First off: For clarification, I do not mean an MMORPG lacking a client/server model. I refer to an MMORPG without any corporate servers, e.g. no closed bnet a la Diablo II. I've been doing some research, and I'm trying to find any possible problems with a P2P MMORPG. Bandwidth, cheating, and the cost of hosting are the main concerns. In Diablo II, it is impossible to edit character files on closed Bnet (battle.net) without hacking into Blizzard servers. This also makes it damn near impossible to use really malicious hacks to cheat in the online game. I'm wondering this: Woudln't it be possible to have an RPG with an appropriate level of security using only the consumer's bandwidth and storage? 1.) Wouldn't be possible to develop an encryption system that would encrypt the player's data files so that only the game could access them? E.g, the game uses an algorithm to encrypt save games. Therein, the savegames can only be accessed by the game for use in the game. 2.) Using shared computing, wouldn't it be possible for 8 players, each with 32kb/sec (ADSL) upload be able to process all of the monsters/projectiles/gunk that the game produces? If a game was dealing with 160 objects on the entire system, each object would have 30-40 bytes of space per packet, assuming that 30 packets will be sent per second. Ideally, there would be less objects. However, information about the position, movement, and action of each object could be transferred using only 40 bytes of space. Essentially, it's just a packet header, three vectors for the movement, and a numerical ID for the action. This is oversimplified, yes, but it seems to be workable. Any thoughts? Methinks that it is quite possible for a dev team with no budjet to create something amazing, without using a plethora of servers or paying for copious amounts of bandwidth.

disclaimer: i am relatively new to network programming

Quote:

Original post by Nytehauq First off: For clarification, I do not mean an MMORPG lacking a client/server model. I refer to an MMORPG without any corporate servers, e.g. no closed bnet a la Diablo II.

i think your mis understanding the meaning of peer to peer. peer to peer by definition means there is no client / server model. i think indeed what you are talking about is a peer to peer model, at least in your second point.

Quote:

1.) Wouldn't be possible to develop an encryption system that would encrypt the player's data files so that only the game could access them? E.g, the game uses an algorithm to encrypt save games. Therein, the savegames can only be accessed by the game for use in the game.

nothing is safe. everything can be hacked. a determined person can break ANY encryption.

Quote:

2.) Using shared computing, wouldn't it be possible for 8 players, each with 32kb/sec (ADSL) upload be able to process all of the monsters/projectiles/gunk that the game produces? If a game was dealing with 160 objects on the entire system, each object would have 30-40 bytes of space per packet, assuming that 30 packets will be sent per second. Ideally, there would be less objects. However, information about the position, movement, and action of each object could be transferred using only 40 bytes of space. Essentially, it's just a packet header, three vectors for the movement, and a numerical ID for the action. This is oversimplified, yes, but it seems to be workable.

there are many problems to face when talking about a distributed MMO design. making it peer to peer probably makes it 10x as much difficult. for one thing, you are now dealing with untrusted clients. how do you run a persistant, online world with ALL untrusted clients? it just seems impossible to me. security is the major issue with this.

even if you setup some sort of system, where multiple clients had authority and if they didnt all agree, the person or minority that didnt agree was labeled as the cheater and kicked from the game, this is still hackable. simply get a bunch of your friends and hop online, and have all of you hack your clients at once.

you should try skimming through some of the pages of this forum and also doing a search. this has been talked about a lot not too long ago in several threads.

Quote:

Wouldn't be possible to develop an encryption system that would encrypt the player's data files so that only the game could access them?

No, because the game needs to decrypt the data to use it in memory. There are two things a cheater could do:

1) Reverse engineer the program to figure out how to decrypt the data, and apply the same algorithm in his own program that reads/writes saved files.

2) Attach to the program while it's running, and changing the data in memory.

He could also do:

3) Intercept and modify incoming and outgoing network packets to fool the game into doing things it shouldn't.


Regarding bandwidth, content, distribution, etc: yes, those are all solvable problems. Especially since a typical MMORPG needs a fraction of the amount of data you're suggesting -- although it needs that amount of data per connected client, so it scales poorly to densely populated areas.

However, cheating makes peer-to-peer a really hard nut to crack, because the temptation would be so high for a project that's even moderately successful. You'd have to design a game where there are no incentives for cheating. No money, no experience, everyone has the same weapons, etc -- but then the game wouldn't provide most of the things you've come to expect from a MMORPG.


However, given the art production challenges of a MMORPG, the server bandwidth cost just doesn't play into the equation, and the server farm really isn't the biggest cost for the first six months or so, compared to amortizing the development cost.

Well, I'm just going to be a rogue and disagree with those that say it isn't possible.

I myself can;t remember how, but on gamasutra there was an article that had to do with just this: A distributed gameplay model, and how to trust people. I think it came down to a system of checks between all the instances, so that any client could tell if another was cheating.

Does anyone remember what article it is I'm thinking of?

Perhaps hacking could be incorporated in the game design,
I mean the clients could have some game objects wich would allow
to protect themselves from common hacks.

Imagine a hack wich inform the targetted spaceship that it was destroyed
the targetted player could have an object informing him that x is trying
to overburn its drive, that it was prevented and redirected to x...

Also, these objects could broadcast a message like x has turned over to the darkside...
with darkside hackers against lightside hackers... ;)

Another way would be tiered object controls, every player object is managed by several other people wich cross-validate every commands, would be heavy but would allow some degree of trust

Naturally, anything can be broken.

Let's say you include a system that randomizes encryption keys and algorithms. This system changes they keys and writes them to game critical files. It's not that hard to design a system to stop a user from editing their exe or other game critical files, battle.net has a system that could be reproduced without the need for expensive bandwidth. If you had a system that checked for file integrity to ensure that game exe's weren't hacked, and no programs were illegally modifying data (VAC), the solution would be quite safe. So long as you update the encryption frequently, you shouldn't have a problem. In any case, breaking 128 bit encryption require a key and and algorithm, or a really really powerful set of supercomputers and about six million years of computing time. A static system will always be broken. A dynamic system rebounds.

Critical game data can be essentially hack proofed, the authentication servers for systems like Steam are relatively effective, and authentication doesn't require lots of bandwidth. I'm convinced that it's possible to develop such a low budget system. It may be hard, but it's not impossible.

Also, I've read through various posts about this topic, so I'm not just spouting out newbie cliche's. Well, that's what I mean to say, just without sounding like an a**. No offense meant, just wanted to say that I'm aware that this isn't a novel concept. Input, antagonist or not, is useful.

how about the simple question of "what if no one is playing near me?" that measn lousy pings for that player. You assume that everyone will be evenly distributed and have stable connections and all want to play at the same time. Furthermore you cant expect ppl to pay a monthly fee to host your game. In this age of malware your app could easily be classfied as bad. How will you distribute patches? A single repository will be overwhiled since you seem not to want to foot the bill to run the game, I assume you cant foot hosting a patch server. A P2P patch system would open teh path for much malware to be installed on players' computers.

Since there is no authoritative server, the clients run the game. thus piracy becomes a major problem. sure you can checkin with an authoritative login server, but i fail to see anyway to prevent someone from easily emulating the login server. After all they have the actual game client and server. A login server would be trivial to hack. steam was hacked within days of hl2's release with online play between hacked clients. I have heard that a hack was released that allows pirate copies to play with non pirate copies online. I think they emulated steam, and allowed the hacked copy to think it was authorized.

there are more problems, but that should be enough real world problems without worrying about technical problems in a semi perfect world. of course if you dont plan on charging for the game, things will be different (ie no worries about piracy, just inconsistent data among the clients).

One quick question: how do you plan on ensuring data consistency if there is not enough bandwidth among the clients to ensure that all the clients have an updated world? clients that disconnect will not get world updates and would have to download them while playing. Furthermore if a player goes to a high level area he does not have the most recent status for and the players that do have that status leave, there will be problems. Especially if they rejoin to see an inconsistent world.

An mmorpg with a persistent world is the WORST way to use P2P. Instead look at an approach like phantsy star online where your system only handles a lobby. The actual quests are hosted on one of the players pcs. Quests are meant for 1-4 players (or more if you want, but the more you add the worse it gets). Since the players can choose who to allow to play with them, they can decide who to trust. helps eliminate some of the cheating sine it will mostly be with friends and wont affect players who want to play legit (for the most part, there are always those players who enjoy bothering others).

Using this model in a MMORPG would be bad I think. There'd be too many people who'd like to cheat.

It could work for a MORPG though. What I mean is perhaps 20-50 players, just enough that a normal server-clients network would get trouble. The world could be persistent, but the game would be much smaller and desgined for a smaller group. Perhaps a LAN party, or a group of friends playing over the internet, or a college LAN. The players would pay no monthly fee of course. If they'd have to pay a monthly fee then they'd want better security. Even with a smaller group like this some people might be cheaters, but they'd be easier to spot and the rest of the players could cast a vote (perhaps have a trial) to perm-kill the cheater's character. Eventually the players could refuse the cheater to play any more. This could be done by blocking his ID from the "tracker", blocking his IP from each client or in a lot of different ways.

The game itself would have to have more friendly/neutral NPCs or else the world would be very empty with so few players. There's also the question of what the clients should process themselves in a limited-server model. In a pure P2P everything would have to be handled by the clients of course.

The clients would have to be well made. In the only MMORPG I've played, Anarchy Online, the client uses 100% of my processor all the time. AFAIK My computer is better than even high-end computers when the game was made, or at least one of the best. I don't even get a decent framerate. In this case I couldn't be able to do all the processing in addition to what I'm already doing. It has to be said though, that the game seems to be a slightly improved Quake2 engine with no GPU offloading, but with a lot more geometry than Q2 (plus all the networking). With a more modern engine which utilises the GPU I'd probably get much better performance.

Of course some security would be needed. There'd have to be a central server, if only so the players would know which address to connect to. This could however be just like with Bittorrent, that the server just tracks the users, but don't do anything else. The characters would have to be encrypted, and have a unique key. A perm-killed character (cheater)'s key would be blocked from the game.

Well... I'm all over the place it seems. My main point is that in a MMORPG with 1000s of players you have to have the security of servers, but in a smaller group of people who all know each other, at least to a degree you don't need so much security.

I came up with something like this for a TBS game, but the nature of the game allowed me to cut a simple corner that saved huge efforts. Rather than prevent a player from cheating, it simply allowed the game to verify that no one cheated once the game had finished (by finally exchanging secret data)

You could split various tasks. Run the game itself on a server, but have clients connect to eachother to be able to download new game files (textures, models, maps, datafiles) off eachother, instead of an autoupdate process downloading from a website before starting.