• Hey Guest. Check out your NeoGAF Wrapped 2025 results here!

Diablo 3 Beta [Beta withdrawal underway!]

Status
Not open for further replies.
TheExodu5 said:
V_Arnold, in your hypothetical, you're still assuming the client only sees feedback for their action once the server processes the action and sends back a response. If there is truly no lag, then the feedback would have to occur client side.

My guess: there are two states. There is a client-side state, and a server-side state. The client-side state is going to be y ahead of the server. How I would go about doing this:

Have the client side generate the action with the random seed associated to that action, and send it to the server.
By this point, the client has already resolved the action and the player has gotten feedback.
The server then checks the uploaded action, along with the generated random seed or the full client-side state, and validates it.
If there are any discrepencies, the server disconnects the player.

Of course, the question here for hackers is this: what can be spoofed? If the client needs immediate feedback, then the client is determining the random seed for the attack, which means that could technically be spoofed. Hackers could possibly make their weapons output the max damage on their weapon every time.

Anyways, that's one theory.

I really don't see any way to make it lag-free (client-side) without leaving the game vulnerable to hackers.

edit: the problem I'm seeing here is with the random seed. However, come to think of it, maybe the server could determine a bunch of random seeds ahead of time and send them to the client. Then, the client wouldn't lag out until it ran out of random seeds. The important thing here is to have the random seeds be generated by the server.
Click to expand...

Maybe I was not clear enough. The "lag" is simply a concept of stuff happening later than it is "supposed" to happen.

Now, with this, instead of having a constant delay with every action you make, you just delay the delay (haha) until the mobs are actually dead, and the dropping of loot is the only delayed action.

I am not assuming that the client even needs the feedback - in fact, it should not. It should either get a Disconnect or simply get a delayed loot gain once the mob's deaths are clean and confirmed. Every other things happen client-side and server-side simultaneously, with one being behind by the time it takes to send the data, of course. Just as you said, to a certain extent.

Hackers could only enter this scenario when they would be able to manipulate the data on the server side. Or I could see things like hackers trying to have the client be an Optimistic Client for them (always getting the highest or almost highest end on every x-y damage "roll", for example, stuff like that), and if the seeds are generated ahead by the server and sent back constantly to the client, even that should not be possible.
 
Regarding server-side validation of game input, Trackmania kind of does the same thing.

Collision detection is handled client-side, of course. But once you submit a lap for consideration, the server takes a look at your input over the lap as well as your car's position on the track. If it detects any abnormalities, the lap time is invalidated.

The Diablo stuff is a lot more complicated but it should be possible to make the official servers very secure.
 
CarbonatedFalcon said:
large.png


What does it mean? :O
Click to expand...

Cannot unsee the smiling polar bear face in the alabaster rune :O
 
flashburn2012 said:
As of last week (there hasn't been a patch) there definitely is rubberbanding and other lag issues. One problem I've had several times is where you can move around just fine and attack, but you can't damage anything and the mobs don't move or attack either.
Click to expand...
That sounds more like a lag spike than latency which affects moment-to-moment gameplay.
 
Regardless of how it works, all the actual gameplay is probably all held on the servers. All the client will be sending is what it wants to do, and the server is what responds and sends back what happened. The "lagless" part would be implemented mostly client-side; the client simply assumes that the server has accepted its input and displays what happened. In the case of discrepancies (which can happen often if there is a lot of lag), the server simply resyncs the client to its own world, which would lead to the rubber-banding effect. There is never a time where the server copies the client's world onto its own, it's a one-way system that prevents client-side duplication and hacking. (At the very least, if there is some sort of hacking going on, the hacker would still not be able to do anything a player can't theoretically do.)
 
KScorp said:
Regardless of how it works, all the actual gameplay is probably all held on the servers. All the client will be sending is what it wants to do, and the server is what responds and sends back what happened. The "lagless" part would be implemented mostly client-side; the client simply assumes that the server has accepted its input and displays what happened. In the case of discrepancies (which can happen often if there is a lot of lag), the server simply resyncs the client to its own world, which would lead to the rubber-banding effect. There is never a time where the server copies the client's world onto its own, it's a one-way system that prevents client-side duplication and hacking. (At the very least, if there is some sort of hacking going on, the hacker would still not be able to do anything a player can't theoretically do.)
Click to expand...

The thing is:
What happens when I'm surrounded by mobs and I barely defeat them by using some different skills in fast succession of one another. Perhaps there's a lag spike in between. The way you describe it means the client and server would catch up but because the combat happens on the server, one of my skills or actions didn't happen in time and I die because of this..

If I read some of the earlier comments it's suggested that won't be able to happen..
 
Party monk+wizard

Monk uses inner sanctuary + Wizard uses Slow Time

= Impenetrable fortress (if you're not too lazy to move from projectiles that move 90% faster)

Seems like a golden combo to me tbh.
 
F!ReW!Re said:
The thing is:
What happens when I'm surrounded by mobs and I barely defeat them by using some different skills in fast succession of one another. Perhaps there's a lag spike in between. The way you describe it means the client and server would catch up but because the combat happens on the server, one of my skills or actions didn't happen in time and I die because of this..

If I read some of the earlier comments it's suggested that won't be able to happen..
Click to expand...
It would depend on how D3 would handle lag spikes. If there's a large spike, it may be nearly impossible for the server to judge if what the client has done is actually possible, and then what you described would happen. But it would depend strongly on how Blizz would implement it. It could be possible to entirely disconnect your internet and play for a few seconds, then reconnect, and have the client send the server everything that its done in the past few seconds, and the server simply verifies it. I honestly have no clue how feasible this would be, but I'm pretty sure what I said coincides with what Exodu5 said, except rather than disconnecting the client, it forces a resync.

Maybe to clear up my description a bit, it wouldn't be an entirely one-way system. The server can still accept the client's world, but rather than being a simple copy of the client, it tries to match its own world with the clients. If it's impossible to do so, it will simply discard the client world, and force the client to accept the server world.

If I understood V_Arnold's description correctly, all the fighting and world data would be client side. Although this would fix the problem you described perfectly, it would also introduce vulnerabilities. As an example, they might be able to create dungeons filled to the brim with lowish level monsters to farm for loot. In general, you want to put as little reliance as possible on the client in order to eliminate the possibility of hacking.
 
KScorp said:
It would depend on how D3 would handle lag spikes. If there's a large spike, it may be nearly impossible for the server to judge if what the client has done is actually possible, and then what you described would happen. But it would depend strongly on how Blizz would implement it. It could be possible to entirely disconnect your internet and play for a few seconds, then reconnect, and have the client send the server everything that its done in the past few seconds, and the server simply verifies it. I honestly have no clue how feasible this would be, but I'm pretty sure what I said coincides with what Exodu5 said, except rather than disconnecting the client, it forces a resync.
Click to expand...

Lag spike should not change what is possible or what is not. It just means that the "to be verified" list is a bit more lengthy than usual. IF Blizz creates a flexible system. If it is above a certain treshhold, it simply DC's.
 
V_Arnold said:
Lag spike should not change what is possible or what is not. It just means that the "to be verified" list is a bit more lengthy than usual. IF Blizz creates a flexible system. If it is above a certain treshhold, it simply DC's.
Click to expand...
When I say large lag spike, I mean on the order of seconds (like 10-20, where it simply DCs after that). And like I said, it does depend on Blizz's system. I did describe a situation where you can unplug your net and still play for a bit.

Although I suppose at that point you can't really call it a lag spike.
 
Yeah, just thought of your client basically streaming a replay to the server which is constantly verified in realtime. And it uses a constantly updated random seed from the server for things like weapon damage deviation.

The drawback: the server really has to do quite a bit of work.

But hacking a construct like this would basically mean building a completely custom client.
 
KScorp said:
When I say large lag spike, I mean on the order of seconds (like 10-20, where it simply DCs after that). And like I said, it does depend on Blizz's system. I did describe a situation where you can unplug your net and still play for a bit.

Although I suppose at that point you can't really call it a lag spike.
Click to expand...

WoW actually handles that situation, and there are vulnerabilities that can be exploited because of it. To get to a special ledge in a cave, a friend of mine disconnects his modem when he flies in, which makes it so that he never gets dismounted, and replugs it at the last second before he disconnects, allowing him to reach the ledge before he's dismounted.

We're probably going to see something akin to WoW though...it does feel pretty lagless in terms of client feedback, even if the ping is 200-300+, so I suppose if Diablo 3 were to use the same architecture it wouldn't be too bad.

FoxSpirit said:
Yeah, just thought of your client basically streaming a replay to the server which is constantly verified in realtime. And it uses a constantly updated random seed from the server for things like weapon damage deviation.

The drawback: the server really has to do quite a bit of work.

But hacking a construct like this would basically mean building a completely custom client.
Click to expand...

I'm assuming hacks will rely on the same old dll injection, intercepting client-server communications and modifying them to their benefit.
 
MrKnives said:
I don't what other options they considered but I'm fine with PayPal. I know some people don't like it and I'm sure raphier will be here whining about this.
For me it has always worked perfectly so I'm fine with this.
Click to expand...
I think it's dissapointing, I use paypal but wish there was a better alternative.
 
raphier said:
oh fucking paypal. This company can take your money and close your account legally without a sneeze.
Click to expand...

Cool story, bro. PayPal is probably the largest company of this kind, so it makes sense. Had an account there for many years, always zero problems, and their Customer Service is very good.
 
MrKnives said:
I don't what other options they considered but I'm fine with PayPal. I know some people don't like it and I'm sure raphier will be here whining about this.
For me it has always worked perfectly so I'm fine with this.
Click to expand...

It's not like there was another viable (and large enough) "3rd part payment provider", so I'm not surprised at all.

I can understand why some people may not like them, but I've never had any issues - though mostly I've used PayPal as a buffer between my debit card/checking account and other parties for transactions.
 
MrKnives said:
I don't what other options they considered but I'm fine with PayPal. I know some people don't like it and I'm sure raphier will be here whining about this.
For me it has always worked perfectly so I'm fine with this.
Click to expand...
PayPal seems the obvious choice, and is pretty clearly the sort of business that would actually be equipped to handle something like D3's level of daily transactions once the RMAH gets going.

The fact that most people that have looked at buying or selling anything on eBay in the last decade already have a PayPal account can't hurt the possible reactions around D3's RMAH. It cuts out a lot of the paperwork you might have anticipated to get yourself into an "actual money mode" and just goes straight to "do you agree? ok, link your paypal account."
 
MrKnives said:
I'm sure raphier will be here whining about this.
Click to expand...

raphier said:
oh fucking paypal. This company can take your money and close your account legally without a sneeze.
Click to expand...

:D

Im fine with it I suppose. I have a PP account, but I only really use it for purchasing. I doubt I will bother cashing anything out though. If I do sell anything, Ill just take the credits and convert it back to in game gold probably, assuming I dont just sell all my stuff on the gold AH to begin with.
 
Lothars said:
I think it's dissapointing, I use paypal but wish there was a better alternative.
Click to expand...

Are you disappointed that it's PayPal or that there just isn't a better alternative? I can go with that.
Luckely I won't touch the real money and will sell stuff for ebalance so maybe that's another reason I don't care that much.
 
Castor Krieg said:
Cool story, bro. PayPal is probably the largest company of this kind, so it makes sense. Had an account there for many years, always zero problems, and their Customer Service is very good.
Click to expand...
They need some competition, I am surprised there isn't. My friend lost 5,000€ last year since they closed his account claiming it had some shady money transfer, when I know there wasn't one and they never recovered it. That was a turning point for me at that point to never trust Paypal.
 
raphier said:
They need some competition, I am surprised there isn't. My friend lost 5,000€ last year since they closed his account claiming it had some shady money transfer, when I know there wasn't one and they never recovered it. That was a turning point for me at that point to never trust Paypal.
Click to expand...

Why would you keep 5K EUR in a PayPal account without cashing it out to your bank account? Guess what, something was probably shady.
 
MrKnives said:
Are you disappointed that it's PayPal or that there just isn't a better alternative? I can go with that.
Luckely I won't touch the real money and will sell stuff for ebalance so maybe that's another reason I don't care that much.
Click to expand...
I am dissapointed that there isn't a better alternative because I feel that Paypal has to much power but I still use Paypal.
 
rakhir said:
I tried to fiddle with the calculator, but i just can't do it.

Right now it's so completely detached from the game, we only vaguely know how the spells work in-game, how they'll play within the encounters. The sheer amount of abilities don't help - you have basic spells, but with all the gems there are hundreds of possibilities.
I've tried the barbarian, figured i've know something about him from D2, but not quite - even he is so different that's hard to imagine how he'll play in D3.

I envy you guys for the ability to do a whole build with only the text and raw numbers .
Click to expand...



I just look at the skill description on the calc, then find the videos that show the skills in use.

Here is a Wizard Skill video.

After you look at the skills you have a choice from in the videos in actual use, then read their descriptions so you understand what they do, it helps you kind of form an idea of how you would want to build.

FieryBalrog said:
Pre-fixes and suffixes for runes? Fuck me.
Click to expand...

Im not understanding this, can someone elaborate? You mean like "Of the monkey" WoW like pre and suffixes? That might border on the side of insanity as they would have additional effects on top of the already available runes.
 
Castor Krieg said:
Why would you keep 5K EUR in a PayPal account without cashing it out to your bank account? Guess what, something was probably shady.
Click to expand...
How about a plan to go on a trip to Japan for a month with no plans? What are you talking? I can't transfer 5,000€ without somebody calling it shady, huh now.
He can't use a card outseas and tranferring takes more money, but paypal sounded like amazing alternative to swap money to another outseas-compatible account, if not be used throught paypal.
It was supposed to be cashed out as soon as possible on Japan account anyway. The thing is, it was frozen a day after sum insertion.
 
TheExodu5 said:
I'm assuming hacks will rely on the same old dll injection, intercepting client-server communications and modifying them to their benefit.
Click to expand...

But if the server send the random seed that stuff like drops and weapon deviation is based on it won't do much good. You can then send "I did x damage to monster y using attack z" but the server can then verify if the damage you mentioned was correct.
Plus you can't warp around because you say "I clicked location x and ended up here" and the server can verify if you actually have been able to do that.
Of course you can still do something like a maphack but not much more. Only very little things.

Oh, and when there are mutliple people things of course get really complex, which means the server would have to work quite a bit. I'm not sure if that is feasible.

But it is a very secure solution.
 
raphier said:
How about a plan to go on a trip to Japan for a month with no plans? What are you talking? I can't transfer 5,000€ without somebody calling it shady, huh now. It was supposed to be cashed out as soon as possible on Japan account of his. The thing is, it was frozen a day after sum insertion.
Click to expand...

Uhm, okay?
Did he went to court with his case?

Because if there was "nothing shady" about this, it is plain and simple theft, one that would not have bode well with the image of PayPal, to be honest. I just cant believe that this is all there is to this story, and your friend just was "mad" and did nothing. Beside complaining to their customer support, obviously.

Yes, some years ago if you have more than 2k paypal can freeze your account that why I cashout everytime I was near 2k.
Click to expand...

Explains a lot then.
 
Castor Krieg said:
Why would you keep 5K EUR in a PayPal account without cashing it out to your bank account? Guess what, something was probably shady.
Click to expand...

Exactly. Money spends roughly 30 seconds in my PayPal account before I transfer it to my bank account.
 
Lothars said:
I am dissapointed that there isn't a better alternative because I feel that Paypal has to much power but I still use Paypal.
Click to expand...

I can agree with that. Competition keeps things straight and PayPal has no rival right now
 
chris-013 said:
Yes, some years ago if you had more than 2k paypal can freeze your account that why I cashout everytime I was near 2k.
Click to expand...
So if you have more then 2k in your account they can just freeze it, and thats that?


what the f?
 
V_Arnold said:
Uhm, okay?
Did he went to court with his case?

Because if there was "nothing shady" about this, it is plain and simple theft, one that would not have bode well with the image of PayPal, to be honest. I just cant believe that this is all there is to this story, and your friend just was "mad" and did nothing. Beside complaining to their customer support, obviously.



Explains a lot then.
Click to expand...
Hell anybody would be mad at that point of their lifes. He didn't go to court because he can't afford to. That was all he had. All of his money frozen on paypal. But I hear he is trying to do something with a lawyer.

I'm sure there's been more cases like these, and none has won a case against paypal, since they can do it legally, case in point, they're a non-government owned bank.

fanboi said:
I see you know your cousin... :D
Click to expand...
hah. I bitched about this last year.

also...

Castor Krieg said:
Why would you keep 5K EUR in a PayPal account without cashing it out to your bank account? Guess what, something was probably shady.
Click to expand...
http://notch.tumblr.com/post/124107551/i-wonder-why-i-used-paypal

somebody used to get their minecraft money throught paypal :)
 
Does anyone else utterly love the physics when enemies die? Seriously, watching them go flailing across the sky bring true joy to my heart.
 
Squire Felix said:
So if you have more then 2k in your account they can just freeze it, and thats that?


what the f?
Click to expand...

No, after that you need to send them proof of your id, etc.. can take a while (~30 days).
But if everything go well you take back your money.
 
MrKnives said:
I don't what other options they considered but I'm fine with PayPal. I know some people don't like it and I'm sure raphier will be here whining about this.
For me it has always worked perfectly so I'm fine with this.
Click to expand...

I see you know your cousin... :D

raphier said:
Hell anybody would be mad at that point of their lifes. He didn't go to court because he can't afford to. That was all he had. All of his money frozen on paypal. But I hear he is slowly regaining a sum witha new job and is taking advice on the matter to go further with the case.
Click to expand...

ding ding :D
 
The userbase of Diablo 3 will be huge once word of mouth spreads like wildfire. They should be able to reach a minimum of 8 million accounts across the different regions.

I think Paypal probably did not like the idea of another payment service gaining a new account for every copy of Diablo 3 sold and not be the go-to payment service for games. This could have put another player on the market, but Blizzard and Paypal are probably both very happy with their new deal.
 
Btw, already thought of the first hack to the system: loot-drop optimizer.

Pretty simple. Since a lagspike would cause the server side sent random seed to freeze, you could abuse that. Of course requires to decipher the interaction of random seed and lootdrop table. Basically, you set up what you want an enemy to drop.
When fighting, get the enemy to nearly zero health and wait until the program gives you an alert for the correct seed, for which it will create an artificial lagspike. If you kill the mob during that time, you would get the desired loot.

The counter to this is to spawn all monsters with the loot already determined serverside. In return, this requires the complete monster layout to be sent to you the moment you enter an area or you could suffer from random moster pop up during lagspikes.

Oh yeah, another quirk of my system would be that during a lagspike, your weapon would always deal the exact same damage since the random seed isn't updated. So maybe buffer a certain amount of seeds from the server?
 
FoxSpirit, Blizzard does not need to send anything loot-related to the client, only when it finally drops. It can even have a different (again, randomized or encrypted, whatever they choose to go with) method just for determining what item that would be (the same seed on different days can mean a different item drop, it does not matter to Blizz's server, but it messes up anything related client-side datamining :)

So a completely safe drop process would be something like this:
1) If the monster is dead (never before), and it died with checked/verified way, send the data that some kind of loot is coming.
2) Determine what kind of item the mob drops once it is killed (because Magic Find can mess it up)
3) Never show any data regarding mob's loot to the client. Never.
4) Show the client that an item is on the floor, numbered x on the client's item database.

So in our theoretical system - and that is what even the sites reported, that the loot is server-sided -, loot only appears when a monster is dead. Clients get monster position, monster behavior and monster attacks, but clients never get the monster's loot table. They do not ever need to. And I am pretty sure this was the very first principle in Blizz's office too. They are not dumb - quite the opposite.

So a client reports that you killed a monster. Server verifies it. Problem? DC. No issues: generate loot. Send item ID to client. Client never knows how you determined that item out of the monsters's hidden loot table.
 
The random seed doesn't need to be changed often, it's only the starting point for the random number generator. So once the client and server are synced in that regard, they can generate the same "random" results even though they have no connection to each other.

The fact that every player gets his own loot enforces the idea that the loot system is almost entirely server side.
 
Status
Not open for further replies.

Similar threads

Heroes of Newerth:Reborn Open Beta Trailer
6
259
Holammer replied
Battlefield 6 Beta |OT| Open Beta/Closed Weapons.
|OT|  63 64 65 66 67
3K
13K
bighugeguns replied
Arknights: Endfield - Beta Test II | Preview Thread
Opinion 
31
3K
.Xeno replied
Pillars of Eternity – Turn-Based Mode Beta Announcement Trailer
2
59
854
Mister Wolf replied
***KILLING FLOOR 3 CLOSED BETA***
0
418
simpatico replied
Top Bottom