oat/crystal-gauntlet
oat
/
crystal-gauntlet
1
0
Fork 1
Code Issues 11 Pull Requests Packages Projects Releases Wiki Activity

(idea) insane leaderboard checking #13

New Issue
Open
opened 2024-02-15 11:58:46 +01:00 by rya · 0 comments
rya commented 2024-02-15 11:58:46 +01:00
Collaborator
Copy Link

As far as I have researched, the current way Geometry Dash / gmdprivateserver does leaderboard updates is done through updateGJUserScore.php. It takes in stats as parameters and updates the leaderboard using those stats. There's no optimal way to make sure that those stats are legitimate, aside from checking if they're within the boundaries of possible stars (server calculation + main levels as a constant).
My idea is to simply Not use that endpoint for updating at all (unless a player is whitelisted for fast leaderboard updates). Instead, the server should use the backupGJAccount.php endpoint to make use of the player's save file and check through which level have been beaten and perhaps how even. This has a few additional advantages:

  • All levels are considered; if a level has been unrated after a player beats it, the player will not have their stars deducted until they re-download the level. With this check, the server can just check for a level's completion, see if it's rated on the server and have a player's stars be calculated properly that way.
  • Spoofing is pretty much impossible; one could technically have their stars set to whatever number and the game wouldn't care much about it. Like in the previous point, having the server check for completed levels makes the displayed stars stat useless.
  • Save file correction; to reduce the amount of re-calculations for consecutive cloud backups (...albeit it being minimal at most), the server can correct any wrong statistic on the save file, which can ensure that the player doesn't lack behind with newly (un-)rated levels. But that only works so well if the player loads the backup after uploading it.

I think that I should also address some disadvantages:

  • Leaderboard updates don't reflect in ...realtime; as manual cloud backups are required, the server wouldn't update the leaderboard as frequently anymore.
  • Higher bandwidth; as players are let known that leaderboards are only updated via cloud backups, it could increase bandwidth usage with more frequent backups being made.
  • DDOS is more likely possible: I assume this check could take a bunch of processing, which takes in a harder hit with larger save files and more levels. If it doesn't queue save file checks or if the checks are generally not fast enough, the server could suffer from simultaneous cloud backups.
As far as I have researched, the current way Geometry Dash / gmdprivateserver does leaderboard updates is done through `updateGJUserScore.php`. It takes in stats as parameters and updates the leaderboard using those stats. There's no optimal way to make sure that those stats are legitimate, aside from checking if they're within the boundaries of possible stars (server calculation + main levels as a constant). My idea is to simply Not use that endpoint for updating at all (unless a player is whitelisted for fast leaderboard updates). Instead, the server should use the `backupGJAccount.php` endpoint to make use of the player's save file and check through which level have been beaten and perhaps how even. This has a few additional advantages: - All levels are considered; if a level has been unrated after a player beats it, the player will not have their stars deducted until they re-download the level. With this check, the server can just check for a level's completion, see if it's rated on the server and have a player's stars be calculated properly that way. - Spoofing is pretty much impossible; one could technically have their stars set to whatever number and the game wouldn't care much about it. Like in the previous point, having the server check for completed levels makes the displayed stars stat useless. - Save file correction; to reduce the amount of re-calculations for consecutive cloud backups (...albeit it being minimal at most), the server can correct any wrong statistic on the save file, which can ensure that the player doesn't lack behind with newly (un-)rated levels. But that only works so well if the player loads the backup after uploading it. I think that I should also address some disadvantages: - Leaderboard updates don't reflect in ...realtime; as manual cloud backups are required, the server wouldn't update the leaderboard as frequently anymore. - Higher bandwidth; as players are let known that leaderboards are only updated via cloud backups, it could increase bandwidth usage with more frequent backups being made. - DDOS is more likely possible: I assume this check could take a bunch of processing, which takes in a harder hit with larger save files and more levels. If it doesn't queue save file checks or if the checks are generally not fast enough, the server could suffer from simultaneous cloud backups.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
main
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: oat/crystal-gauntlet#13
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?