You can write your topic however you want, but you need to answer these questions:
What do you want to achieve? Keep it simple and clear!
I want to create precise hitboxes (Spatial Query) on client and then validate on server.
What is the issue? Include screenshots / videos if possible!
Howerver I don’t know how to validate the hit.
Checking if player is close to the enemy would be easy but when player dashes there is a huge latency problem (For server the character would be 7-8 studs behind).
I know that at least “The strongest battleground” has achieved a good system and there seems to be no big latency (unless ping is high ofc). Not sure but I think they also made that system a little secure.
My default choice would normally be RaycastHitboxV4 but ever since I tried making a game similar to mordhau I noticed alot more inconsistencies with it’s hit detection so I can’t exactly recommend it unless you are ok with occasional ghost hits (unless you use an insane amount of attachments).
You could also try messing around with region3’s which is more “box” like and it makes it pretty easy to get things inside of it’s volume (workspace:GetPartBoundsInBox()), but it’s not as accurate as RaycastHibox; at least whenever it decides to work.
Also afaik region3’s can’t rotate so youll have to do some extra trig to see if that part should really be inside of the volume if it was rotated.
But my problem is about validating the hit on server. Because of latency, when player moves, his position on server is like 2 studs behind and when dashes it’s 8 studs behind. I don’t how to check if player actually hit someone and didn’t lag or exploit
I don’t think that there’s any real way to solve it. I’ve always just had the mindset that it’s alot better to make your validation very lenient, mostly since you don’t want to punish someone for having high ping.
Just check for extreme examples, like if someone hits you from 25+ studs away with a melee attack, cancel it and maybe flag the person if it’s happened alot.
Then you can go on a case by case basis you can figure out who is exploiting and who isn’t.
You could also implement client side “sanity” checks too via obfuscating stuff and making sure that some things aren’t tampered with, but if someone is exploiting on your game and knows what they are doing then it’s just a matter of time before they get around it.
tl;dr Just check for very large distances, remote spam, etc. It’s better to punish very obvious cheaters than some cheaters and some innocent people with bad ping.