One of the big problems is stuff that a server wouldn’t know is happening
A simple example is wallhacks in FPS games, if you can somehow get the client computer to not render walls properly, the player can see where everyone else is in the level.
You don’t need to mess with the game client here if you’re clever about it, you mess with the operating system and graphics drivers so that a signed binary can continue to connect and behaves entirely legitimately from the server’s perspective.
Of course there are mitigations we could come up with for this, but you’re just in a game of cat and mouse. If it was a solved problem, kernel level anti-cheat just wouldn’t be a thing for the most part. Yet it’s what the competitors demand in the top flight competitions, because there isn’t a better way to prevent a whole class of cheating.
To be clear, not defending it and I personally avoid games that use it, but I understand why it exists
You could definitely hide far players, but as soon as a player is near enough they could be seen, particularly when dealing with humans making unpredictable input, that player’s model will need to be placed in the world before either of them are supposed to see each other because the game has no way of knowing what that unpredictable input might be.
You can’t have every permutation of a given player model being obscured by every possible combination of angles of scenery as distinct models in the GPU memory, so something client side will need to do that slicing, so a player’s obscured origin location will need to be known by the client. This could give a player seconds of time to react depending on their opponent’s strategy
A few milliseconds is the only advantage a player needs at the top level of these games to shift the balance in a given contest. And given the prizes for some of these tournaments is multiple millions, there’s definitely the motivation to go to these seemingly extreme lengths
But the server is the authority on player location. It can tell if a player is visible to another because it knows their locations (as well as any obfuscations) at any given instant. It doesn’t need to know what they’re going to do next until it gets that next input from the client.
Obviously calculating this requires more work on the server’s part, but in smaller competitive matches this is totally doable. We’re talking basic wireframe vectors.
EDIT: Yall are really starting to convince me to make a proof of concept for this, because I’m convinced it can be done.
extra information required for graphics stuff, like shadows
The reason your client computer needs to know the opponent’s location when they are still 1m on the other side of the wall, is because, within the next 100ms, you might make a jump+move action which lets you see their shadow or the tip of their weapon.
The shadows and reflections need to be calculated on your system or the server would be doing too much work and if you find the opponent pop up where they clearly were not, 50ms ago (because the server just told you now), you won’t be particularly happy either (I know I won’t).
Right, but as I mentioned unless you have an actual infinite number of variations of every player model (impossible, you can’t store infinite variations in fixed storage), you’re going to need the full player model in GPU memory and something client side will need to do the chopping with knowledge of the players origin coordinates, it’s impossible to determine the shape of and position the chopped shape without sending that information to the client. Streaming graphics data from a server into even a top of the line GPU would be a prohibitive hit to game performance when milliseconds matter.
It’s not processing power that’s the problem, it’s the speed of light
I think you’re overthinking it. You don’t need to render every skin. You just need a box that’s the maximum bounds for that player model. Again, we’re talking really low poly wireframes.
These bounds are standardized across every client, so the server already knows this information.
So, especially with a standard box, the client would receive the coordinates of obscured player models for the centre of that box.
If 99% of a player is obscured, a player with a wall hack would get information a non-cheating player would not, with basically no processing or mapping needed to turn that into useful information.
Edit: FWIW I’ve had this exact conversation but where I was in your shoes talking to people who work in this industry, if it could be done it would be done
It needs to be kernel level (on any OS with remotely modern security design) because a userspace application (quite rightly) would not have the ability to monitor all hardware at a low level and probe semi-arbitrary memory locations. It’s the same reason enterprise security software often has a kernel module of some kind.
That’s the level that is necessary to protect the integrity of top flight eSports. It’s worth highlighting the anti-cheat bundled with retail games it’s often a less severe version of what I’m talking about, the competitions where you can ultimately win money almost always use an additional heavier invasive anticheat than is typical for a casual player.
The companies proving those third party anticheat systems would risk losing their business and reputation if a cheater was able to evade it in any competition scenario. The reason you see cheaters in public servers, is regular users (also quite rightly) wouldn’t put up with the super invasive versions of these systems that provide the strongest guarantee, so you’re seeing the effects of that compromise.
One of the big problems is stuff that a server wouldn’t know is happening
A simple example is wallhacks in FPS games, if you can somehow get the client computer to not render walls properly, the player can see where everyone else is in the level.
You don’t need to mess with the game client here if you’re clever about it, you mess with the operating system and graphics drivers so that a signed binary can continue to connect and behaves entirely legitimately from the server’s perspective.
Of course there are mitigations we could come up with for this, but you’re just in a game of cat and mouse. If it was a solved problem, kernel level anti-cheat just wouldn’t be a thing for the most part. Yet it’s what the competitors demand in the top flight competitions, because there isn’t a better way to prevent a whole class of cheating.
To be clear, not defending it and I personally avoid games that use it, but I understand why it exists
This is definitely solvable, though. The server can only send the client location updates of players they should be able to see.
If someone tried to wall hack, they’d only see the last known location before line of sight was broken.
Giving the client that data at all is like playing Battleship side-by-side and telling the player not to look at the other board.
This is what I mean by mitigations
You could definitely hide far players, but as soon as a player is near enough they could be seen, particularly when dealing with humans making unpredictable input, that player’s model will need to be placed in the world before either of them are supposed to see each other because the game has no way of knowing what that unpredictable input might be.
You can’t have every permutation of a given player model being obscured by every possible combination of angles of scenery as distinct models in the GPU memory, so something client side will need to do that slicing, so a player’s obscured origin location will need to be known by the client. This could give a player seconds of time to react depending on their opponent’s strategy
A few milliseconds is the only advantage a player needs at the top level of these games to shift the balance in a given contest. And given the prizes for some of these tournaments is multiple millions, there’s definitely the motivation to go to these seemingly extreme lengths
But the server is the authority on player location. It can tell if a player is visible to another because it knows their locations (as well as any obfuscations) at any given instant. It doesn’t need to know what they’re going to do next until it gets that next input from the client.
Obviously calculating this requires more work on the server’s part, but in smaller competitive matches this is totally doable. We’re talking basic wireframe vectors.
EDIT: Yall are really starting to convince me to make a proof of concept for this, because I’m convinced it can be done.
You seem to not be taking into consideration:
The reason your client computer needs to know the opponent’s location when they are still 1m on the other side of the wall, is because, within the next 100ms, you might make a jump+move action which lets you see their shadow or the tip of their weapon.
The shadows and reflections need to be calculated on your system or the server would be doing too much work and if you find the opponent pop up where they clearly were not, 50ms ago (because the server just told you now), you won’t be particularly happy either (I know I won’t).
Right, but as I mentioned unless you have an actual infinite number of variations of every player model (impossible, you can’t store infinite variations in fixed storage), you’re going to need the full player model in GPU memory and something client side will need to do the chopping with knowledge of the players origin coordinates, it’s impossible to determine the shape of and position the chopped shape without sending that information to the client. Streaming graphics data from a server into even a top of the line GPU would be a prohibitive hit to game performance when milliseconds matter.
It’s not processing power that’s the problem, it’s the speed of light
I think you’re overthinking it. You don’t need to render every skin. You just need a box that’s the maximum bounds for that player model. Again, we’re talking really low poly wireframes.
These bounds are standardized across every client, so the server already knows this information.
Games already do this with hurt boxes.
Ah that’s even more straightforward then
So, especially with a standard box, the client would receive the coordinates of obscured player models for the centre of that box.
If 99% of a player is obscured, a player with a wall hack would get information a non-cheating player would not, with basically no processing or mapping needed to turn that into useful information.
Edit: FWIW I’ve had this exact conversation but where I was in your shoes talking to people who work in this industry, if it could be done it would be done
I thought kernel-level is needed more because windows has such architecture that you basically need kernel level access to ensure stuff is correct.
As for it being a solved problem, even games with it enabled have cheaters, so I don’t think it’s solved either way.
It needs to be kernel level (on any OS with remotely modern security design) because a userspace application (quite rightly) would not have the ability to monitor all hardware at a low level and probe semi-arbitrary memory locations. It’s the same reason enterprise security software often has a kernel module of some kind.
That’s the level that is necessary to protect the integrity of top flight eSports. It’s worth highlighting the anti-cheat bundled with retail games it’s often a less severe version of what I’m talking about, the competitions where you can ultimately win money almost always use an additional heavier invasive anticheat than is typical for a casual player.
The companies proving those third party anticheat systems would risk losing their business and reputation if a cheater was able to evade it in any competition scenario. The reason you see cheaters in public servers, is regular users (also quite rightly) wouldn’t put up with the super invasive versions of these systems that provide the strongest guarantee, so you’re seeing the effects of that compromise.