Possible idea how to prevent cheating on multiplayer

[stio89]

Ok so any of you guys who play on multiplayer servers have probably came across cheaters from time to time, The cheaters apparently cheat by making changes to multiplayer saves, So it got me thinking, Would it not be better to have multiplayer saves on the server instead of the players pc.

 

I made a simple text file for what a multiplayer save could look like on the server, The text file was just under 1kb in size, that means 10,000 saves on the server would only be 10mb which is nothing really.

 

What do you guys think, Is it a good way to prevent cheating? could this work?

 

 

Here's a picture of what the text file looked like

[tzaeru]

I suppose the bottom 'issue' here is that PZ wasn't originally designed with multiplayer in mind. Therefore, a lot of the code is based on the premise that there's only a single player. If I'm correct in my assumptions, when multiplayer was implemented, it was basically done in a manner where selected functionality and data was written special synchronization methods for. Done this way, there's no central, authoritative server, but rather each client simply synchronizes their actions and parts of their state to a server which, without much further checking, synchronizes this data to the rest of the clients.

While it'd make sense that saves were stored on the server and clients weren't capable of modifying any game data, but merely sent "I leveled up like this, can you do it given that I've actually enough XP?"-message to the server, it's probably quite a lot of work at this point. I'm sure The Indie Stone is pretty well aware of the short-comings of the multiplayer system, but understandably the obvious fixes are not easy fixes. It's not enough that you merely store the player saves on the server and send them to new clients when they connect; You also need to make sure that clients can't claim they can level-up when they don't have the XP for it, need to make sure that clients can't just send any game world coordinate for their position, need to check if the client really killed the 1000 zombies it claims it killed.. A server authoritative system would work better, but it's hard to change to when the code wasn't designed for it.

(server-authoritative: a multiplayer client-server set-up, where server maintains all the game world and player information and stimulates what would happen based on client input. For example, client says "I move to left" and server sees a chasm, simulates player falling there and tells the client that "You fell into a chasm and died, sorry pal".

 

client-authoritative: a set-up where server doesn't simulate the whole game world, but mostly synchronizes client input with other clients. For example, client says "I'm now in this and this coordinate", server tells other clients of this, then client sends "This is a chasm, I just took damage and died", then server sends other clients this information. With naive client-authoritative systems, cheating is much easier since client can send anything it wants to send. You can make checks on the server and make checks on other clients, but it gets pretty complicated pretty fast and is never going to be fool-proof)

[EnigmaGrey]

Pretty much exactly what tzaeru has said; though checks are being added to the server-side to clean up some of the worse offenders. Along with Steam integration, things should improve markedly on the anti-cheating front.

[Sanctus]

Would it be easy to change your stats using that txt file?

 

Support if I can use this to change my character's hair-do.