gdc 2013 - ditching the server: making client-side only social games
DESCRIPTION
Amitt Mahajan discusses techniques and strategies for developing client/server architecture that is game-code agnostic.TRANSCRIPT
Ditching the ServerHow to create client-side only social games
Amitt Mahajan (@amittm)Founder/CEO, Red Hot Labs
2
My Background• Co-creator/Lead Developer
– FarmVille
– ExampleVille: Zynga’s game engine & framework
• CTO, Zynga Japan
– Develop mobile games for the Japanese market
• Developer, Unreal Engine/Gears of War
GDC2013 • @amittm
GDC2013 • @amittm 3
Client/Server Replication• Client replicates commands to the server
– Mostly async, non-blocking, operations
• Server validates commands to prevent
cheating
– Success: Update DB; Failure: Out-of-sync error
GDC2013 • @amittm 4
Client/Server Implementation• Client-side code: ActionScript, Obj-C, Java,
JS
• Server-side code: PHP, Ruby, C, JS
• Data storage: Relational DB, NoSQL, iCloud
• Communication via REST calls
GDC2013 • @amittm 5
The Problem• Write code twice, maintain 2 codebases
• Server state needs to be in sync: leads to out-of-sync
errors
• Provision servers & deploy code for each game
• Game teams and server ops teams tightly integrated
• Complicated, hard-to-port, game-specific network code
GDC2013 • @amittm 6
Proposal: Client-only validation
• All game logic lives with client-code
• Trust player client state
• Server is a dumb-pipe to store data
• Use automatic validation to lazy check
state
GDC2013 • @amittm 7
Benefits• Split creating games from running server operations
• Reuse infrastructure in several games and platforms
• Better utilize server resources with reduced
complexity
• Reduce development time and errors
• Reduce out-of-sync errors, potentially better for mobile
GDC2013 • @amittm 8
Limitations
• Prior server controlled variables are now insecure
• Player-to-player interactions made insecure
• Potentially complicated validation mechanisms
• Global leaderboards / ladders easily manipulated
GDC2013 • @amittm 9
Data Storage
• Schema-less DB offers greatest flexibility (e.g. NoSQL)
• Object-based schema keyed using class-name and id
• Server does not validate data but keeps track of
properties
• Objects can have references to other objects
GDC2013 • @amittm 10
Example Object{
_className:“User”,_id: 25,_acl: {“read”:”global”,”write”:[25]},_version: 3,level: 4,coins:76,
games:[{_className:”Game”,id:45},{_className:”Game”,id:34}]}
GDC2013 • @amittm 11
Example API• Object.get(className, id)
– Returns object data based on className and Id
• Object.set(className, id, data)
– Sets data for an object
• Object.acls(newAcls)
– Changes the access permissions for an object
GDC2013 • @amittm 12
Data Security
• Object Access-Control-Layer (ACL) system
• Permissions granted using access tokens
• Versioning / Conflict-resolution
GDC2013 • @amittm 13
Uses for ACLs
• Private or read-only user data
• Shared game state or game objects
• Static, developer-defined, game data
GDC2013 • @amittm 14
Example: Access Tokens
Client APIServer
1. Login using email/pass
2. Return Access Token
3. Request game object with token
5. Return requested object
4. Verify access token grants permission SPECIFICALLY to requested object
15
Access Token Levels
GDC2013 • @amittm
Access Token Level
None • No or invalid access token provided• User only has access to global objects
User• User logged-in / authenticated• User can access objects owned by their user
ID
System• Secret/private access token• Game developer usage only• Can modify any object on the server
GDC2013 • @amittm 16
Impact on Game Design• Trust is now a consideration in game-design
• Some game-styles will not be possible
without additional validation
• May limit creativity of game mechanics in
certain cases
GDC2013 • @amittm 17
Best Use Cases• Asynchronous is the intended use case
• Single player games that require cloud storage
– Plants vs. Zombies, Angry Birds
• Single player w/ multiplayer component
– FarmVille, Sims Social
• Limited PvP games
– Words with Friends, Draw Something
GDC2013 • @amittm 18
Cheating
• Modification of player stats/state
• Generating favorable outcomes
• Could potentially hurt revenue
• Non-technical players can cheat with tools
GDC2013 • @amittm 19
Validation Techniques
• Analytics
• Secure token and separate service
• Unified scripting language
GDC2013 • @amittm 20
Example: How to hack XP1. Player uses a proxy to examine network calls
2. Figures out what a save call looks like
3. Modifies game state to desired result
4. Executes a save call with modified state
Note: This is TRIVIAL and a big hole!
GDC2013 • @amittm 21
Example: Preventing XP Hacking
• Developer marks XP field in an object as being “rate-limited”
or “important”
• User modifies their local XP value
• On post-object-save:
– Store historical values of field
– Standard deviation rate of change flags account for manual review
– Tweak thresholds for false-positives
GDC2013 • @amittm 22
Example: XP delta over time
Day 0
Day 2
Day 4
Day 6
Day 8
Day 1
0
Day 1
2
Day 1
4
Day 1
6
Day 1
8
Day 2
0
Day 2
20
200
400
600
800
1000
1200
Suspicious spike outside acceptable range,flag account
Acceptable Range
GDC2013 • @amittm 23
Production Case: Bingo Blast!
• Head-to-head & solo game for iOS/Android
• Shared game objects
• Game requests / messages
• In-app purchases
• No server work required
GDC2013 • @amittm 24
Conclusion• There is no one-size-fits all solution
• Server-side validation is good for absolute cheat prevention
and is proven to work
• Client-only validation provides performance boost, less errors,
and development time reduction at cost of security
• Automatic validation non-trivial and will improve over time
GDC2013 • @amittm 25
Thank you!
Email: [email protected]
Twitter: @amittm
Web: amitt.com / redhotlabs.com