> > >I understand this would put a large strain on the server, but we need >something in place to ensure people aren't altering their clients to cheat. > > Steve and I have talked about this a bit and we've concluded that the risk (being Open Source) of being very easily hacked is too great for us to trust the clients about anything. We have two choices: (1) who cares about security, let's just be friends, or (2) watch everything the player does. (1) would be easy and we could be done really fast, but people will hate us for it down the road if we go that way. For (2), the server must simulate everything during battles. That include projectiles, sword swings, character movement, and everything. As Steve mentioned, if things are off by even a little, and it's someone else's fault, people will freak out. So we have to make sure that if someone gets screwed by lag, it's you getting screwed by your own lag. The character stats, inventory and money all need to be stored at the server. Any transactions that player may perform must go through the server. In this way, the server is like a database server, and no data is stored locally on the client. That said, a temporary copy of the character data is stored on the client, but if this doesn't match the server, the server data always takes precedence. The client will simulate non-essential physics such as movement of the player character and objects the character sets in motion. For instance, if the PC kicks a rock, the rock will move and be simulated on the client. However, the server will check the position updates periodically to make sure nothing funny happens (such as a teleport). Any thoughts? Other than "Oh, that requires too much server processing time." Obviously that's a concern, but let's just talk about how it should work first, then worry about the implementation. Darryl