-
Notifications
You must be signed in to change notification settings - Fork 0
Security Features
WrapAround was designed with game security as a priority from the start. Below are some examples.
WrapAround net code is server authoritative, that is, the server controls the state of the game, while clients report changes to their state alone. This massively increases security, as a user simply editing the state in their browser will simply be overridden by the new state 17ms later. Even if the user where to somehow edit the JS running in the browser, all they would be able to influence is their own position, which can be prevented by authorization on the server. This does of course does add considerable overhead, with updates from the server sent every 17ms.
All player paddles contain a unique hash known by only that client and the server. When a client tells the server to update its location, the server first checks if the users hash matches the hash saved on the server. This serves as a form of Authorization, preventing players from changing other players state.