Is this a decent idea for an anti-cheat?

Konjointed · October 28, 2022, 2:13am

I’m not great at making anti-cheats so trying to make something super advanced system to prevent them is a bit of a challenge so instead, I made this flag system that gets used whenever a player fails a sanity check (ex: trying to equip an item that doesn’t exist or they don’t own)

local FLAGS_BEFORE_KICK = 15
local RESET_TIME = 30

local playerFlags = {}
local kickReasons = {
	"Sussy Activity",
	"Suspicious Activity",
	"You did something you weren't supposed to do",
	"I've been watching",
	-- "Play Cross Code on Steam",
	"to lazy to think of something",
	"Might be a false positive sorry :(",
}

local function OnPlayerDisconnect(player : Player)
	playerFlags[player.Name] = nil
end

function SussyBaka:AddFlag(player : Player, reasonForFlag : string)
	local playerSpecificFlags = playerFlags[player.Name]
	
	playerFlags[player.Name] = playerSpecificFlags and playerSpecificFlags + 1 or 1
	
	warn(player,"has been flagged",playerFlags[player.Name],"times")
	warn("Reason:",reasonForFlag)
	
	if playerFlags[player.Name] > FLAGS_BEFORE_KICK then
		if player then
			player:Kick(kickReasons[math.random(1,#kickReasons)])			
		end
	end
	
	coroutine.resume(coroutine.create(function()
		local oldFlags = playerFlags[player.Name]
		task.wait(RESET_TIME)
		if playerFlags[player.Name] == oldFlags then 
			warn(player,"has been good for long enough. Resetting flags.")
			playerFlags[player.Name] = 0 
		end
	end))
end

-- example usage from my combat code
	local distance = math.floor((attacker.HumanoidRootPart.Position - target.HumanoidRootPart.Position).Magnitude)
	if distance > MIN_DISTANCE then 
		SussyBaka:AddFlag(player,"Reach")
		return 
	end

Personally, I don’t think it’s that bad of a system because it does good against normal players and exploiters since an exploiter will probably end up accumulating a lot of flags quickly if they’re rapidly doing something that causes a sanity check to flag them while a normal player may get falsely flagged, but won’t reach the limit for getting kicked so the timer will reset them.

It’s also pretty expandable I could easily have this log to a discord server and save to a datstore and be able to check. I could maybe even have some kind of way to determine the probability of them being an exploiter based on the number of times they get flagged (i.e: someone with 50-60+ is more likely to be an exploiter then someone with 4)

uwuCulturist · October 28, 2022, 2:41am

ping could theoretically cause a false flag, or if an exploiter were to teleport away the moment they get hit.

other than that, it looks fine to me. it should be effective at slowing skids down because the punishment is semi-delayed, just don’t let people exploit for long periods of time before they actually get kicked.

Konjointed · October 28, 2022, 3:10am

After posting this I realized that, however, a potential solution is have 2 different flags. softFlag and hardFlag a soft flag would be given if the player has high ping this flag wouldn’t count towards the kick limit, however, could be used in some other way.

Kyo612 · October 28, 2022, 3:25am

I think the code looks good. I had to try really hard to keep a straight face while scanning over it because of the SussyBaka function