client/server model

No there is not complete security against cheating. When we talk about cheating in the context here it is mainly that the architecture of not trusting the clients is *better* suited to prevent cheating.

What I mean by not trusting the client is that the client sends commands in the form of mouse and keyboard input to the server. It has no way of actually influincing the world except through these commands.

This is as opposed to methods where clients through RPC or other means can directly influence the shared world. (Nothing wrong with that approach, but we chose the authoratative server model because we wanted the tradeoffs it give -- one of them is some protection against cheating).

- peter

 

Those types of cheat you describe are indeed the most common ones I had in mind when I wrote "no complete security"..

We could do some things to help about that: for example, currently the entire world state is sent with no regards to if a client 'should be able to' see things; a notion of occlusion on the server would allow to only send information that a client is supposed to be able to have.

This would be an interesting improvement to make, but also non trivial and could potentially be quite game specific.

-peter