Sign In Register

How can we help you today?

Start a new topic
Answered

Best Practices for Saving Game Data & Cheat Prevention?

Hey all!


So let's say I have three variables in my game: Gold, Energy, and Diamonds.


In order to prevent cheating when I want to manipulate these numbers do I have to constantly call an event on GameSparks to retrieve these numbers? 


Or is there a safe way to call them once, store them in a local variable on the client, and then upload new values when I want them to be saved? I'm assuming the answer is no but I'm worried that players will be calling to the game server too often and slowing the game down. Or maybe calling often isn't that bad? I don't know!



Best Answer

Hey Sean,


I'm still discovering GameSparks and I can't give a good answer to your question but I can give you a general idea.

Uploading sensitive information from player is generally a bad idea.There is a concept called "server authoritative" to prevent cheats and state mismatches.


Principle of this idea is making players' computers basic terminals for inputs.Let me adapt your question to this idea.


Player has gold currency,and this gold used in building gold mines.Gold mines generates gold income every second passively.


Server (GameSparks Cloud Code) does all logic.It increases player's goldCurrency variable every second depends on goldMine number.

In this situation you want to update player's local goldCurrency variable when it's changed (every second).You basically update local goldCurreny data to information which came from server.

Let's say player presses "Build Gold Mine For 100 Gold" button.In this case server receives this event and checks if player has 100 gold,and if yes it does the logic.

However you may want to "gray out" "Build Gold Mine For 100 Gold" button on player if she doesn't have 100 gold.So she can't click to it at first place.This can be done on player side logic (not on cloud code).


But,as players can cheat;they can mess with local variables and make this button clickable even they don't have 100 gold.That is why I implemented some kind of fool-proof check above.


Answer

Hey Sean,


I'm still discovering GameSparks and I can't give a good answer to your question but I can give you a general idea.

Uploading sensitive information from player is generally a bad idea.There is a concept called "server authoritative" to prevent cheats and state mismatches.


Principle of this idea is making players' computers basic terminals for inputs.Let me adapt your question to this idea.


Player has gold currency,and this gold used in building gold mines.Gold mines generates gold income every second passively.


Server (GameSparks Cloud Code) does all logic.It increases player's goldCurrency variable every second depends on goldMine number.

In this situation you want to update player's local goldCurrency variable when it's changed (every second).You basically update local goldCurreny data to information which came from server.

Let's say player presses "Build Gold Mine For 100 Gold" button.In this case server receives this event and checks if player has 100 gold,and if yes it does the logic.

However you may want to "gray out" "Build Gold Mine For 100 Gold" button on player if she doesn't have 100 gold.So she can't click to it at first place.This can be done on player side logic (not on cloud code).


But,as players can cheat;they can mess with local variables and make this button clickable even they don't have 100 gold.That is why I implemented some kind of fool-proof check above.

Hey Sean,


Batuhan suggestions are correct, it is recommended for security reasons to have the back end manage currencies or player specific variables, it would be good practice to ensure these events that will be called frequently are short and to the point as to prevent any slowdown, and as Batuhan suggested consider implementing some sort of security check to prevent any manipulation from the clients side.


Hope this helps,

- Tony.

Login to post a comment