I hate when people boil down tech choices to simplistic memes like this. Downvoting on principal.

As mentioned in the other thread, the functionality you desire doesn’t seem like a good fit for a PWA. That’s fine. A PWA isn’t some silver bullet that solves all cases, just like every app doesn’t need a native app either.

The question you should be asking is why do you want to use a PWA over a native app? What is gained here?

If you must run offline and must have premium features managed by the client then, as plainly and simply as can be said, a “bad actor” can exploit that functionality. Is that the end of the world for your app? Presumably the next time that “bad actor” is online, the server could reject any illegitimate data from said “bad actor”. In the case of a game, the user could run HAM while offline and do all sorts of stuff that shouldn’t be allowed in game, but when the state is synced back up with the server you could detect illegitimacies and reject it so it doesn’t impact other users / global leaderboards / etc.

If you’re talking about premium features in an application, such as added functionality, you can again either accept the bad actors or inform your users that while offline they will have reduced functionality.

There’s tons of ways to tackle the problem. The silver bullet you seem to want doesn’t exist though. Either code around it or change your architectural decision based on your business needs.