Bios-Marcel
commented
3 years ago I am somewhat unsure on this now. I don't really know a sensible limit. There are people that can type very fast, meaning they can technically smash out about 4 words per second. However, in a 120 second round this would be 480 words, with which a bot could easily guess the word correctly, depending on the word list size and the letter count.
Now, the question is, what kind of rate limiting should we impose on the player. Maybe something like "Up to 5 guesses a second and up to 30 in 20 seconds". This would greatly decrease the maximum amount of guesses, but allow short time spamming, which can be viable. However, it's rather unlikely someone would keep spamming guesses this quickly. So this might be fine.
On top of that we probably need to limit the message length to something sensible. Since I'd still like to allow chatter, a message should probably not take up more than 6-7 lines.
EDIT Maybe this requires a general rate-limiting logic that works per API-Call-Type. This way for example player X could send an event of type "Y" up to Z times per W second. This would prevent spam and it would also prevent guess botting. As the word-lists are open, it's technically possible to spam the whole word list. Especially when #2 gets implemented, this will become a problem. On top of that, some people might experience lag when chat-spamming too hard. There was one case for example where one's password manager was manipulating the document on each document update. While this isn't exactly our problem, it's apparently something we could look out for.