Jump to content
  • Advertisement
Ahbutfore

Are full state multiplayer games easy to hack?

Recommended Posts

Let's say I write a game in C++ and part of the game tracks the location of every player in memory.

For example some vector of Positions:
struct Position {
  float x;
  float y;
}

I have two questions.

1. My assumption is that people develop hacking tools by observing the game memory and being able to find and reverse-engineer the meaning of the values in memory. Thus, games that hold the full state in memory (as opposed to requiring some server to tell you info only when it's relevant) are significantly easier to hack. Is that correct?
2. If the above is right, could you combat this by basically patching every week shuffling your code around in ways that are logically equivalent, but yield different data structures in memory?
Like, just reorder the fields in your struct to:
struct Position {
  float y;
  float x;
}

Share this post


Link to post
Share on other sites
Advertisement

You have no choice but to have some local model representation of your game in your client's memory. If you follow the client server architecture, the client should only use its data as a way to predict what is going to happen in the future so that it can be updated as fast as possible. As such, both the client and the server run the simulation of the game, but, the final state is decided by the server by broadcasting the lastest game state changes to your clients. Then, your client can either change nothing if its local representation is matching what the server told it, or it can override its data if it 'sailed' too far away from the server's state. That way, whatever changes is donne to your client's memory state doesn't matter because it will always be steered back on the right direction.

Edited by aganm
Typos

Share this post


Link to post
Share on other sites

If the game executes deterministically (let's assume mine is) it seems much simpler to me to keep the full state and only communicate player inputs. The only downside I can think of is the possibility of memory hacking, which is why I was wondering if 2 above was a valid mitigation tactic.

Share this post


Link to post
Share on other sites

Yes, it's easy for cheaters to read any data from your games memory. That's why it's much safer to use a client-server-architecture for multplayer games, process the simulation on the server side and only send data to the client when it's absolutely necesssary and would be shown anyway. You don't want the client to have information about the positions of opponents/npc which are outside the screen or behind walls.

Edited by wintertime

Share this post


Link to post
Share on other sites

1. Yes
2. No

To elaborate a little more, patching might delay the next hacking attempt but eventually a general solution will be found if it's interesting enough. It's also not a workable solution. There's just no other option than to assume all local data is unsafe.

Share this post


Link to post
Share on other sites

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!