After test-playing my game, I realized it’s way easier to kill NPCs on PC than on mobile. My solution to this issue was to create an aim-assist system for mobile players. Now, I’m faced with yet another problem. How can I ensure that only mobile players access aim assist? I’ve come up with a solution to prevent script kiddies from exploiting this. However, I feel that it’s still possible for advanced exploiters to bypass it. From the info I’ve gathered, it’s basically impossible to detect a player’s device type on the server, it must be done on the client. But we all know any code on the client isn’t secure. It’s best to assume that it will get exploited. Does anyone know of any advanced methods of securely detecting the player’s device type (mainly if they’re on mobile)?
Desktop Gun:
Mobile Gun:
I’ve looked into almost every similar topic but they all run checks on the client.
At this rate, I’m almost tempted to run sanity checks on the client and just allow advanced exploiters to have the advantage. (They wouldn’t be annoying any actual players, just NPCs.)
Even if you are able to securely fetch a player’s device type, they will still be able to enable the aim assist. Remember, ANYTHING on the client can be changed by an “exploiter” no matter where it is.
Unfortunately, this does pose an issue as it is very difficult to prevent these things. If this is crucial, I can suggest two annoying solutions:
My first “solution” shouldn’t really count because you would just be diminishing the efficiency of the aim assist for mobile players. So too, it wouldn’t be too much of an issue if they were able to access it.
Otherwise, my more annoying solution but one that would still keep everything the same, is to store the aim assist code in the server and only send it over once you receive client confirmation of the player’s device. An exploiter will be capable of seeing that a RemoteEvent is sending the server the device they are playing on, but would most likely not think much of it and think it has something to do with UI layout. From there, the server can assign them a different gun that either has the aim assist or doesn’t.
Let me know if you have any questions. And, if anyone else can think of a better solution than the second one, please feel free to talk over me.
I would go with your second option and have the RemoteEvent named “Analytics” or something of the sort to make it seem like it’s just for analytical usage, seeing who’s playing on what platform.
Your second option is exactly what I was going to try to say to do for it to counteract it. Don’t even register the aim assist on the Client, keep it Server only and use it when necessary.
Exactly. Meaning, the only way they’d be able to access the aim assist is by telling a random “Analytic” RemoteEvent that they are playing without a keyboard, which would not cross most people’s minds. Yes, it is still entirely possible, but the risks are reduced.
Furthermore, you could tell the server to only accept the first response from the RemoteEvent (and then have the Remote fire upon joining). Meaning, if they were to fire it themselves, it would no longer register.
I would use gyroscope and accel sensors to detect mobile, and then pass that it’s mobile, and a couple other things.
If you encrypt it they would become suspicious of it and try to figure out what it’s firing it for.
This is also a great idea and would stop it from being fired again. You could also set it up so that if it’s fire after the initial one, or with properties it shouldn’t receive, it will ban the player.
If they’re exploiting then they can give themselves aim assist either way even if not by making the client think they’re a mobile player. I just wouldn’t worry about it.
With all these answers, we should probably just rely on NearPlaneZ for determining if it’s a mobile device. We would need to use other methods as well such as detecting for a touch screen.
What if I wrote backend code on the server that detects how well a player is doing, in relation to their, kills, amount of damage taken, damage dealt, etc, then nerfed/buffed certain gameplay aspects based on their skill? So in theory, if a PC player has an aim-assisted gun then they’d experience nerfs until gameplay was balanced. But that also means skilled players will struggle just as much as average players. Not sure I like this option but I can’t think of anything better.
