Use server time for demo timestamp

[p2r3]

The demo timestamp is generated by referring to the system clock (at least I assume so), which can be modified by a bad actor to submit demos late. To make this less likely, Spplice's JS interface could be used to retrieve time from a server and insert a timestamp into the demo by running a console command.

This could be any a request from anywhere, like worldtimeapi.org for example, but I think it would be preferable to have it be the server on which Epochtal is running. This sets up some scaffolding which we can expand further for run verification if needed.

[p2r3]

Further expanding on this, I think it would be a smart idea to save the timestamps returned by the API in a rolling log on the server, and only accept the timestamps we read from demos if they exist within this log. This log would be kept secret from the players. That way, even if you did modify the package's main.js to report timestamps from the future, they would be rejected due to the server having never reported that exact number.

[PancakeTAS]

@p2r3 is this meant to be closed or to you plan on expanding on this?

[p2r3]

@PancakeTAS I do plan to implement the idea in the comment, yeah. That's when I'll consider this issue solved.