How to prevent illegal score transmission with the game score ranking system
One of the ways to enjoy the game is to 'compete for the high score', but because it is a simple rule of simply comparing the size of the numbers, the non-delivery person who updates the high score of the game in an illegal way Also rarely exists. Vittorio Romeo, the creator of the frustrating stick-based rhythm game ' Open Hexagon, ' explains the fraud prevention efforts introduced in Open Hexagon.
vittorio romeo's website
https://vittorioromeo.info/index/blog/oh_secure_leaderboards.html
Open Hexagon is a clone game of the frustrating bar rhythm game ' Super Hexagon ' and is being developed in open source with the full cooperation of Super Hexagon developer Terry Cavanagh.
You can see what kind of game it is actually by watching the following movie. It's a simple yet profound game where you move the cursor around the hexagon and keep avoiding obstacles like walls coming from all directions.
Open Hexagon --Steam Release Trailer --YouTube
Romeo calls 'deterministic gameplay' the gameplay that always reproduces the same play in any environment as long as the input, time, and initial state are the same.
With Open Hexagon, the longer you survive while avoiding obstacles, the higher your score will be and you can even compete with other players by posting your top high scores online. In order to prevent fraud by registering this top high score, Open Hexagon has a mechanism to upload replay data at the same time as the high score.
The replay data is not the data that recorded all of the play, but the input sequence, the seed value for randomly generating obstacles, the level information, and the player name are saved together. This allows you to maintain deterministic gameplay while keeping the file size of your replay data as small as possible.
Then, instead of the player sending the high score directly to the server, Open Hexagon will send the replay file to the server and it will be registered in the ranking. Of course, it is technically possible to create and upload a replay file by yourself, but Romeo says it is a much more difficult and time-consuming act.
Open Hexagon has different difficulty depending on the speed at which obstacles are squeezed. Therefore, using cheat tools to slow down the simulation speed of the game will help you survive and leave higher high scores. Of course, this method is completely fraudulent, but it does leave no trace of fraud on the replay data and is valid.
Romeo thought it was necessary to somehow measure the 'actual length of recorded play' to prevent this fraud. The first idea was to 'collect time stamps from the client's system clock and record them in the replay data', but this method can easily be bypassed by disguising the client's clock.
Therefore, a method was implemented in which the software sends a packet that declares the start of the game to the server at the start of the game, and sends a packet containing replay data to the server when the game ends. This method relies on the server-side system clock, not the client, so you can't fool play time. If a cheat is found on the server side, the player's Steam ID and player account will also be recorded and will be permanently banned from the high score leaderboard.
Still, the countermeasures against fraud were not perfect, Romeo said. Open Hexagon is characterized by its high customizability, which makes it easy to tamper with game files. However, if you change the 'part that directly affects the game' such as changing the pattern of obstacles or slowing down the speed, it will be rejected from the server side.
On the other hand, since the replay data shares only the minimum necessary data, changing the settings of the visual part such as the rotation speed of the background, the background color, and the wall color does not affect the effectiveness of the replay. It is possible to adjust the difficulty level within the range. Romeo said, 'Open Hexagon is designed around gimmicks that depend on visual characteristics rather than gameplay itself,' and being able to change the settings of the visual part creates unfairness. I can say.
The solution to this problem is to make the visual part affect the gameplay. So Romeo modified it to populate the seed value for random number generation, which creates obstacles, with a visual setting.
[code] void HexagonGame :: update (FT ft)
{
// ...
rng.advance (status.pulse);
rng.advance (status.pulse3D);
rng.advance (status.fastSpin);
rng.advance (status.flashEffect);
rng.advance (levelStatus.rotationSpeed);
// ... and more visual effects ...
} [/ code]
If you change the visual settings of the game file, the output result of the random number generator that generates obstacles will also change, so the unfair will be eliminated. Even if you try to tamper with the game file illegally, the result of the random number generator will be different, so the server side can refuse the replay. 'This is more muddy than exchanging checksums and hashes for game files with the server, but it's definitely a more practical way,' said Romeo.
In addition, Open Hexagon has been in the state of 'early access ' for a long time on Steam, but the official version was released on November 2, 2021. The price is 520 yen.
Steam: Open Hexagon
https://store.steampowered.com/app/1358090/Open_Hexagon/
Related Posts:
