"
In this case, there are no "encrypted passwords" for the server to decrypt and validate. The only things that are "deterministic" about the random number seeds are the emergent game simulation results they produce. The only way for the server to "validate" the client's results as legitimate is to reproduce its own simulation of the game session. That time-shifted, open-loop simulation would be subject the same timing discrepancies that a real-time simulation would incur. Such a system would be incapable of producing reliable results.
Yes, the server validates the state hash by performing a simulation of it against the current in-memory snapshot. This would be around 1 second of simulation. It is not going to experience any timing discrepancies because of the short segmented simulations.
Last edited by qwave#5074 on Nov 20, 2013, 2:24:06 AM
|
Posted byqwave#5074on Nov 20, 2013, 2:22:37 AM
|
"
If you don't trust the client and the server has to verify everything the same way that it currently does, how exactly does anything change?
Please read my main post over and over, until you can answer this question yourself.
|
Posted byqwave#5074on Nov 20, 2013, 2:23:07 AM
|
"
qwave wrote:
"
In this case, there are no "encrypted passwords" for the server to decrypt and validate. The only things that are "deterministic" about the random number seeds are the emergent game simulation results they produce. The only way for the server to "validate" the client's results as legitimate is to reproduce its own simulation of the game session. That time-shifted, open-loop simulation would be subject the same timing discrepancies that a real-time simulation would incur. Such a system would be incapable of producing reliable results.
Yes, the server validates the state hash by performing a simulation of it against the current in-memory snapshot. This would be around 1 second of simulation. It is not going to experience any timing discrepancies because of the short segmented simulations.
I too can just make up numbers to support my theories.
|
Posted byTantabobo#6200on Nov 20, 2013, 2:25:16 AM
|
|
Tantabobo: You can put any number you want in there, I just used 1 second because Rhys_GGG used it. Any number is fine really. That's up to GGG, not me, it has no impact on the result.
Last edited by qwave#5074 on Nov 20, 2013, 2:28:15 AM
|
Posted byqwave#5074on Nov 20, 2013, 2:26:54 AM
|
"
qwave wrote:
"
If you don't trust the client and the server has to verify everything the same way that it currently does, how exactly does anything change?
Please read my main post over and over, until you can answer this question yourself.
Your post completely ignores security, get back to us when you address this, because you havnt
|
Posted bydeteego#6606on Nov 20, 2013, 2:28:25 AM
|
"
qwave wrote:
Please read my main post over and over, until you can answer this question yourself.
Even if this concept works. Clearly they are making partying the preferable way to play the game. So why would they spend time and money removing 'fixing' desync for only singleplayer. That would contradict their previous efforts. Meaning solo play would be preferable of playing in a party.
Quoting myself since my post went unnoticed:
"
Wulfenstein wrote:
While not a traditional MMO, and whether they admit it or not, GGG is working on making an MMO influenced game.
I mean just from the top of my head:
Online only
Global chat
Solid player models to make you aware of your positioning in a party
Guilds to get people playing together
Nerf to Auras to make you share auras in your party
No auction house, making people communicate to make trades
Faster leveling while in a party
I'm sure there is much more if I thought about it a bit. Anyways.
"It's a harsh, difficult world. You have to be prepared for it. We're not babying the players."
- Chris Wilson - Producer, Lead Designer @ Grinding Gear Games Last edited by Wulfenstein#1313 on Nov 20, 2013, 2:29:52 AM
|
Posted byWulfenstein#1313on Nov 20, 2013, 2:29:16 AM
|
"
qwave wrote:
"
If you don't trust the client and the server has to verify everything the same way that it currently does, how exactly does anything change?
Please read my main post over and over, until you can answer this question yourself.
Let me help you than, if you don't trust the client. Everything that is sent to you must be verified and corrected as needed. Therefore, if the client said that it moved from x to y via path B, but the server says that is impossible and you are now stuck on obstacle C. The client and server are now out of sync. The client now has to be corrected. Please elaborate on how your system prevents this and how this is not desync.
|
Posted byTantabobo#6200on Nov 20, 2013, 2:29:59 AM
|
"
Your post completely ignores security, get back to us when you address this
I've addressed it 100 times. The PoE server validates the user's input in the exact same way that they currently do. Why is this so difficult for you to understand?
|
Posted byqwave#5074on Nov 20, 2013, 2:30:02 AM
|
"
Let me help you than, if you don't trust the client. Everything that is sent to you must be verified and corrected as needed. Therefore, if the client said that it moved from x to y via path B, but the server says that is impossible and you are now stuck on obstacle C. The client and server are now out of sync. The client now has to be corrected. Please elaborate on how your system prevents this and how this is not desync.
If the server says that is impossible, then yes, the client is desynced. Why is that difficult to understand?
|
Posted byqwave#5074on Nov 20, 2013, 2:31:10 AM
|
"
qwave wrote:
Tantabobo: You can put any number you want in there, I just used 1 second because Rhys_GGG used it. Any number is fine really. That's up to GGG, not me, it has no impact on the result.
You can't simply say that it will have no impact based on your assumptions of how things work. Without testing of some sort you have no idea how long it will take or what it will entail.
|
Posted byTantabobo#6200on Nov 20, 2013, 2:31:22 AM
|
