Why:
I want to meet other players in Grim Dawn that I don’t know personally, to play and especially trade with them.
Main problem:
I cannot know if they’re legit or if my character gets tainted by accepting anything from them or even having them help me with any game objective, because I cannot know if they cheated (modified/copied savegames) or hacked (modified client code). That’d be unacceptable. It’s like a highly contagious virus that immediately invalidates everything.
How:
The devs have stated that they’d need to make major game engine changes that they don’t have $$$ for. So here’s how to do it with some easy hacks instead.
Premise:
We know that in multiplayer the host game gets to decide all the dice rolls/calculations for loot, combat etc and the guest clients who join the host’s game have no say in it.
Solution:
The game client has a new mode, let’s call it “No-Cheat”.
Clicking on it will contact a GD meta server that’s running in a protected environment, ie is provided by the development team. This meta server will then simply launch a GD game instance that actually hosts the game.
The player who clicked on “No-Cheat” mode will then join that hosted game, becoming a guest in it, as will all the other players who want to participate. So it’ll just use the normal host/guest mechanics that are already in the game.
Now the specialty about the host game is that it won’t have an actual character in the game, or if it’s too much work, just make the character completely invisible and not noticable in any way, ie a dummy character. So the GD server is the host but doesn’t actively participate in the game. Only the guest game instances which are the real persons wanting to play have characters.
Now in this “No-Cheat” mode everyone has to create a character the first time he starts it, since already existing characters stored on everyone’s PCs aren’t accepted: In “No-Cheat” mode the game client will immediately upload the created character savefile to the host, which in turn performs sanity checks if its a valid, newly created level 1 character (no weird items in it, all stats within sanity boundaries).
From then on, the host game will take care of saving/loading any existing characters if a client game logs out or back in. On logging back in, the server will load the according savefile and send it to the client if necessary so the client has all the info it needs.
But the server will never accept the client’s savefile data anymore, so savefile cheating won’t be possible.
So in summary, the game runs just as usual, with the two specialties that
- the server hosts the game while not actually logging in with any character (or just sets up a dummy character that is kept invisible to the real players)
- all savefile handling is done only on the host side, with the host transferring savefile data to the clients when they need it (probably on logging in I guess), so the clients would simply read the savefile over the network instead of from disk, and the host instance would do savefile storing on player logout, instead of the guest instance.
What would still be possible I guess:
Position hacking and macroing. The clients could probably send unreasonable control command sequences to the server about movement, which allow things like teleport-hack or speed-hack.
Adding some additional code to guard against unreasonable position changes (too much change in too little time) fortunately wouldn’t take much effort though.