacks, radar overlays that scrape player coordinates from RAM)
• DLL injection into the game process (aim assist, no-recoil scripts, trigger bots)
• Function hooking at the DirectX / Vulkan / OpenGL layer (visual overlays that draw on top of the game)
• Packet interception on the game's network socket (cheats that intercept or modify wire traffic)
• Modified game files (Assembly-CSharp.dll patches, asset swaps)

Rust+ does none of these. The Rust+ Companion server is a separate process that runs alongside the game server. Clients (mobile app or desktop tools like MapMonster) talk to that companion process, not to RustClient.exe. From EAC's point of view, the player is just running Rust normally — there is nothing abnormal in the game process to detect.

What data Rust+ exposes

Pairing Rust+ to a server (in-game Esc menu → Rust+ button → confirm in mobile app) unlocks access to the following only for the paired player:

• Your team members' live positions and online status
• Death markers for teammates
• Map event markers — cargo ship, patrol helicopter, CH47 chinook, locked crates
• All vending machine listings across the server (item, price, currency)
• State and remote control of Smart Switches / Smart Alarms / Storage Monitors that you own

That is the entire surface. You don't see enemy positions, you don't see loot inside other players' bases, you don't see anyone's resource counts. The data is exactly what Facepunch deliberately made public for the mobile companion experience.

Third-party Rust+ tools — same rules

Community projects like our own MapMonster, the Discord-bot framework rustplusplus, or Atlas for Rust all sit on the same public API. They cannot expose more than Facepunch's server itself sends. If a tool ever advertises "see enemy positions" or "see inside enemy bases", it is either lying or doing something illegal that has nothing to do with the Rust+ API — avoid it.

For our part, MapMonster takes the data the official Rust+ mobile app already shows you and renders it as a desktop overlay so you don't have to keep your phone in hand. Read-only, no game-client interaction, no detection surface.

Has anyone been banned for using Rust+?

We've been involved in the Rust+ ecosystem since 2025 and have never seen a documented case of an EAC or VAC ban caused by Rust+ usage. The Rust subreddit, Steam community forum, and Facepunch support channels are searchable — if such bans were happening, they'd be visible. They aren't, because there's nothing to detect.

The standard Facepunch guidelines for community tooling implicitly endorse the Rust+ ecosystem — Facepunch builds and maintains the companion service themselves, and they would not be propagating an anti-cheat-risk class of software.

What you should still avoid

Just to be explicit, here's the line between "Rust+ ecosystem tool" and "actually a cheat":

If a tool's website doesn't clearly state "read-only, official Rust+ API only" — be skeptical. If it asks you to inject anything into Rust, run it as administrator with elevated permissions, or disable Steam protections, run away.

How to verify a Rust+ tool is safe — yourself

Don't take any website's word for it (including ours). A legitimate Rust+ ecosystem tool passes all four of these checks, and you can run them in two minutes:

1. It never asks to run as administrator. Reading the Rust+ API needs zero elevated permissions. An installer demanding admin rights or wanting to "configure Windows Defender exceptions" is a red flag.
2. No handles into the game process. Open Task Manager → Details while Rust and the tool are both running. A companion tool lives entirely in its own process tree; it has no reason to touch RustClient.exe. (Power users can confirm with Sysinternals Process Explorer's handle search.)
3. It works while Rust is closed. This is the cleanest test: Rust+ API data comes from the server, not your game. MapMonster's map, shops and alerts keep updating with the game fully closed. A tool that only works while the game runs is reading the game, not the API.
4. The publisher states the data source. Look for an explicit "official Rust+ Companion API, read-only, no injection" statement, a published file hash, and a VirusTotal scan — like the ones on our download page.

Where MapMonster fits

MapMonster is a free desktop minimap built strictly on the Rust+ Companion API. The free tier shows the minimap, teammates, death markers, and event alerts. A premium tier ($4.99/month, cancel anytime) adds an automatic shop scanner and the Shop Sniper alert system for vending-machine giveaways. Everything reads via the same API your Rust+ mobile app already uses.

If you want the desktop experience without using your phone, download MapMonster for Windows — 100% legal, 100% safe.