Hey there, so in my current game, there’s a lot of states for the players (Attacking, Dodging, etc…). Now these states are only controlled on the client as it also acts as a debounce, so if I moved it to the server, the player would take a considerable time before commencing the action.
The states are handled by a StateController
module, which is code-based. States will be tracked by an attribute, but the actual value is in the controller itself
(The module is irrelevant in this post)
Now my current approach works as fine as it is, but I’m afraid the exploiters can just change the states by hand, leading to deadly attacks.
Currently, the server can read the states of the client through Attributes. This also includes altering the client’s states by changing the changeState
attribute, but since it is client-based, the client will handle the change, which makes it even more susceptible to exploits.
My question is that is it possible to do sanity checks for the player states on the server ?. Now I can indeed make a copy of the StateController
for the server and authorize changes and read the states from there, but cant the exploiters just delete the remote call in the client and modify the debounces from there ?
Note: I don’t think I can handle the client’s states on the server altogether for the sake of performance.
Edit: Need desperate help on this one…