Host is the authority?

[devomage]

* The Host is the authority (performs all physics, attacks, damage, movement, etc. Clients are not trusted)

I'm in the process of cleaning up combat.  At the moment I have the source tell the host "I hit player x".  Player x tells the host "player z hit me".  These form a result when the two match up and the host deals with the situation accordingly.

Is this the correct way of dealing with combat? 

How would the host authority deal with other things like movement?! 

Even attacks?  Ask the host, can I shoot?  Host says, "nope, no ammo!".  Seems like this would create a ton of lag for the host when dealing with a match of up to 48+ players.

TNManager.isHosting is useful for cases where you want to use the lowest ping player for something, such as AI logic, since you can transfer the host status to another player.

How do you find the lowest ping player and how often do you set it?

[cmifwdll]

That's one way of doing it, sure. I'd probably just run the hit detection on the host, though.

At some point, due to the way TNet works, you're going to have to give up security. Unless you rewrite the server to be a headless (-batchmode) Unity player, which is what I did, you're not going to have a 100% secure game.

With that in mind, the best advice to give is "do what feels natural and is easiest to work with". Aren always tells people to worry about cheaters when they come, and while I certainly wouldn't recommend doing that, it is worth knowing that other security options exist.

You can modify mono.dll to only load your files, you can obfuscate your code, encrypt your assemblies (modify mono to decrypt upon load), and pack mono.dll. Calculate checksums on all your files and verify that they match. With these changes in place you (almost) prevent 1. injecting assemblies into mono environment at runtime 2. modification of your assemblies. This would deter the vast majority of cheaters as most cheats for Unity games rely on mono injection or reflexIL (or mono.cecil, same effect).
At that point I'd probably start attacking the network communication, so it'd be worth encrypting all your packets and preferring TCP over UDP (hard to spoof those seq#).
Absolutely do not use that terrible "anti-cheat" asset for Unity that everyone uses. IT DOES NOTHING. It does less than nothing! Even if you obfuscate it, I'm going to be able to find it and disable it completely with minimal effort.

You can have the player send their ping to Target.All every X seconds (TNet3 might have this built in?). As for changing host, maybe only do that if the current host's ping is above a static limit? I guess, technically, the best choice for host would always be the client with the lowest ping to the server, since all packets must travel through the server anyway.

[ArenMook]

On a sidenote, I would love to have a discussion on how to prevent hacks (not cheaters -- hacks). Ie: how to properly prevent DLL injection, how to obfuscate code, etc. I know KSP obfuscates its code, so I'm sure it's doable, just not sure how badly that will mess with reflection that TNet needs. I am also not sure what program would do that with mono DLLs. Unity's answer on the topic was the superbly useless "don't do it", yet KSP does it and it's fine. I know the Anti-cheat toolkit is utterly useless from practice.

Ping checks are automatic. There is no need to send anything. Host is changed automatically when the current host leaves. You can also change the host to the lowest ping player yourself periodically (I do that in Windward).

As for the damage, that's really up to your game based on what feels right. In Windward, the damage is always done by the source (ie: whoever fired the cannons) mainly because of aesthetics. If I fire my weapon and I see it hit, I fully expect to see the enemy take damage. On hit, the player that fired the weapon send an RFC to the owner of the object that was hit, telling them to lower the HP by a specific amount. This ensures that all HP-altering packets go through one person (unit's tno.owner). When the HP altering packet arrives on the owner, he alters the HP locally and sends out an update to everyone else (assuming the HP has changed significantly enough or enough time has passed in order to avoid spam).