[MUD-Dev] Re: Trusting the Client (Re: Laws of Online World Design)
Adam J. Thornton
adam at phoenix.Princeton.EDU
Wed Oct 14 14:01:16 New Zealand Daylight Time 1998
On Wed, Oct 14, 1998 at 10:33:07AM -0700, J C Lawrence wrote:
> 1) Computation is done on the client.
> 2) All random numbers for all computations originate fromthe
> 3) Cross-check consistancy statements for all computations are
> sent to the server from the client for all data commits for
> veracity checking.
> Is it absolutely secure? No. It is tighter however.
But it's also awfully chatty.
And how easy is it to do the veracity checking without actually performing
the calculation on the server? If you do the calculation on the server,
then you may as well get rid of your veracity protocol, and it's my guess
(just a guess) that the bandwidth requirements would remain about the same.
AFAICT the major bottleneck is going to be network speed, not computation.
So I've been working on ways to reduce the traffic between client and
server. The approach I'm trying now, which looks like it might work, is to
separate object data and its representation data. That is, the server
gives the client an object tree representing the section of the world
currently visible. Then the client asks its representation server for the
representation data (text, graphical, sound, whatever--determined via
negotiation between the client and the server). Using a protocol
shamelessly plagiarized from NNTP, the client and server determine which
resources need to be downloaded and which already exist in the local
cache. When the representation server can't satisfy a request, *then* it
passes the request off to the appropriate master server, which is in the
hands of the people running the game.
This means that only the object trees have to be updated frequently across
the wider net. Which should keep bandwidth pretty reasonable, since the
size of a serialized representation of these trees is small compared to the
size of, say, 16-bit tile resources.
This lets you put the representational data much closer to the client:
locally mounted CD, or one CD or HD mounted on a LAN, for instance. The
only danger I see is that the client can use a completely different set of
representational data than the server intends. But so what? If I say my
game is set in a Generic Fantasy setting and you want Space Opera tilesets,
that's your business. It'll look a little weird when I add a new creature
for which you don't have a corresponding tile, and so your server goes out
and gets the master tile, which doesn't look at all good in a Space Opera
setting, but that's hardly my problem.
adam at princeton.edu
"There's a border to somewhere waiting, and a tank full of time." - J. Steinman
More information about the MUD-Dev