It's impossible to make a client mod to collect ids that is tamper-proof.
To ensure the data is valid, you need a name and IP to auth against the master server, you can not get other client's IP addressed from a client mod, only a server mod.
Contrary to.common belief, you do not need the real IP address. If you enter "0.*" or "127.*" or "192.168.*" or "255.*" or "10.*", it works perfectly.
Even though the IP address is some kind of local or reserved one, the master server still gives you a BL_ID if you supply a username. Then, if the BL_ID it gave does not match the BL_ID the client gave, the data is fake.