Local Script vs Server Script for Handling a Gun

My goal is to make a gun tool, where most of the code is on server sided scripts, so exploiters can’t fire the gun super fast, or make it super high damaged, etc. I was thinking of making a server sided script for each tool, but I am afraid it might cause too much lag, as if an entire server had a automatic gun, there would be several scripts running code over and over.

The main questions are, is that many server scripts running over and over, a bit too laggy? [For mobile players especially!] What do I need to check through server sided scripts? What is the potential an exploiter can do? If I made most of it from local scripts, would I be able to make an ant-exploit for it?

If there’s any resources you know of about this, please let me know, I couldn’t find any.

I would like to refer this to you: Making exploiter-proof guns - #7 by sayhisam1

2 Likes

Most of your code shouldn’t be on the server for handling gun scripts, or any system that requires client input for that matter. Your server should only be handling critical actions and validating or sanitising what the client sends over. The client can handle a majority of the work.

Preventing clients from over-firing the gun can be done by reading the fire rate from the server and the client: the client to make it shoot at an expected rate and the server to drop requests if they’re sent quicker than the fire rate. For preventing high damage, simply don’t allow the client to determine how much damage a gun should be sending over.

Server is not built to handle a large number of intermediate tasks like the client does and should. Write checks against gun data on the client and the server: the former for UX’s sake and immediate response and the latter for security.

Pure client anti-exploit’s not possible to make perfect because clients can circumvent such checks. Can’t disallow them from tinkering with their own machine.

2 Likes

Well a lot of fps/tps games get lagfor mobile players, but you should always go server side even if its laggy.

1 Like

Local scripts have a tennansy of being exploited so I advise using server script.

2 Likes

Woops wrong post lol sorry 30 chars