I currently have a module script, with a function which shoots a projectile from point A to point B, which i want to do on the client. But the issue with this is that the raycasting must be done on the client too for the low latency. If i handle raycasting on the client would it be easily exploitable? And if it is would there be any way to combat this?
Any methods would be very helpful, Thanks.
Well of course itās easily exploitable on the client. You could take the hit point of the raycast and run it through the server using sanity checks. For example, storing the origin point and original direction; and when the raycast lands, fire to the server to check that the direction or path is still the same. If the path veers off by a certain amount (which you would check), it was changed on the client; thus, you would ban the player.
This MIGHT work, not an 100% guarantee but you should give it a shot.
That seems like a really good solution, why would might it not work?
Is there any other way to change the origin and direction on the client?
A common technique is to listen for user input, then raycast and play guns sounds instantly on the client to avoid latency. It then tells the server which performs basic sanity checks, which if passed tell all the other clients X shot Y and to play shooting sounds and deal damage for X e.t.c
The downsides of this to simply raycasting on the server is that it is inherently less secure, more complex (could cause desyncs between the server and client - e.g phantom forces āfalseā or āghostā hit markers) and could possibly advantage those with higher latencyās (not too high that they fail sanity checks though)
In the end itās an approach which is not directly better or worse, but an attempt to reduce visible client latency trading off a bit of security.
It might not work because I havenāt tested it lol, but it SHOULD work
In the occasion where the players game would freeze, maybe an unstable internet. The player might keep shooting, which would fire the damage events. How would i combat this? Or am i wrong about how itād fire the events?
If the player temporarily disconnects but keeps clicking, it should still appear they are shooting on their screen, but obviously their messages to the server wont be received.
Since RemoteEvents are considered āreliableā once they regain their connection I presume the client will suddenly tell the server āHey I shot my gunā 50 times instantaneously but as part of your sanity checks the server shouldnāt tell all the clients he shot his gun 50 times, because that is faster then the
guns cooldown (cooldowns should be handled both on the client and on the server as sanity checks no matter what approach you take)
Players can shoot at you without aiming at you.
There are several ways to do this.
The first is to use FireServer().
The second is to add a RemoteEvent to the game, and have the player fire it when shooting.
The third is to add a RemoteFunction to the game, and have the player call it when shooting.
You can then have the server check whether the player was aiming at the opponent.
If so, you can do the damage.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.