General Discussion - Technical solution to eliminate desync in single-player sessions - Forum

GGG definitely allows suggestions on how to improve their game. Perhaps the only thing that you could request is that this thread is moved in the 'suggestion' section. Roma timezone (Italy)	Posted by HellGauss#6525 on Nov 22, 2013, 6:41:38 PM Quote this Post
The bruised egos and immature attitudes in this thread are hilarious. However, I hope the butthurt doesn't get in the way of the generally good, and important, discussion. If any of this ever actually help GGG with desynch, it will be worth it.	Posted by Baldrick#1126 on Nov 22, 2013, 6:49:30 PM Quote this Post
" MeltingPoint wrote: I'm sorry, but that's just not the case. Precision and accuracy of DateTime It's a simple fact in programming you never use code like: if ticks == 18918391823 then... This is the case because 'ticks' are not incremented by '1' in a given timeslice. The short article is well worth a read, as well as the link to stopwatches. I wasn't as clear as I could be. I was referring to syncing the server 'time wise' to 1000's of clients, not a server making 1000's of RNG rolls. Even with the server broadcasting it's 'time value', the comment I was replying to NEEDS ticks on each computer to align perfectly AND have operations occur on EXACT tick timings in order to perform the task he suggested. It's simply not possible. If you're referring to ticks as in the article, as one ten millionth of a second, then you're right. But tick is a term with multiple meanings. I, perhaps incorrectly, inferred that he did not mean the value in a .NET DateTime but rather a single cycle of game simulation, however long that is (and which can vary from cycle to cycle). The whole time expiring seed thing is poor for the reason you mention and several others. The whole idea of a purely deterministic client is just kind of laughable. You can't do it without introducing other unacceptable downsides. All you can do is keep the two in synch as best you can (which might mean making the client closer to deterministic even if it doesn't actually reach that threshold)	Posted by Makaze2048#2888 on Nov 22, 2013, 6:50:21 PM Quote this Post
If we ever want to implement something like OP is saying, or any other "change" to the current system, and be serious about preventing hacks and security breaches, then the specification has to be somewhat formal. We can't go just throwing speculation and comments around and just assume we solved hacking in PoE or something like that. We'd need a more formal system, and somewhat formally prove it can't be hacked. By this I mean, like following a mathematical proof. You could say for instance: "H1: Client sends timestamp to the server H2: forall(X:timestamp), P(X) OR Q(X) Let X = Timestamp Case 1: P(X) (prove why there can't be no hacks in this case) Case 2: Q(X) (idem) Therefore, There cant be no hacks for H1" Or rather...at least try. There is NO WAY there can be any practical solution that prevents hacking in the way GGG wants it to without trying to get a little formal. If not ideas just fly everywhere, parts of code/ideas will get overlooked, and there will be security breaches everywhere. " MeltingPoint wrote: " Makaze2048 wrote: Ticks are a perfectly fine measurement of time since they are arbitrary and can be made equivalent to whatever real unit of time measurement you choose. I'm sorry, but that's just not the case. Precision and accuracy of DateTime It's a simple fact in programming you never use code like: if ticks == 18918391823 then... This is the case because 'ticks' are not incremented by '1' in a given timeslice. The short article is well worth a read, as well as the link to stopwatches. " Makaze2048 wrote: There is also absolutely no difference between doing it for 1 client and doing it for 1000 clients other than processing power and bandwidth. A given RNG call can use whatever seed it wants and if there are 1000 instances there can just as easily be 1000 seeds. I wasn't as clear as I could be. I was referring to syncing the server 'time wise' to 1000's of clients, not a server making 1000's of RNG rolls. Even with the server broadcasting it's 'time value', the comment I was replying to NEEDS ticks on each computer to align perfectly AND have operations occur on EXACT tick timings in order to perform the task he suggested. It's simply not possible. By that same article, couldn't you make ticks have less precision but more accuracy? I doubt PoE's "ticks" should need microseconds of precision.	Posted by gonzaw#3022 on Nov 22, 2013, 6:51:56 PM Quote this Post
Wow, what a mammoth thread. Qwave, I have to say I'm impressed by your knowledge and passion for this game, the amount of effort you've put in here. Despite I myself being ignorant of programming I get the gist of what you and others are saying. Must be very frustrating dealing with such argumentative people that resort to personal attacks and rudeness and hostility just because you suggested a possible solution. I've noticed the same thing when I propose ideas and debate people on other forums about other subjects, some just want to shoot down other peoples ideas without suggesting their own solutions, without even considering ways it could work. Their negative energy is discouraging, and they are part of the problem. I think what people here are missing is that we've heard very little about what GGG is doing to reduce the scourge of Desynch in this game. There was the manifesto by Chris explaining it, and a few tidbits from Mark and Rhys. We don't know what they've tried, or if they've had much success, or if they are partially on to something and need to do more testing. I suppose they wouldn't want to get our hopes up prematurely just to have to come back and say later "Hey that thing we were working on we told you about, that we thought would reduce the desynch, well it turned out to not work, back to the drawing board, sorry." Would be nice to get an update though. It's been a known problem for a long time, and the reason a lot of people quit the game or won't try Hardcore. If I were GGG, I'd try a small sampling of this proposed solution on some test servers and see what the results were, give it a shot at least. Unless they've got some better idea or have just given up on reducing desynch. "When you have a hammer, everything looks like a nail."	Posted by mjkittredge#5781 on Nov 22, 2013, 7:01:05 PM Quote this Post
Also, any thoughts on this?: Spoiler " gonzaw wrote: " ScrotieMcB wrote: yawn " qwave wrote: But hackers can just modify the timestamp to any value that they want! Therefore the server has to believe whatever the client tells them The server can detect modified timestamps because the timestamp is encrypted using the current deterministic seed random number based on the state of the game. This is called 'signing' the packet. The timestamp and seed is used as a signature. In other words, the server will only be able to read the packet if it can decrypt that packet using the exact deterministic seed that your client had at the time of creation. So basically, if your character attacks a Rhoa and then raises some skeletons, the deterministic seed will be at a specific value at that exact time. Therefore, it is impossible for the client to forge the timestamp, because it uses the deterministic seed to 'sign' the timestamp. The hack also has the seed, and can track uses of it (both alleged and real) to know precisely which number to encrypt with. Let me break this down for you real slow. Starting from before the Path of Exile client even launches, and ending after the client closes, a hack can view any and every network communication the client receives, send any message to the server which it wishes, prevent any outgoing message from the client, or perform essentially any process which the client could (encryption, decryption, iteration). Therefore, no form of encryption can ever secure the client against local (e.g. not man-in-the-middle) hacks. Any keys which the client has, a hack can also have; same with any seed, any counting process, any analysis of data. The ability of a local hack to spoof the client is limitless. In fact, the client can't even prove that it is the client. (Do you really believe that the ability to solve captcha proves you are human?) You say to forget what we know. You say the client can be trusted. Sorry, but no. We can't even trust that what we think is the client, is actually the client. Nothing will ever solve this, ever; even token-based authentication can be spoofed. While you've actually kind of converted me in terms of deterministic simulations, you have not, nor will ever, convince me that trusting the client is a good thing. Because it really, really isn't. Physical control of a system is total control of a system. I am not sure if this could be possible, but I'll give it a try. So, what is this client, you ask? Well, abstractly speaking, I would say it is the pair <program,player> that occurs when the player executes the PoE.exe . But "hacks", have total access to the physical data of PoE, and can simulate any interaction a player can have with the process and code. If a player moves the mouse and clicks the screen, there exists hacks that simulate that mouse move and click. If a player types a key, there are hacks that simulate that key press. In terms of the program, the hacks can get access to the source code, and any configuration file. We can assume that will happen (at least after some time, the hacker has to decrypt files, figure out protocols, etc). Thus, the hacker has access to all the code, knows exactly how everything works in the client, and how the client-server relationship works, at least from the point of view of the client. He can also make tests and know exactly what each client network request/response does to the game. So basically, any hacker can create a new pair <simulated_program,simulated_player>, therefore the hacker can simulate the client, or what the server thinks of the client. Up until this point, I have to agree. The conclusion of this is indeed never trust the client at all, since ANYTHING that the server can consider comes from a client, can come from a simulated one. But this depends on the server recognizing the client as that <program,player> pair. Maybe if we could define it in some other way, this could be averted? There's one example that crosses my mind: runtime environment. The "client" executes in a process in the machine, but does so in a specific runtime environment. This could be native code running normally (is stored in memory, is executed by CPU), or it could be bytecode running in some virtual machine like JVM, etc. Now this could add a new dimension to the previous "definition" of a client. Perhaps, it could be possible to define a runtime environment where PoE runs, so that no "hack" can run in the same environment as this one. Or perhaps, this runtime environment could be defined in a way that the PoE program can be uniquely identified, and the "hacks" are identified in a different manner. Let's say this identification is an "RTE_id" number. Now, we can say that, PoE, running in a specific runtime environment, by a specific player, defines a tuple <RTE_id,program,player>. This new tuple is the one that defines the client. The server knows this tuple identifies the client. Now, can it be simulated by hacks? Well, we know the "program" and "player" parts can be simulated, but because the hacks can't manipulate the runtime environment they are running in, and they are identified by a "RTE_hack_id" number, then any hack will be, at most, identified as a <RTE_hack_id,simulated_program,simulated_player> tuple. The program can be simulated, the player can be simulated, but not the runtime environment authentication. Thus, the client is not simulated, thus with the proper authentication, the server can trust the client. I know this seems too abstract and maybe nonsensical, but that's because it HAS to be vague, without introducing other technical aspects (like network, etc), since that would just complicate things. Basically, define a lower-level entity that acts as the "trust advisor", that can define if the client can be trusted or not. The hacks or hacker won't be able to manipulate this lower-level entity (won't have sufficient OS permissions, etc), so he can't access anything about it, or manipulate it into "simulating" the client. I kind of think this may be impossible...but I'm not an expert on this subject. Could something like this be possible to do? In some operative system, in some computer architectural pattern, in any way? If it can be done in at least one way, that's a start. Obviously if it's something complicated (like maybe creating an OS from scratch just for PoE :P ) it won't be viable at all and GGG obviously won't be able to do it, but at least theoretically it could be done, and with time and effort...who knows? Maybe we could get there. It isn't really a suggestion, but I want to know if it is possible to approach this subject in that way, or if it's inherently impossible or something. If it is, then maybe it could be worth the try?	Posted by gonzaw#3022 on Nov 22, 2013, 7:02:01 PM Quote this Post
" gonzaw wrote: By that same article, couldn't you make ticks have less precision but more accuracy? I doubt PoE's "ticks" should need microseconds of precision. I was referring to a comment only one page back. It has nothing to do with what PoE 'needs'. But to answer your specific question; no. Hardware in PC's (with few exceptions) has no means to accurately measure time. It's why we have atomic clocks, and why most OS's can use online NTP servers to adjust time periodically. But again, my comment was for a specific case, not anything related to PoE's use of time.	Posted by MeltingPoint#1763 on Nov 22, 2013, 7:03:36 PM Quote this Post
I've never had a problem with desync up until I made this cyclone discharger. Let me tell you, now finally experiencing desync myself first hand makes me slam my table in sheer anger and fury. Half the time I'm spinning but on the server side I'm standing in the middle of mobs not doing anything. Id love for GGG to try any possible solution (maybe one in this thread) to fix this. Happy people are brainstorming finally tho. Hope it gets fixed soon!	Posted by twigglypuff#5570 on Nov 22, 2013, 7:04:09 PM Quote this Post
" gonzaw wrote: Also, any thoughts on this?: " gonzaw wrote: The hacks or hacker won't be able to manipulate this lower-level entity (won't have sufficient OS permissions, etc), so he can't access anything about it, or manipulate it into "simulating" the client. This simply doesn't exist in the real world. There are no "OS Permissions" that can exist on the 'hackers' computer that can't be disabled/ignored/manipulated in any number of trivial ways.	Posted by MeltingPoint#1763 on Nov 22, 2013, 7:08:01 PM Quote this Post
" HellGauss wrote: GGG definitely allows suggestions on how to improve their game. Perhaps the only thing that you could request is that this thread is moved in the 'suggestion' section. Of course they "allow it", they allow it to be said, they aren't censoring people who give suggestions But is that an indication they will actually do it? Or that its a good idea? Or that its even feasibly possible? Nope	Posted by deteego#6606 on Nov 22, 2013, 7:10:44 PM Quote this Post