I have been thinking about how they can fix issues with hackers. Obviously server side validation is the best option and pretty damn hard to hack, it does require quite a bit of server power.
What about client side checks then? Not just on one client, but the check is done on both parties computers. Here is how I imagine it going, with two players:
1: Player A attempts to hit Player B
2: Player A sends “hit attempt” signal to server
3: Player A client calculates if hit was successful
4: Player A client sends “hit success” to server
5: Server sends hit attempt to Player B
6: Player B client calculates if hit was successful
7: Player B client sends “hit success” to server
8: Server sends Player A and Player B “valid hit success” message
9: Player B dies
It is just an idea and testing would need to be done. There will be additional data sent over the server yes, but I think it could handle the extra data better than it would doing server side validation.
Lets imagine player A is a hacker and player B is genuine. Player A could hack step 3 so that it always says the hit was a success, but player B client would disagree, making player B seemingly invincible to the hacker.
Now switch it, player A is genuine and player B is a hacker. Player A says that the hit was valid, which it was, player B says no it wasn’t, hacker is still alive. Server picks up a disagreement and flags those two players making them unable to kill each other. Player A survives without player B being able to turn around and kill player A legitimately as they will be in close proximity.
Apply this with other checks too like shooting through walls, speed checking within proximity and other such things.
Obviously this thread is aimed at programmers with some knowledge of server coding (I have developed a TCP server for a Windows 8 app so I think I qualify).