How do you implement client/server raycasting in your project?

Help and Feedback Scripting Support
#1

I know this topic has been done to death but I still have some questions I want answered.
From what I’ve read it seems like the general consensus is to do raycasting on the client and do the damage logic on the server via remote events. It’s at this point where most of the posts I’ve read vaguely talk about adding sanity checks.

One major problem I’ve had with this implementation is that I can just fire the damage remote event on an enemy even if there’s a wall between us. I’m wondering how other games solve this problem.

#2

Hey!
100% there are ppl that can help you better than me, but, I just wanted to ask you to include links to the posts you did read about the client raycasting consensus in your post

#3

All I do is fire a ray on the server then anything that hits that ray gets added to a “canhit” table. Then when the client fires a hitenemy remote I just check if that part is in the table. If it is I damage the enemy otherwise I add a few tags to some anticheat I have in the background

#4

I assume your talking about Client to Server communication, revolving around Ray-casts. I completely agree with your idea that remote events meant to be fired on the client from a Local-Script can also be fired from the Player’s client.

Another problem with this communication is how fast a player’s Internet Speed is, for example in a game called Murder Mystery 2 (aka MM2) someone can kill me from miles away but on my screen I was clearly not close.

After a bit of research I’ve concluded some theories and ideas you could try.

Server Authoritative Actions :stopwatch:

This is where the Server has the final say on what you’ve done. and checks whether or not what you did was fine or not.

Briefly, this basically just prevents cheating, ‘illegal’ movements or actions. This is most likely the simplest option as depending on how fast your internet is, though there is some delay (the higher the ping the longer the delay), but this delay can be annoying - note that its less responsive…

If you’ve ever experienced playing a game and it took 1 second for it process that your pressing the W key, that is somewhat Server Authoritative Movement.

Pros :grin:

  • Prevents Cheating
  • Consistent Gameplay (Everyone sees what the server sees.)
  • Better Control Over Multiplayer Interactions

Cons :sweat_smile:

  • Increased Latency (Lag/Input Delay)
  • Harder to Implement
  • Higher Server Load

So unfortunately, some players will go crazy with this delay and probably leave a few comments on how slow your game is, Fortunately! we have Client-Side Prediction and Server Reconciliation

Client Side Prediction

We can use Client Side Prediction to ‘smoothen’ Server Authoritative Actions and make the game feel more responsive.

Client Side Prediction (Without Server Reconciliation)

“The idea is to let the client temporarily predict the outcome of player actions (like movement) before receiving confirmation from the server. This way, the player sees immediate feedback for their actions, reducing the perception of lag.”

So before our Server Authoritative system takes action, we first apply the action anyway and wait for a response from the our System, If the server recalls the action as illegal it will return the players action; This is called Rubber Banding (Teleporting Back to where you were previously).

This confirmation/authorization is called Server Reconciliation (When the client receives the server’s response, it checks if its prediction matches the server’s authoritative result.) If it doesn’t match it or differs from its result, it will return it to where the Server Thinks you should be from its results.

Client Side Prediction and Reconciliation
Client Side Prediction and Reconciliation738×452 52.2 KB

Once that’s done, the Server’s results are sent to other clients, though this isn’t perfect, but it gets somewhere - this is coming from the Client 2 which sees us phasing we can do much more to fix this. From this point we’ve solved the problem with Lag.

Pros :grin:

  • Responsive Gameplay
  • Smooth User Experience
  • Reduced Latency Impact

Cons :sweat_smile:

  • Reconciliation Jitter (When the client’s prediction is wrong, the game state can “snap” or jitter as the client corrects to the server’s position. This is shown in the diagram above)
  • Complex Implementation
  • Desynchronization Issues (Predicting multiple simultaneous events (e.g., player movement + object interaction) can get tricky, especially in fast-paced games.)

Safety regarding Remote-Events and Remote-Functions :closed_lock_with_key:

This task is much more simpler so I’m just going to link sources to view.

  1. Best way to protect Remote-Events against exploiters? (Devforum Post)
  2. Remote Functions are not Safe (Suphi Kaner)
  3. All Use Cases for Unreliable-Remote-Events (ByteBlox)

Although Roblox themselves have improved their exploit detection systems, so this isn’t much to worry about anymore.

MOST OF THIS POST WAS TO BRING UNDERSTANDING, IF YOUR WILLING TO JUST COPY AND PASTE LARGE PROJECTS/TASKS DONT EXPECT YOUR SELF TO GO FAR

If you feel this is a tedious task at your level, some genius made a System called ChickyNoid by MrChickenRocket, which does this all and more for you.

I hope this had given you an idea on what you could do. Here are some more of the sources I’ve used for my Research, this will give you some deeper understanding, I also suggest you search for more about this.

  1. Client-Side Prediction and Server Reconciliation
  2. What is Client Side Prediction
  3. Multiplayer Networking Challenges
  4. What is “Server Authoritative”
4 Likes
#5

Ultimately, nothing will be more accurate than client-side hitreg on Roblox.
Server-side hitreg solutions natively are never fully accurate, because Roblox doesn’t give us a few networking factors which you usually account for in a server-side hitreg solution. If you want them to be accurate, you have to implement a custom character humanoid system (like the post above mentioned) or use chickynoid. Then, you have to make a lag compensation system, in which the valve articles somewhat cover. I think Roblox’s tick-rate isn’t that high, so it’ll still be innacurate.

#6

Roblox’s FPS template does hitreg nicely. On the client side, and it has some really good and secure sanity checks.

Simple way is this:

Client raycasts, if the raycast detects a hit, fire a remote to the server with not too much data, but enough. Do some sanity checks (check the Roblox FPS template, which is actually very well programmed, for good sanity checks).

Below is my following code. You have to derive your own sanity checks based on your own type of game. I can’t provide them for you since they all types of sanity checks are completely different. For some good FPS game sanity checks, check out Roblox’s FPS template, which uses client-side hitreg.

--client
if hit.Instance then
    remote:FireServer(hit.Instance)
end


--server side
Remote.OnServerEvent:Connect(function(PlayerWhoSent, HitInstance)
    --sanity checks bla bla
    local SanityCheckPassed = SanityCheck(PlayerWhoSent, HitInstance)
    if SanityCheckPassed then
        local PlayerWhoGotHit = DerivePlayerFromHitInstance(HitInstance)
        PlayerWhoGotHit.Character.Humanoid:TakeDamage(???)
    end
end)
#7

In the FPS template, what’s the point of validating timestamp in the validateShot module script?

	-- Validate timestamp
	local now = Workspace:GetServerTimeNow()
	if timestamp > now then
		return false
	end
	if timestamp < now - TIMESTAMP_BUFFER_CONSTANT then
		return false
	end
#8

I think this is something to do with a ping denial system, to deny hits from large ping