When I was talking about controllers and monitors, these would be other players (probably in the same area but not necessarily) not machines exclusively for monitoring.

The bit about using a central server to find trusted or high spec peers is knowing information about a peer such as long term subscription/long time player/high level character/fewer number of times been accused of cheating/etc is more likely to be trusted (since they don''t want to be kicked/banned) than a completely new client you know nothing about or someone who has been accused before.

In that system it wouldn''t matter whether the monitor can be trusted, as long as all the monitors/controllers arn''t working together to cause problems.

Its not absolute but you might be able todo it with fuzzy logic
all P2P clients should run sanity checks on all clients it is connected with. any peer could declare another peer is untrustworthy, if to many clients declare a specific peer as untrustworthy then you know who your cheater is. but cheating is the least of your issues when working with a p2p system, how do you keep all clients in the current time frame. you are running into some interesting things when your client kills your friend but that message doesnt arive at his client untell after he kills you and what of that message? =p. I suppose information storage shouldnt be to hard if you assume that after you log off that many of the clients on when you loged will be logged on when you get back, all clients with which you interacted would save your characters information level/stats/items and when you log on to your character again you would simple pool the network to get a concesious from the network of what your character should be. their are still other problems to be worked out gimme awhile to think um out, feel free to email me at luminus-NO-SPAM-@earthlink.net, (remove -NO-SPAM-) if you take up any suggestions plz sight me as the source in your paper(email me for real name in that case =p)

In my opinion, while P2P cheat-checking using players as the police units may save bandwidth and free up resources for the creators/managers of the game, you end up really bashing the players themselves.

One problem I see is people with bundled connections. Two bundled DSL lines for example. If one goes down and you''ve given this user a number of players to police because of his known connection speed, you would have to send out heartbeats periodically to ensure that every IP address(bundled DSL lines still go out as two different addresses) is able to shoulder it''s policing work.

Also, like was mentioned earlier, you can''t ensure protection using this P2P system because of groups of hacker/cheaters. If you come across a group of 5 people who all hacked their client to allow them to speedhack, even 4 other players coming into their area wouldn''t matter, because those 5 still have the majority vote in the cheat check.

Of course, if you made it known to the players that this system worked this way, you could outnumber any cheaters by just calling in known clean clients, if you were a player, to close out the 5 cheater''s votes. However, and this is where I see problems, what prevents these 5 from logging in 30 minutes later and doing their cheating again? You can''t clean their client up because you have no patching or checking going on(no central server).

You could just ban their accounts if you went that way, but I don''t see many alternatives in this situation. In conclusion and in my opinion, P2P isn''t policable enough to allow for a real MMO game, especially in an RPG setting where cheating can make a massive impact on the play of other players.

quote:

---

Original post by Revelations
Of course, if you made it known to the players that this system worked this way, you could outnumber any cheaters by just calling in known clean clients, if you were a player, to close out the 5 cheater''s votes. However, and this is where I see problems, what prevents these 5 from logging in 30 minutes later and doing their cheating again? You can''t clean their client up because you have no patching or checking going on(no central server).

---

By making the policing duty assignment pseudo-random.

Let the actual peers chosen to verify each player''s actions be determined by voting among players in the vicinity but not in such a fashion that they can easily be spotted by peers in the game. This may sound like it would be a burden on peers as more of them become involved in each action but it also deals with excessive migration of the verification duty, as players move around from the vicinity of one peer to another.

Having the voting/verification decoupled from the player makes for much harder-to-compromise environment.

For instance, let the verification duty be assigned by a common algorithm based on a key generated (by peers) each time the peer joins the game - then there is no way for a group to "band up" to affect any particular outcome.

I think decoupling voting from "geography" is a must.

That makes more sense than the geography based policing system, that might actually work, but as far as an RPG goes, saving data is still the biggest issue, I think. There is no guarantee that if you logged off at say 3 AM, someone else who was online the same time may also be online when you log back in. Any interesting ideas on making this work?

quote:

---

Let the actual peers chosen to verify each player''s actions be determined by voting among players in the vicinity but not in such a fashion that they can easily be spotted by peers in the game

---

Anything you send between peers can and will be spotted by the 16-year old running softice and a packet sniffer.

quote:

---

Having the voting/verification decoupled from the player makes for much harder-to-compromise environment.
...
I think decoupling voting from "geography" is a must.

---

You will quickly exhaust the local players network resources trying to keep his current play area updated as well as the "policed" area. This in turn increases latency for any peer that is dependent upon the internal game functionality provided locally by the aforementioned ''peer''.

We were joking about this the other day. We were talking about putting AI on the client. In order to limit cheating, all decisions would be farmed out to three random clients; if they disagreed, then those players would be flagged as potential cheaters. Flag behavior would have to be monitored to see who was actually cheating. Designating a policeman is not necessary. (Note that this is a hybrid proposal, not a pure P2P system.)

This solves a few of the issues. A single player could not change results meaningful to themselves (local AI decisions are made by players randomly chosen and not local); isolated hackers could not break the system alone; etc.

In related news, we''re hiring for an MMO. =)

You have to consider the efficiency of each PC having to transmit to 10000 other peers when everyone joins in THE epic battle in a small sector. Either that, or peers relay commands through other peers or hubs, which means less connections but more relay lag. And back to the security question: can you trust hubs to relay without cheating?

Seems to me that a massive P2P system would not work well with micromanagement of units. No "fire" buttons. Better to control your units by selecting a current strategy and letting them play it out locally in each machine. Only allow each peer to transmit a strategy update once in a while. If they try to FLOOD their peers with changes in strategy then kick em out!

Either that, or have the game system enforce rules that keeps em all spread out. But then... what''s the point of a massive multiplayer if you can''t mass???

In a short term game, if you have a security breach then maybe you can fix it so that it doesn''t happen next time.

In a persistent game, you have one security breach and the economy is screwed from that point on! Not only do you have to patch the hole but you need to also undo the residual damage without pissing off innocent bystanders who are also your customers. Good luck!

-solo (my site)

quote:

---

Original post by 5010
You have to consider the efficiency of each PC having to transmit to 10000 other peers when everyone joins in THE epic battle in a small sector.

---

What makes this any different than joining the 10000 person battle on a client-server mmo? The (incoming) bandwidth is still the same.

-Luctus

---

Statisticly seen, most things happens to other people.
[Mail]

quote:

---

Original post by Luctus

quote:

---

Original post by 5010
You have to consider the efficiency of each PC having to transmit to 10000 other peers when everyone joins in THE epic battle in a small sector.

---

What makes this any different than joining the 10000 person battle on a client-server mmo? The (incoming) bandwidth is still the same.

---

Yeah, good point and it does seem that way at 1st glance... consider this:

C/S: You send a message to the server. The server can respond with 1 ACK and you are happy. Let the server worry about the 9999 ACKs when it routes to each other PC. Also, if 2 players hit the "frag you" button at the same time, the server can combine them under 1 envelope instead of routing each one separately under separate envelopes.

P2P: You aren''t happy until you''ve gotten back 9999 ACKs and there is no-one to stuff multiple players'' messages in the same envelope.