Search Unity

  1. Improved Prefab workflow (includes Nested Prefabs!), 2D isometric Tilemap and more! Get the 2018.3 Beta now.
    Dismiss Notice
  2. The Unity Pro & Visual Studio Professional Bundle gives you the tools you need to develop faster & collaborate more efficiently. Learn more.
    Dismiss Notice
  3. Let us know a bit about your interests, and if you'd like to become more directly involved. Take our survey!
    Dismiss Notice
  4. Improve your Unity skills with a certified instructor in a private, interactive classroom. Watch the overview now.
    Dismiss Notice
  5. Want to see the most recent patch releases? Take a peek at the patch release page.
    Dismiss Notice

P2P and database interactions

Discussion in 'Connected Games' started by lejean, May 17, 2018.

  1. lejean

    lejean

    Joined:
    Jul 4, 2013
    Posts:
    155
    I'm working on a shooter game which uses PUN so is p2p atm.

    The game will have a database to save the player data like points/gear and what not, but if one of the players is the master client, this mean cheating is possible.

    So if some player gets experience for a kill which gets saved in the database f.e. how exactly do I make it secure so that a player can't just run the database code multiple times to farm XP?
     
  2. Joe-Censored

    Joe-Censored

    Joined:
    Mar 26, 2013
    Posts:
    3,592
    You really can't. The closest you can get is having a central server under your control that handles all assignments of experience and gear, which authenticates any data sent from clients and looks for impossible or unusual behavior.
     
  3. newjerseyrunner

    newjerseyrunner

    Joined:
    Jul 20, 2017
    Posts:
    406
    Authentication and cheat detecting.

    First off, make sure that you can't simply sniff a request out in Fiddler and resend it over and over again. You can use session cookies and timers parameters for this.

    Then server-side you should have your own cheat detection systems. Common checks are for sudden fast movement around a map. If a player is teleporting around, they are most likely cheating. You can also monitor what types of objects they get and make sure that they're not getting end-of-game weapons in the first level by hacking the commands. The best thing to do would be to have your anti-cheating mechanism send you an alert to manually check out what's going on, especially if it's a single player game where someone may be doing something strange but not cheating (like speedrunning.)