@Alisan I’ve been doing some more reading on the S.A.R.S (Avatar Recovery) Discord server, which is another place where people are discussing this topic in the general channel. From everything I’ve seen, there’s still no public or convenient method to bypass this—unless you use a modified client that disables encryption (which will most likely be paid for), or directly download from VRChat’s API, which isn't easy to learn without knowing someone and bannable.
People so far are not focusing on breaking or reverse engineering the decryption since VRChat is storing unencrypted files and serving them as is. As long as the avatars on VRChats end remain unencrypted then I doubt anyone will put in the effort for bypassing the decryption with such a "easy" method already found. I don't believe we’ll ever get a method as convenient as cache ripping used to be.
