Multiplayer Game Security

Hello,

I'm looking to make a multiplayer combat game, and I've considered using construct 3 (or 2) for it. However, as the game is multi-player, competitive, and has in-app-purchases, I need to be sure everything is being transmitted securely and make it very difficult or impossible hackers to gain an edge. Are there any features that facilitate this, or will I have to do my graphics and all scripting manually in real code?

In your post announcing

Multiplayer was consistently voted as the top feature request with a huge majority, even with clear caveats that the feature would likely be difficult to use in practice due to the nature of networking. We spent several months developing it while putting all other features on hold. In the end, as far as we can tell, very few people actually use it in practice.

If there's an issue with this type of security, that might be a contributing factor.

Multiplayer has little to nothing to do with payments. Iap is all done player to server, not player to player.

That being said, it is fairly difficult to guarantee that no one cheats. There are several methods, features, and plugs to discourage hacking.

I need to be sure everything is being transmitted securely and make it very difficult or impossible hackers to gain an edge. Are there any features that facilitate this, or will I have to do my graphics and all scripting manually in real code?

You'll have to implement cheat detection/prevention yourself with events, on the server. What do you mean by real code? When you're making a multiplayer game you're going to have to be more hands on at a low level with events. If you aren't experienced at programming you might have a hard time with this.

Read the multiplayer tutorials. The whole architecture of the multiplayer plugin is designed to prevent hacking/cheating using an authoritative host and untrusted peer model, which is explained in detail in the tutorial series.

Read the multiplayer tutorials. The whole architecture of the multiplayer plugin is designed to prevent hacking/cheating using an authoritative host and untrusted peer model, which is explained in detail in the tutorial series.

That seems to be in the direction I'm looking for, and I've started reading it. Looks like C2 or 3 will get a chance at this game.

If it uses P2P networking, doesn't that make IP addresses available for people to take and DDoS?

> Read the scirra.com/tutorials/892/multiplayer-tutorial-1-concepts multiplayer tutorials. The whole architecture of the multiplayer plugin is designed to prevent hacking/cheating using an authoritative host and untrusted peer model, which is explained in detail in the tutorial series.

>

That seems to be in the direction I'm looking for, and I've started reading it. Looks like C2 or 3 will get a chance at this game.

If it uses P2P networking, doesn't that make IP addresses available for people to take and DDoS?

I think your right. Ashley can you confirm that if a Peer/Host connects that this makes their IP Address available for others connected to them to see?

In the event that someone is losing, couldn't this player just flood the Host with random messages, thereby shutting down the game?

You can DoS any host on the Internet for any kind of game. There's nothing particularly different about the multiplayer plugin.