Game Development Reference
In-Depth Information
with monetary value, you must be very careful to ensure that your game is fair if
you don't want to end up in court.
The legitimate players aren't the enemy, of course, but the handful of cheaters are.
We lock our doors at night not to protect ourselves from the honest majority of the
population but to protect ourselves from the dishonest minority. You will have to
design your game with the same consideration in mind.
USE A SECURE TELECOMMUNICATIONS PROTOCOL
It takes an extremely dedicated hacker to tamper with the data stream between the
client software and the server, but it takes only one. If the stakes are high enough,
someone will decide the reward is worth the time spent. To foil hackers, your soft-
ware must use a secure telecommunications protocol. Designing such a thing is a
programming problem and is beyond the scope of this topic, but if you're designing
an online game, you should be sure that the telecommunications protocol you use
provides the following features.
■
First, all data should be encrypted to prevent users from understanding it out-
right. Each packet of data should be sent with suitable error-checking and error-
correcting facilities, which will enable the software to detect whether the data has
lost integrity in transmission. Even though Internet communications are far more
reliable than the old modem-based systems were, it's always a good idea to verify
that the arriving data is correct.
■
Second, you might want to consider a
heartbeat
mechanism. In this system, your
client software sends a short packet to your server at regular intervals, even when
the client doesn't need to transmit data, simply to tell the server that the client is
still present. This enables you to detect disconnections. If the nature of the game
allows the client to remain silent indefinitely, the server doesn't know if the client
has disconnected or if the player is just thinking.
■
Each packet should include a unique serial number, to indicate the correct
order of packets and to prevent spurious packets from being inserted by unauthor-
ized means.
DON'T STORE SENSITIVE DATA ON THE PLAYER'S COMPUTER
A game typically contains two kinds of data about a player. Your game needs to
keep settings or preferences about the way the player appears and likes to play, as
well as information that's actually relevant to the game state: the player's position,
score, possessions, and so on. In
Monopoly,
for instance, the player's playing piece
(hat, shoe, car, and so on) belongs in the former category; it doesn't matter to the
state of the game which token the player uses. However, the player's properties,
cash, and position on the board belong in the latter category; changes to those
attributes affect the player's status in the game.
