Hey, so I’m making a combat game with user abilities, and I have it structured right now where pretty much everything is handled in a server script, cooldowns, creating hitboxes, ability info, aim direction, animations/animation events.
I know this is bad practice and I’m starting to feel the repercussions, such as aim direction being on the server’s copy of you and not the client, so if you’re moving your camera around it’s never in the same direction. Or throwing a projectile but the client sees it move faster than it does on the server, so there’s a visual delay.
So I was wondering, how much should the client be trusted to keep gameplay smooth? Should the hitboxes/cooldowns be client sided entirely and the server just confirms them? Would it cause too much delay to invoke the server and ask if an ability is on cooldown/how much damage it should do while using client sided abilities?
Hitboxes & Cooldowns being on the client can easily be exploited so I suggest you add validation on the server if you are going with that. Invokes cause a delay that is very tiny, and it probably wont affect you unless they are spammed too quickly.
The client can only be trusted as long as you validate it on the server (checking whether the player was too far away from a melee attack, etc.)
It’s a good word of advice to keep the game’s visuals (and collisions) on the client, and the server validates things to make sure people aren’t cheating.
The less strain you have on the server, the more effective validation will be.