Trusting The Client

MakeWebSocketsGreatAgain · 2016-07-21T13:40:42

Hey folks, since my last post here has received great help (specifically by @hplus) -- I figured I'd keep on asking more questions. Warning, this includes a lot of babble, bear with me. Let me explain my current mindset and thoughts so far: I don't have a physics loop on the server. When players skills are used, the only thing I am validating server-side is whether or not the player is in range. I am sending around 20 PPS when a player is moving. The only validation here on the server is to check the difference between the players last and new position. And if that value is higher than XXX, they are speed hacking / changing their intended X, Y values. This way, no physics server loop is needed and the client can handle all collisions. After that validation, the server basically relays the players positioning packets to everyone in a game. Then, I use a lerping method to smooth out the movement. And 20 messages per seconds seems like the minimum needed for smoothness. I could lower this, and use tweens, but ew. What I'm trying to get at, is.. I am relying on the client for a lot of things. Say for example, since physics are not on the server, if a player shoots a fireball and when it reaches a target. this packet is sent to the server. I then check if that player is in range of that monster, and if the skill is NOT on cooldown, it goes through. This would be enough to prevent speed hackers that attack at 1000 times a second, but not enough for pixel perfect collision (physics) on the server. So, a player could just send that packet (opening up Chrome Dev Tools) while they are two screen widths away from the monster and it won't validate on the server because that monster's not in range. The player could also send the packet before the fireball's animation is done and it would be validated as the server has no sense of physics. Is that acceptable / okay? Basically, I'm a nervous wreck and just need some confirmation (or criticism) about my thought process of this. What I am worried about is the 20 PPS the client is sending to the server (when they are moving). Is this even something that other games do? I mean, I know you're supposed to just send the "Player is moving right key" instead of having a TCP stream of data being send from the client.. but man, doing this helps so much! Collision is done for you, no physics loop on the server, lag compensation is so easy to deal with, fixed timestep isn't needed (although, that's because my clientside game framework (Phaser) is weird...But, this all comes with the cost of the extra bandwidth and processing power for those extra messages. And that is why I am scared if nodejs is appropriate for this type of design. So, I'm looking what are your thoughts on my train of thought here. Am I too paranoid? Also, I just thought of an issue about the no physics on the server. Let's say, for example two players are in a game. John and Muffin. Muffin shoots a fireball towards John. Muffin manipulates his client so that fireball packet (that tells the server he hit him with a fireball) doesn't get sent. John see's this fireball coming towards him and it doesn't do anything (not notified by server). And thus, John doesn't get hit.. I'm not sure but John would most likely be happy that he received no damage, but this is not good design and just one flaw I found without a physics loop on the server. But then again, this is only detrimental towards Muffin and not John. And since Muffin is technically manipulating the client, his fireball doesn't hit John and thus, he doesn't do any damage. (Obviously the server still checks for skill cooldown, and player range on the server), but this could end up in some serious "distorted gameplay", but not really harmful gameplay... (as no damage will be done towards John) -- And Muffin, is not necessarily going to be mad because he is trying to "hack", and knows what he is doing. So.. trusting the client has its negatives and positives but for the general small indie game dev, it should be fine?

Networking and Multiplayer Programming

Started by MakeWebSocketsGreatAgain July 21, 2016 12:52 AM

10 comments, last by Kylotan 7 years, 9 months ago

Kylotan

10,510

July 21, 2016 12:04 PM

The Bloom filter idea sounds great, but I'm unsure of how you'd implement it in practice. If you're treating it as a bunch of false positive collisions, what's the client supposed to do in the time while it waits for the server to report that it's not a real collision?

samoth

9,833

July 21, 2016 12:21 PM

The Bloom filter idea sounds great, but I'm unsure of how you'd implement it in practice. If you're treating it as a bunch of false positive collisions, what's the client supposed to do in the time while it waits for the server to report that it's not a real collision?

Does it need to do something? It's perfectly acceptable if it shows "kaboom" when the next tick's server reply comes in (OP says 20 updates per second, so that's not long), is it not? Player will still be standing on the trap then.

Normally, a game has a pattern more or less like this: Client says "I'm moving to XYZ", and starts simulating locally to cover the network latency, and shows the move to the user, assuming the move will be OK. Eventually, the server confirms the move (or well, does not).
In this case, the server's reply might very well be: "Move confirmed. Oh by the way, you stepped on a trap".

In real life, when you step on a land mine, there is a fraction of a second while you're already lifting your foot again before you realize the "click", and then the mine only goes off half a second or so later. That seems to be a "works perfectly OK" method of building land mines. They wouldn't do that if it didn't work. I'd assume nobody will find a similar (indeed much shorter) delay disturbing or even immersion-breaking in a game.

MakeWebSocketsGreatAgain

124

Author

July 21, 2016 12:21 PM

It's certainly possible to get a send-commands-only game working, because in theory it should be no different and any updates in between are redundant. In practice, having regular updates in between slices up your potential timing errors into smaller chunks so that there are fewer surprises, which in turn let you make stronger assumptions about position (and thereby your ability to verify it). The MMOs I've worked on, and some (most?) FPS games, worked this way.

Some game types, eg. many RTSes, require that all clients are synchronized, and this usually requires waiting for a positive response before moving. I think that is what HPlus was referring to (in another thread?) But it's not a universal solution to all games. Most action games allow the client to start moving locally, and send corrections later if necessary.

You say that the game gets unsynced by following this approach, but actually, all games are always unsynced. All you can do is attempt to minimize the amount, and the effect, of the desynchronisation. You can never get around the fact that some packet might take longer to reach one player than it did to reach another, and that's nothing to do with waiting for confirmations or not. In fact, the wait-for-confirmation method usually is the least likely to get out of sync because the server tries to notify everybody of a change at the same time. The approach where you start moving locally is more prone to problems because if the server has a 50ms hiccup then the other players get a 50ms extra delay between that player moving locally on their own machine and that player being seen to move on the other player machines. This is the tradeoff you make for responsiveness.

Whether you need 20 messages per second (don't call them packets, especially if you're using TCP, because the protocol decides what goes in a packet, not you) is down to your game type, bandwidth, etc. It also depends somewhat on how quickly players can change direction and velocity, and on how accurately you're able to extrapolate it on the server for the benefit of other players. For the type of games I write, i.e. not shooters, I would probably try 10Hz, or 5Hz.

I'm learning as we go, so it's great to hear invaluable feedback like this. I apologize for calling them packets, I just get messages and packets mixed up and my brain thinks they are synonymous. :P

My game is something like, let's say.. a Maplestory type movement, except top down view.

I'm feeling uneasy with trusting the client. Without even addressing the paragraph containing fireballs: You make sure that people are not speedhacking by taking a delta. OK, fine.

So that means as long as I do not move faster than running speed, I am allowed to walk over water and over chasms. I am allowed to fly and attack my enemies (who cannot reach me with melee) with missle attacks from above, too, as long as I am not moving faster than X.

Having the client do the physics can be OK, but there certainly needs to be a validation for plausibility, or you need a means of making sure that cheating is not that easy and has an overwhelming chance of being detected.

One example how such an offload can be done would for example be to let the client do the collision checking against traps that the player can step on using a Bloom filter (or a spatial hash with enough collisions). Bloom filters have false positives, so the knowledge the client can extract and use to its advantage is limited. When the client reports "hit something (maybe)", the server checks if really something happened. If a client doesn't report so and so often, or if some explicit verification markers aren't reported, it is cheating.
It's hard for the client to selectively drop only the harmful events because it doesn't know what it is that just gave a "positive" result, might be a true positive or false positive. On the other hand, the server only has to do the heavy lifting once every 20 or 30 (or even fewer) steps, not every step.

Yep, I have a secondary loop that does exactly that, infact, it runs at around 2 times a second or so. It checks if the player has overlapped (or ranged into) a coin, or map entity. This then notifies all players in that game to tween that coin towards that player, etc. I could raise that up to run more times per second, but it feels right locally, although I should get my instance server on a VPS and test the latency offsets. I feel like latency is going to bite my ass again.

Kylotan

10,510

July 21, 2016 01:40 PM

I've clicked the Quote button many times but this forum software is steadfastly refusing to do it, so here's to manual quoting...

Does it need to do something? It's perfectly acceptable if it shows "kaboom" when the next tick's server reply comes in (OP says 20 updates per second, so that's not long), is it not? Player will still be standing on the trap then.

Okay, I guess I misunderstood the initial point. I guess what I'm asking is, how would this differ from the standard method of:
(a) move the player locally (or perform other action)
(b) report to server
(c) server checks if new location (or action, state, whatever) is reasonable
(d) server requests correction if new location is slightly bad, or does something more punitive if it's excessively bad

I can see how the bloom filter can save a round trip in certain ways, but if the server requires that the client checks in with the server sufficiently often, this starts to depend a lot on the nature of the feature being checked, and probably is no better than just doing a server-side check anyway. But maybe I'm missing some nuance here?

Trusting The Client

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

Trusting The Client

This topic is closed to new replies.

Popular Topics

Recommended Tutorials

Reticulating splines