Amitt Mahajan discusses techniques and strategies for developing client/server architecture that is game-code agnostic.

1. Ditching the Server
How to create client-side only social games
Amitt Mahajan (@amittm)
Founder/CEO, Red Hot Labs

2. My Background
• Co-creator/Lead Developer
– FarmVille
– ExampleVille: Zynga’s game engine & framework
• CTO, Zynga Japan
– Develop mobile games for the Japanese market
• Developer, Unreal Engine/Gears of War
GDC2013 • @amittm 2

3. Client/Server Replication
• Client replicates commands to the server
– Mostly async, non-blocking, operations
• Server validates commands to prevent cheating
– Success: Update DB; Failure: Out-of-sync error
GDC2013 • @amittm 3

4. Client/Server Implementation
• Client-side code: ActionScript, Obj-C, Java, JS
• Server-side code: PHP, Ruby, C, JS
• Data storage: Relational DB, NoSQL, iCloud
• Communication via REST calls
GDC2013 • @amittm 4

5. The Problem
• Write code twice, maintain 2 codebases
• Server state needs to be in sync: leads to out-of-sync
errors
• Provision servers & deploy code for each game
• Game teams and server ops teams tightly integrated
• Complicated, hard-to-port, game-specific network code
GDC2013 • @amittm 5

6. Proposal: Client-only validation
• All game logic lives with client-code
• Trust player client state
• Server is a dumb-pipe to store data
• Use automatic validation to lazy check state
GDC2013 • @amittm 6

7. Benefits
• Split creating games from running server operations
• Reuse infrastructure in several games and platforms
• Better utilize server resources with reduced complexity
• Reduce development time and errors
• Reduce out-of-sync errors, potentially better for mobile
GDC2013 • @amittm 7

8. Limitations
• Prior server controlled variables are now insecure
• Player-to-player interactions made insecure
• Potentially complicated validation mechanisms
• Global leaderboards / ladders easily manipulated
GDC2013 • @amittm 8

9. Data Storage
• Schema-less DB offers greatest flexibility (e.g.
NoSQL)
• Object-based schema keyed using class-name and id
• Server does not validate data but keeps track of
properties
• Objects can have references to other objects
GDC2013 • @amittm 9

10. Example Object
{
_className:“User”,
_id: 25,
_acl: {“read”:”global”,”write”:[25]},
_version: 3,
level: 4,
coins:76,
games:[{_className:”Game”,id:45},{_className:”Game”,id:34}]
}
GDC2013 • @amittm 10

11. Example API
• Object.get(className, id)
– Returns object data based on className and Id
• Object.set(className, id, data)
– Sets data for an object
• Object.acls(newAcls)
– Changes the access permissions for an object
GDC2013 • @amittm 11

12. Data Security
• ObjectAccess-Control-Layer (ACL) system
• Permissions granted using access tokens
• Versioning / Conflict-resolution
GDC2013 • @amittm 12

13. Uses for ACLs
• Private or read-only user data
• Shared game state or game objects
• Static, developer-defined, game data
GDC2013 • @amittm 13

14. Example: AccessTokens
GDC2013 • @amittm 14
Client API
Server
1. Login using email/pass
2. Return AccessToken
3. Request game object with token
5. Return requested object
4.Verify access
token grants
permission
SPECIFICALLY to
requested object

15. AccessToken Levels
GDC2013 • @amittm 15
Access Token Level
None • No or invalid access token provided
• User only has access to global objects
User • User logged-in / authenticated
• User can access objects owned by their user ID
System
• Secret/private access token
• Game developer usage only
• Can modify any object on the server

16. Impact on Game Design
• Trust is now a consideration in game-design
• Some game-styles will not be possible without
additional validation
• May limit creativity of game mechanics in certain
cases
GDC2013 • @amittm 16

17. Best Use Cases
• Asynchronous is the intended use case
• Single player games that require cloud storage
– Plants vs. Zombies, Angry Birds
• Single player w/ multiplayer component
– FarmVille, Sims Social
• Limited PvP games
– Words with Friends, Draw Something
GDC2013 • @amittm 17

18. Cheating
• Modification of player stats/state
• Generating favorable outcomes
• Could potentially hurt revenue
• Non-technical players can cheat with tools
GDC2013 • @amittm 18

19. ValidationTechniques
• Analytics
• Secure token and separate service
• Unified scripting language
GDC2013 • @amittm 19

20. Example: How to hack XP
1. Player uses a proxy to examine network calls
2. Figures out what a save call looks like
3. Modifies game state to desired result
4. Executes a save call with modified state
Note:This isTRIVIAL and a big hole!
GDC2013 • @amittm 20

21. Example: Preventing XP Hacking
• Developer marks XP field in an object as being “rate-limited” or
“important”
• User modifies their local XP value
• On post-object-save:
– Store historical values of field
– Standard deviation rate of change flags account for manual review
– Tweak thresholds for false-positives
GDC2013 • @amittm 21

22. Example: XP delta over time
GDC2013 • @amittm 22
0
200
400
600
800
1000
1200
Day 0 Day 4 Day 8 Day 12 Day 16 Day 20
Suspicious spike outside
acceptable range,
flag account

23. Production Case: Bingo Blast!
• Head-to-head & solo game for iOS/Android
• Shared game objects
• Game requests / messages
• In-app purchases
• No server work required
GDC2013 • @amittm 23

24. Conclusion
• There is no one-size-fits all solution
• Server-side validation is good for absolute cheat
prevention and is proven to work
• Client-only validation provides performance boost, less
errors, and development time reduction at cost of security
• Automatic validation non-trivial and will improve over time
GDC2013 • @amittm 24

25. Thank you!
Email: amitt@redhotlabs.com
Twitter: @amittm
Web: amitt.com / redhotlabs.com
GDC2013 • @amittm 25