[Armisael16]

This presents a (relative) vulnerability to cheating. If every computer has the full game state but players aren’t supposed to be able to know some things there is the potential for hacks.

The most obvious version of this in StarCraft is maphacks that let you see through fog of war, although that’s far from the only thing.

Poker meets all the technical requirements here, but sending everyone the contents of all hands would be a disaster.

[hitpointdrew]

> Poker meets all the technical requirements here, but sending everyone the contents of all hands would be a disaster

I work in the gambling space. A few notes, gambling games don’t ever rely on physics (even roulette, or a coin dozer type of game, everything is decided by a certified rng, no regulatory body that I am aware of allows outcomes based on physics engines). This means there is far less data to keep state on (a hand of cards is very tiny json blob to send). Games like poker etc. don’t require “real time”, if a player takes 4 seconds to decide if they want to call/raise/fold etc. then an extra 200ms of latency isn’t even going to be noticeable. So we don’t really care if there is a bit of latency, these aren’t FPS games.

[cornel_io]

Yep - even apparently physics-based digital casino games (think pachinko-style) are not allowed to use the real physics, that's really just faked as an animation to match the strictly controlled odds that can be easily verified by code inspection.

[flemhans]

That should be considered cheating!

Games that pretend to be physics-based but in reality have a backed probability engine.

[cornel_io]

People who gamble understand this, it's literally the law.

[dpedu]

This comes up in Minecraft too, and there was a small arms race around it. For the unfamiliar - certain resources in the game are useful and valuable but also rare (diamonds) and requires the player to spend a decent amount of time digging through the ground to find them.

But, since you have the whole game state, you can sift through the data and pinpoint these resources and acquire them quickly and with almost no effort. In multiplayer this is generally considered cheating and is called an "xray" modification to the game client. There are other variations of this hack that involve changing the game's textures to transparent images except for the specific resources you want to find.

Mulitplayer server administrators don't like cheats so they created countermeasures for this. The best example is probably Orebfuscator which "hides" said valuable resources until the player is very close to them.

https://dev.bukkit.org/projects/orebfuscator

[nwiswell]

Can't you still gain an unfair advantage using Bayesian search theory where probability drops to zero at the "revealing radius"?

Or is the "revealing radius" somewhat randomized over time in a way that's invisible to the client?

[Qub3d]

I mean, if you can acquire or otherwise reverse-engineer[0] the game seed, you can also just find resources by loading a local copy and noting the coordinates of ore. For major servers, anti-xray plugins will be installed as due diligence, but most of the anti-cheat efforts are focused on detection, reverting, and banning.

Ultimately, if you have a big enough server to attract serious cheaters, you will (or at least should) have tools that can also detect suspicious behavior based on heuristics (i.e. see if a player mined straight to an ore block). Tools like CoreProtect[1] can help detect and revert this.

Ore obfuscation still works very well, however, for the majority of causal cheaters that just googled "hacked minecraft client" and installed the first result.

One ore obfuscation technique used in PaperMC actually sends intentionally fake data to the user to "muddy the waters"[2].

(I know a lot of this because I help develop a Minecraft server management tool)

[0]:https://www.youtube.com/watch?v=GaRurhiK-Lk

[1]:https://github.com/PlayPro/CoreProtect/

[2]:https://docs.papermc.io/paper/anti-xray

[dpflug]

https://en.wikipedia.org/wiki/Mental_poker might provide a means by which you could have a match be verifiable by all parties after the fact, but not leak info during it.