2

I am researching about Peer-To-Peer network architecture for games. What i have read from multiples sources is that Peer-To-Peer model makes it easy for people to hack. Sending incorrect data about your game character, whether it is your wrong position or the amount of health point you have.

Now I have read that one of the things to make Peer-To-Peer more secure is to put an anti-cheat system into your game, which controls some thing like: how fast has someone moved from spot A to spot B, or controls if someones health points did not change drastically without a reason.

I have also read about Lockstep, which is described as a "handshake" between all the clients in Peer-to-Peer network, where clients promise not to do certain things, for instance "move faster than X or not to be able to jump higher than Y" and then their actions are compared to the rules set in the "handshake". To me this seems like an anti-cheat system.

What I am asking in the end is: What is Lockstep in Peer-To-Peer model, is it an Anti-Cheat system or something else and where should this system be placed in Peer-To-Peer. In every players computer or could it work if it is not in all of the players computer, should this system control the whole game, or only a subset?

Melon
  • 71
  • 1

2 Answers2

2

Lockstep was designed primarily to save on bandwidth (in the days before broadband).

Question: How can you simulate (tens of) thousands of units, distributed across multiple systems, when you have only a vanishingly small amount of bandwidth (14400-28800 baud)?

What you can't do: Send tens of thousands of positions or deltas, every tick, across the network.

What you can do: Send only the inputs that each player makes, for example, "Player A orders this (limited size) group ID=3 of selected units to go to x=12,y=207".

However, the onus of responsibility now falls on each client application (or rather, on developers of P2P client code) to transform those inputs into exactly the same gamestate per every logic tick. Otherwise you get synchronisation errors and simulation failure, since no peer is authoritative. These sync errors can result from a great deal more than just cheaters, i.e. they can arise in many legitimate, non-cheating scenarios (and indeed, when I was a young man in the '90s playing lockstepped games, this was a frequent frustration even over LAN, which should be reliable).

So now you are using only a tiny fraction of the bandwidth. But the meticulous coding required to be certain that clients do not produce desync conditions makes this a lot harder to code than an authoritative server, where non-sane inputs or gamestate can be discarded by the server.

Cheating: It is easy to see things you shouldn't be able to see: every client has all the simulation data available. It is very hard to modify the gamestate without immediately crashing the game.

Engineer
  • 8,529
  • 7
  • 65
  • 105
0

I've accidentally stumbled across this question in google search results, and thought I might as well answer years later. For future generations, you know :)

Lockstep is not an anti-cheat system, it is one of the common p2p network models used to implement online multiplayer in games (most notably in strategy games). The base concept is fairly straightforward:

  1. The game simulation is split into fairly short time frames.
  2. After each frame players collect input commands from that frame and send those commands over the network
  3. Once all the players receive the commands from all the other players, they apply them to their local game simulation during the next time frame.
  4. If simulation is deterministic (as it should be for lockstep to work), after applying the commands all the players will have the same world state. Implementing the determinism right is arguably the hardest part, especially for cross-platform games.

Being a p2p model lockstep is inherently weak to cheaters, since there is no agent in the network that can be fully trusted. As opposed to, for example, server-authoritative network models, where developer can trust a privately-owned server that hosts the game. Lockstep does not offer any special protection against cheaters by itself, but it can certainly be designed to be less (or more) vulnerable to cheating.

Here is an old but still good write-up on lockstep model used in Age of Empires series if anyone needs a concrete example.

Nikita B
  • 3,303
  • 1
  • 23
  • 41
  • 1
    "lockstep is inherently weak to cheaters" - FALSE. Lockstep may not have been designed as an anti-cheat system primarily, but given how sensitive a lockstepped algorithm is to any modification of any gamestate that is hashed and compared to other peers' gamestates, it is one of the most effective anti-cheat systems in existence, as the moment anyone fiddles the data, the game ceases to proceed, making cheating pointless. OTOH, if your goal is to wreck the game for everyone, that's easy to do. – Engineer Aug 18 '22 at 12:26
  • 1
    @Engineer exactly, a single agent with ill intentions can easily screw the game for every other player, unless developers took a lot of precautions to prevent it. Why the agent would want to do it is beside the point. It can be a bored teenager or a bot network from a competitor. Can lockstep be made safe from cheaters? Yes, as any other system, given enough time and resources. But it is not safe "by default", not when compared to what authoritative models have to offer. – Nikita B Sep 05 '22 at 12:13