top | item 27871844

(no title)

atanasi | 4 years ago

Server-side solutions don't catch all cheats. They can block actions that are impossible according to the game rules but they cannot prevent clients from disclosing too much information to the player about other players, or automating actions that are technically possible, like using aimbots.

discuss

KronisLV|4 years ago

You can definitely handle some of those situations server side (the key word being "some") with enough engineering effort.

In regards to player positions: check which player locations are occluded and wouldn't be visible through the geometry, then only send the valid ones for each player. Of course, doing this on high tick servers could prove to be computationally intensive.

In regards to aimbots: the clients already send you information about where they're looking so that it can be displayed to other players. Attach some mouse movement metrics and from that you'll sometimes be able to infer the most naive aimbots instantly.

Macha|4 years ago

> In regards to player positions: check which player locations are occluded and wouldn't be visible through the geometry, then only send the valid ones for each player. Of course, doing this on high tick servers could prove to be computationally intensive.

What's your tolerance on this? Too low and players will complain that other players pop into view and kill them in the event of latency. Too high and cheaters still have access to the most valuable cases of information, when there's a chance for one player to get the drop on the other.

What about strategy games which rely on their lockstep simulation for performance? How would an RTS work if it's sending the locations of 100s of units in real time versus just player actions. Do you want to have to implement prediction and deal with warping in such a game?

unknown|4 years ago

[deleted]

tester756|4 years ago

>Attach some mouse movement metrics and from that you'll sometimes be able to infer the most naive aimbots instantly.

see? even you do not believe that this will work

Thaxll|4 years ago

This is what Valorant does and just does not work. People saying "yeah game dev are lazy, why not everything is done server side" this is really a naive view of game dev.

The short version is that you can't have a great experience for online games if you try to create a client as a dumb terminal.

egeozcan|4 years ago

I didn't mean to say they're lazy. I generally dislike the studios but developers there are brillant, usually.

I was thinking that studios were being cheap. Why invest in a proper server infrastructure if you can make clients install abusive software... Maybe I'm wrong but it always looked to me that way.

egeozcan|4 years ago

Don't disclose to the client anything not in their view.

I know this is sometimes impossible and/or too costly to implement but it should be possible to find a compromise that prevents most of the blatant cheaters, eventually.

Also helpers like: In any score event, for randomly selected players, analyze the last actions taken.

You just cannot trust the clients. People will find creative ways of reading the memory of their own hardware, whatever you do.

Deathmax|4 years ago

> Don't disclose to the client anything not in their view.

Either full of edges cases (how do you efficiently compute visibility, and can you prevent models from popping in as a result of latency) or computationally expensive[0]. Valorant, CSGO, League of Legends, Dota 2 are some of the games that I know about that implement server-side occluding to minimise the impact of wallhacks, but eventually a client will still need information like the position of an audio cue such as footsteps that cheats can make use of.

[0]: https://technology.riotgames.com/news/demolishing-wallhacks-...