Search Unity

  1. Full schedule for #UniteBerlin is now available! Featuring talks on our roadmap, hands-on labs and much more! Check it out!
    Dismiss Notice
  2. Unity 2018.1 has arrived! Read about it here
    Dismiss Notice
  3. Scriptable Render Pipeline improvements, Texture Mipmap Streaming, and more! Check out what we have in store for you in the 2018.2 Beta.
    Dismiss Notice
  4. ARCore is out of developer preview! Read about it here.
    Dismiss Notice
  5. Magic Leap’s Lumin SDK Technical Preview for Unity lets you get started creating content for Magic Leap One™. Find more information on our blog!
    Dismiss Notice
  6. Want to see the most recent patch releases? Take a peek at the patch release page.
    Dismiss Notice

P2P and database interactions

Discussion in 'Multiplayer Networking' started by lejean, May 17, 2018.

  1. lejean

    lejean

    Joined:
    Jul 4, 2013
    Posts:
    146
    I'm working on a shooter game which uses PUN so is p2p atm.

    The game will have a database to save the player data like points/gear and what not, but if one of the players is the master client, this mean cheating is possible.

    So if some player gets experience for a kill which gets saved in the database f.e. how exactly do I make it secure so that a player can't just run the database code multiple times to farm XP?
     
  2. Joe-Censored

    Joe-Censored

    Joined:
    Mar 26, 2013
    Posts:
    2,244
    You really can't. The closest you can get is having a central server under your control that handles all assignments of experience and gear, which authenticates any data sent from clients and looks for impossible or unusual behavior.
     
  3. newjerseyrunner

    newjerseyrunner

    Joined:
    Jul 20, 2017
    Posts:
    110
    Authentication and cheat detecting.

    First off, make sure that you can't simply sniff a request out in Fiddler and resend it over and over again. You can use session cookies and timers parameters for this.

    Then server-side you should have your own cheat detection systems. Common checks are for sudden fast movement around a map. If a player is teleporting around, they are most likely cheating. You can also monitor what types of objects they get and make sure that they're not getting end-of-game weapons in the first level by hacking the commands. The best thing to do would be to have your anti-cheating mechanism send you an alert to manually check out what's going on, especially if it's a single player game where someone may be doing something strange but not cheating (like speedrunning.)