| If you have... | Use... | | --- | --- | | Lua 5.1 bytecode (standard) | LuaDec or unluac | | Lua 5.2, 5.3, 5.4 bytecode | unluac | | LuaJIT bytecode | LuaJIT-decompiler (GitHub) | | Stripped debug info ( -s flag) | unluac + manual fix of var_N names | | Custom game VM (Roblox, etc.) | Game-specific decompiler (e.g., Synapse X’s deobfuscator; not public) | | Only raw bytecode dump (hex) | ChunkSpy to disassemble first |

The decompiler scans backwards through the bytecode to build expressions.

Most games from that era ran on compiled C or Assembly, rigid and unyielding. But he’d found a signature in the header—a tell-tale sequence of bytes. The developers had embedded a Lua scripting engine. It was audacious for the time. Lua was lightweight, fast, and easily updateable. But finding the compiled bytecode was only half the battle. It was mangled, obfuscated, and stripped of its symbols. It was a safe with no key.

Roblox uses a heavily modified version of Lua 5.1 with custom bytecode opcodes (Luau). Generic decompilers fail here.

The decompiler first parses the binary header. Lua bytecode headers contain version information (critical, as Lua 5.1, 5.2, 5.3, and 5.4 have incompatible formats), endianness, and integer sizes. If the binary is stripped of debug information, the decompiler must rely purely on the instruction stream.

Local variables are usually converted directly into register numbers. The decompiler will auto-generate placeholder names like L0_1 , local_v1 , or slot1 . (Global variables, however, preserve their names because they are stored as string lookups in the global environment).

Before running a decompiler, you need to know which version of Lua compiled the file. Open the compiled file in a hex editor. The first few bytes represent the file signature.

Preserving Lexical Scoping When Dynamically Embedding Scripting Languages