Anticheat Without Trampling Digital Sovereignty

Nov. 15, 2020 [technology] [gaming]

Many gamers have been in an uproar recently about an anti-user anti-cheat technique which has been in use for far longer than most of them even realize. That is, anti-cheat which considers its players as such enemies that it must commandeer their Ring 0, kernel level control of their own computers. Mind you, gamers only care about this in the first place because it has bubbled up into the normie-sphere while the vast pool of other tyrannical anti-cheat remain out of sight, out of mind as always.

But let’s focus on something positive for a moment. How can anti-cheat be handled in a responsible way which respects the player’s autonomy? There are some time tested tactics which stand imperfect individually, but can make an effective and trustworthy strategy when rolled together.

The authoritative server model

In multiplayer games, there is almost always a server the players must connect to if they wish to play. The host therefore has the capability and responsibility to run a parrallel game instance against which to check all gamestates. Player A wants to move distance X? Player B wants to modify the HP of entity Y? Run it against a local copy in real-time and either pass along a yay or nay to said request. An unscrupulous player can have made any number of modifications to their game client and if it does not agree with the model being run by the server, it does not much matter.

Granted, there are P2P game network models where the players take turns being the host. There are also timing and latency limitations this can impose on faster paced genres. Concessions in an authoratitive server design need to be made accordingly, and nothing is perfect… on it’s own.

Community run servers and moderation

Community vetting is a model which has worked in the meatspace. Large welfare distribution networks cannot perfectly police against those trying to game the system for freebies, while localised efforts have a better grasp as to whom is applying and what their situation is. Enforcement can only scale so high. Likewise, an online game which has a single monolithic master pool of players will always have non-insignificant number of cheaters falling through the cracks.

When servers can be player hosted, it allows those operators to handle their own checking. Players are more likely to frequent a server and build familiarity with others. While cheating is always possible, it can be identified and more quickly dealt with through conventional means. This does put the onus of trust on server operators, but relatively little stands in the way of unsatisfied players from simply participating on other servers or hosting their own.

Investment in attributes outside the client

Commercial games often take advantage of this in the form of monetary payment to acquire a game copy or player account. But money is by no means the only way. Depending on the game, players can be tasked with building up profiles, public stats, unlockables or in-world projects which in some way represent the time and effort they have put into the game. These must exist network-side rather than locally.

The idea is to increase the cost for those seeking to do harm through throwaway accounts. And those who have little interest in expending effort on the game regardless of this tax will find themselves with only the same tools available to starting players, limiting their reach. Contrarily, those who do invest themselves in curating their global attributes may be less inclined to risk losing everything they’ve achieved.

Minimal client side anticheat

The barrier to cheating can be further raised by client side checking. It does not have to be intrusive. It does not have to take over control of a section of the player’s computer. The goal is not to make cheating infeasible, only to address the low hanging fruit. We want to minimize exploiting of the client as it ships from the game project, as most players will only ever run the official builds. Check against the obvious unlikelyhoods and scenerios which shouldn’t exist under normal circumstances; player moving too fast? player is inside of a no clip region? These can all also be handled by the authoritative server checking, and should, making it an ideal complement.

There are others, I’m sure. These are just the ones that I have seen implemented in games which appear to be effective without having to put the players inside a virtual prison. Most people are good. Most people are not going to try to break your game. Let’s exploit that.