Should I make my platformer movement client sided or server sided?

RockyRosso · April 20, 2022, 1:53pm

I’m currently beginning development on a platformer, and I’m working on features such as a dash, double jump, etc. I’ve been recently thinking if the movement should be server sided or client sided. I was thinking about this because for example, the dash has a cooldown of around 2 seconds, and I’m worried that a player could simply remove the cooldown and then spam the dash in order to get somewhat of a speed boost. I looked through an open source platformer movement by Egomoose and saw that all of the diving, double jumping, etc is client sided.

So, should I take the client sided route, or the server sided route?

StraightScared · April 20, 2022, 1:58pm

All movement should be client sided. The only way someone could spam the dash would be if there was a RemoteEvent to the server (A hacker could spam fire the event), other than that just make a simple cooldown on the Client.

RockyRosso · April 20, 2022, 2:00pm

Couldn’t a hacker just remove the cooldown and then spam the ability?

StraightScared · April 20, 2022, 2:01pm

A hacker can’t edit a script, just have the cooldown in the script

CD = false
if CD = false then
CD = true

wait(2)
CD = false
end

5uphi · April 20, 2022, 2:08pm

the client has network ownership of there character

what this means is the client tells the server where to position the character and the server will blindly listen

a hacker does not care about your dash script a hacker could simple make there own little script that teleports there player to any position and the server will blindly listen

and having your script on the server or client side has no effect for a hacker because they will be using there own scripts not your scripts

so in short just make your dash on the client side

if you want to stop hackers here is a video i made that will help you

RockyRosso · April 20, 2022, 2:13pm

That makes sense. I’ll check out the video for some insight into all of this. Thanks for the help!

Eestlane771 · April 20, 2022, 2:17pm

This!

A remote event is only useful for enabling any effects (particles, trails), because you cannot update them from the client like you can the player’s position.

If you have an anti-hack system checking the player’s position, then it should also inform the anti-hack system that the sudden gain in velocity is, in fact, legit.

If you don’t have any particle effects or antihack or statistics or such, then you might as well completely delete the remote event.

Why fire your dash cooldown remote event when you can just teleport or fly whereever you want?

Open the Toolbox and look for a free model teleport tool that’s just a Tool with a LocalScript in it.
Odds are that it just sets your character’s HumanoidRootPart’s position to your mouse.
That’s all the exploiters have to do. In fact, that’s all you have to do.

Don’t let exploiters be better than you.
Hack yourself before you get hacked

commitblue · April 20, 2022, 2:22pm

no, at both. works for me