The cheater thing just makes me think of Rocket League. Every action you can take is handled server side and the game is so unique, so you literally can’t cheat in ways that would matter. You technically could have wallhacks; but there are no walls. You technically could have aimbots; but there’s no point to it.
I’ve never understood why any cheat detection can’t just be “this is the code we wrote, this is the code that all players must be running, and if any of it deviates from this, they’re cheating.” Is it just super hard to do? Is there a need for differences in the code to exist that could be used for something benign as well as cheating? But I also don’t necessarily know how the cheats work. Afaik, they are changing how the game runs as it’s running, which should be very noticable right? I mean obviously if it was that easy, someone would have done it so what’s really going on?
I can’t answer for Psionix, because… I don’t work for Psionix. But having worked on other projects, I can tell you that a fully-authoritative server (that’s the word you’re looking for, btw) is not the end-all-be-all of anticheat. Every game has different levels of mechanical complexity, logical complexity, and a myriad of other variables that factor into what type of architecture is used in online games, and that a fully-authoritative server not only isn’t feasible for all projects, but also isn’t a silver bullet against cheaters.
Now I’m curious what would still be possible to cheat in such an environment. Unless you are merely suggesting that the server itself could be hacked; I do understand that would end up being the target in this case.
So forgive me for not knowing the term, but there’s a type of attack that waits to send commands until after packets have been received whose data provides an advantage. For instance, a bot could simply wait until it receives the position of your opponent, calculate how far to turn the player to aim, then tell the server “I’ve moved the mouse in this vector”
A bit like playing rock-paper-scissors, but waiting until you opponent shows what they’ve chosen before making your own decision.
What’s going to tell if the client has been modified? The client, which has been modified…?
The server. Like how some games handle the hit detection client side (counter-strike) and others do it server side (battlefield). If everything was handled server side, the server should be able to detect modified clients and not permit them to even connect. This is basically how Blue Sentinel for Dark Souls 3 works. It’s a 3rd party anti-cheat that can detect modified clients and block them from connecting to you or vice versa if the client data doesn’t match up. This way you can only connect to vanilla clients if you’re playing vanilla or only to clients also running the mod you’re running.
And who tells the server that the client hasn’t been modified…?
But then you started to being in external solutions, which of course themselves could be modified, and you’re starting to answer your own question about why it’s pretty hard.