Hello!
Currently, I’m developing a new gun system. However, I want to make sure the gun system itself is less exploitable.
Here my flow chart :
Is there an improvement or feedback needed to improve this Server side sanity check?
What some similar systems do is to send the initial position and direction of the projectile to the server. In the server some validations are made and the projectile trajectory is simulated until its impact or end of life. On the client the projectile is also simulated but only for animation and effects. Once the projectile hits something on the server side, the impact is sent to the client for more effects.
1 Like
This system appears not to account for the time since the last shot, so an exploiter or a player with an autoclicker might rapid-fire this weapon.
There is also no point in verifying whether the clicked position is near the player because you don’t need to be an exploiter to click really far away.
This flowchart says that the weapon must be in the Backpack to fire, but actually, a tool is equipped if it’s in the Character.
Other than that, this remote seems not to have anything to exploit in the first place - just the player and clicked position parameter.
You may have to tear down most of this system to support automatic fire.
I also suggest retrieving the current player and character in Equipped and comparing against the variables instead of finding them all over again in the shoot function (in case you do that)
1 Like
I’m currently using FastCast and PartCache. However, I only created those bullet on the server side to be more secure.
I’m currently using task.wait() and debounce system. How would i implement a system where the system take account of the time since the last shot?
Well, that’s a relief
1 Like
Oh good, you do have defense against exploiters rapid-firing your weapon. Nevermind
1 Like
What should I verify to make it less exploitable?
Values like Magazine size, Ammo and Damage are handled on the server and can only be changed in the server.
Is that a good move?
I meant to say that the debounce you have is good enough for preventing that exploit.
Values like Magazine size, Ammo and Damage are handled on the server and can only be changed in the server.
Is that a good move?
Yes, that’s the right way to do it.
1 Like
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.