Suppress online cheating

[AutumnPizazz]

Before creating

• [X] This is NOT a gameplay feature from Civ VI, BNW, or outside - see Roadmap
• [X] This is NOT a gameplay feature from Vanilla Civ V or from G&K - If so, it should be a comment in https://github.com/yairm210/Unciv/issues/4697

Problem Description

I found that certain individuals were circulating the rules for saving writing, enabling a group of players to exploit this knowledge and alter the online save, thus undermining fairness. I sincerely hope that we can take measures to counter such conduct.

Related Issue Links

No response

Desired Solution

To address this issue, I suggest adding a time stamp and implementing a code check for the online save. If a player modifies the save and another player starts their turn, a pop-up window should appear, indicating that the save file is abnormal.

Alternative Approaches

Nothing.

Additional Context

No response

[SomeTroglodyte]

Low effort/benefit ratio. Extremely so.

Unciv is open source, and as such someone will always be able to cheat. Even if you implement strong cryptography in the exchange protocols, invent a transactional change protocol including checkpoint verification - someone has to hold the keys, and that someone can cheat. Even then, someone without the keys could cheat by running from modified source code, or via debugger, meaning the change protocol would have to contain plausibility checks against the ruleset - meaning the change protocol would need to not simply log diffs, but step-by-step moves so a verificator could be made to work without a million lines of code... And we're already talking about thousands of lines of code.

My take, as always, ist to disable multiplayer altogether 😈 - I'm still miffed a default unciv sends packets to a third party at startup without my consent or a way to turn it off.

... just don't play with strangers. Trust total strangers with your fun and enjoyment - and you'll get infected sooner or later. It's bad enough that you have no alternative but to trust some of them with your life on the roads...

[AutumnPizazz]

No, no, no. My original intention is to prevent cheating by simply modifying the save. The target audience is high school students (aged 15-18) with insufficient moral awareness. We only need to add a simple timestamp check and a simple check code (parity check? I just learned this in my college course) to warn other players of abnormal archives.

[SomeTroglodyte]

Well, our multicheater code specialists are pretty inactive at the moment. GGGuenni, CrsiX (intentionally no @) come to mind. But there was already something... #9483. Quote: "we'll need to wait a bit to actually block anything based on checksums" Ha! You're not the first having that idea. But coding it - not for me.

high school students (aged 15-18) with insufficient moral awareness.

Are there any other? I'm surprised anybody even has that 'm'-word in their vocabulary anymore nowadays... :upside_down_face:

[AutumnPizazz]

I'm surprised anybody even has that 'm'-word in their vocabulary anymore nowadays... :upside_down_face:

That's from GPT which translate my Chinese words. And I know little about some cyberspeak and foreigners' habits of taboo. I would say sorry if this 'm' word offend u.🤐

[SomeTroglodyte]

would say sorry

The line you're apologizing for was nasty sarcasm, so: sorry right back, for using language a dumb machine can't translate. Again: "Are there any other?" meant: "Obviously, there are no high school students with sufficient moral awareness"; and "I'm surprised..." meant "It's good to see there are people left on this earth that still know the meaning of 'moral'". Even though "people" in this case may refer to your GPT machine...

offend u

I don't think you could offend ME even if you tried hard :smile_cat: .

Back to track: @coders, GameInfo.checksum needs to be put to use, it's one year after its creation.

[1etsp1ay]

Low effort/benefit ratio. Extremely so.

Unciv is open source, and as such someone will always be able to cheat. Even if you implement strong cryptography in the exchange protocols, invent a transactional change protocol including checkpoint verification - someone has to hold the keys, and that someone can cheat. Even then, someone without the keys could cheat by running from modified source code, or via debugger, meaning the change protocol would have to contain plausibility checks against the ruleset - meaning the change protocol would need to not simply log diffs, but step-by-step moves so a verificator could be made to work without a million lines of code... And we're already talking about thousands of lines of code.

My take, as always, ist to disable multiplayer altogether 😈 - I'm still miffed a default unciv sends packets to a third party at startup without my consent or a way to turn it off.

... just don't play with strangers. Trust total strangers with your fun and enjoyment - and you'll get infected sooner or later. It's bad enough that you have no alternative but to trust some of them with your life on the roads...

The other approach is to remove the socio-economic incentive for cheating. I can think of 3 possible contexts

1. eSport tournament game with a prize ... this is where some strong tech measures might be useful but its a narrow case
2. bragging rights on leaderboards ... the concept is to check no violations of the ruleset or manual devcon of the files/maps ... could be done with some setup options and merke tree - only recognize events from a previously hashed save file.
3. trying to overcome game disparity ... this can be fixed by allow per civ difficulty level so you effectively have a handicap, so one player might be God level but a noob might be chieftain. The way I'd suggest is to have a base level game difficulty, then players can voluntarily up their difficulty to give a few start advantages

[AutumnPizazz]

You are right. Truth is, what I really want to highlight and prevent in future updates is that second scenario. In our country, there are many players who go to any lengths to show off their gaming skills and understanding as being superior to others. It's a really bad experience when playing online. I've had the fortune, or maybe misfortune, to meet someone who suddenly gained 1 million gold coins in a single turn and filled the screen with doomsday mechs out of nowhere.

[yairm210]

The checksums I added there, wouldn't since the kind of problem you're talking about MP games aren't saved locally, only online, so "tampering with saves" will always be in memory - and thus the solution I added there won't help

[github-actions[bot]]

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 15 days.