Authoritative Server FAQ

An Authoritative server is a setup where the client sends instructions/information to the server. Server verifies validates this, and updates the proxies and/or the client accordingly. For instance, a client tries to move 1000 m/s; however, the server knows the maximum velocity for the client is only 10 m/s. While the client, for a moment, may appear to move very far, they will be forced back into the correct position by the server. Authority over clients. Even if a player uses a hacked client to not allow the server to move them back to the correct position, the server's location will not reflect this. The hacked client will be out of sync and fairly ineffectual to use in this manner. How authoritative your server is depends on how you set everything up. It does not occur naturally unless you make it as such.

This model is well suited for competitive games where client play against other players, it may not be necessary for games with a co-op story mode, “horde” mode, etc.

Pros

  1. Client-side hacking is much harder (near impossible in most scenarios)
  2. It's clear who has the authority and that there is one 'state' of the world that is used for all clients.

Back To Top

Cons

  1. To avoid input delay you would need client-side prediction. This might be hard to implement in some scenarios and with certain game mechanics.
  2. The Server will need to do more calculation (it will need to process all data to get the output and confirm to the client); this could make Server hardware pricier.

By using an Authoritative Server you can prevent the most egregious hacks, such as flyhacks, noclip, invulnerability, etc which ruin the experience for everyone. For all the games on the list at the end of the page, if you search for cheats you will probably see “aimhacks” for FPS games, “scripts” for MOBAs, and “ESP” for all of the above. Although MOBAs usually don’t send data for what clients cannot see (ie you cannot hack the fog of war) there are all kinds of alerts and info that can be presented that are not usually apparent.

As always you can use anticheat to make it hard to cheat, but it will always be possible to cheat no matter what. Though encryption is pretty reliable. What you can do is narrow down what kind of cheats are possible, and this is done by making everything relevant to gameplay server-side.

If your game does not have competitive multiplayer you can then make it nonauthoritative. Each client instantiates their own player, replicates the values other players should see such as mecanim, health, using weapons/abilities, etc. You do not need to care about Bolt hitboxes/physics, commands, or assigning control.

Building an authoritative game is not simple, for this reason, we've compiled some notes to keep in mind when building one:

  1. Photon Bolt comes with a fully authoritative game sample for a shooting game (Advanced Tutorial). This includes client side prediction and lag compensation;
  2. Make sure clients are not able to instantiate entities using Bolt settings;
  3. Everything relevant to gameplay besides players should be server side, such as inventory, score, NPCs, player created objects in the world, etc.
  4. Nothing should be owned by the client, commands should not be able to dictate anything besides input, events that impact gameplay should not be sendable from client.

You read more about server auth:

Back To Top

Example Of Games That Uses A Server Authoritative

Most games are partially authoritative or not at all. Here is a short list with some of the games that use this technique:

  Games
Fully Authoritative
  • Counter Strike
  • Overwatch
  • World of Tanks
  • ARK
  • League of Legends
  • Dota 2
Mostly Non-Authoritative
  • Rust
  • The Division
  • The Forest
Deterministic Networking
  • Starcraft 2
  • Heroes of the Storm
  • Halo Reach (Coop)

PS: Deterministic is not supported by Photon Bolt, use Photon Quantum instead.

Back To Top

Dedicated Servers

Photon Bolt supports a variety of models when hosting a game server (described below) and you do not have to pick only one:

  Pros Cons
Official Servers That You Host
  • No host migration
  • More consistent player experience
  • Full serverside fidelity for instances, database, etc
  • Clients cannot see IP addresses of other clients
  • Costs money
  • Takes time to setup and administrate
Player Hosted Dedicated Servers
  • Same pros from official servers
  • You do not pay for the servers
  • Players can customize their servers
  • Owners of servers can be abusive to your players
  • Less flexibility serverside, cannot make an MMO for example
  • If server disappears player may lose all progress there
P2P (Listen Server)
  • Easy with Photon Cloud integration or Steam integration, they both have guaranteed connect and matchmaking
  • Cheaper than hosting dedicated servers
  • If a bunch of players want to play together, they can potentially do so with very low latency
  • Host migration, otherwise game ends and go back to menus
  • If host has bad internet or hardware there will be issues
  • The player acting as the host can cheat bypassing your server authority, as they are the server
  • Host player can see IP of every client

If you want to use a relay server, Bolt comes with the Photon Cloud support, which integrates Bolt with Photon services. This does matchmaking and LoadBalancing. You can also use Gamelift, Playfab, or another service.

Example of games that apply these models:

  Games
Official Dedicated Servers
  • World of Warcraft
  • World of Tanks
  • Rocket League
  • Dota 2
  • League of Legends
  • Aftercharge
  • Overwatch
  • PUBG
Player Hosted Dedicated Servers
  • CSGO
  • Rust
  • ARK
  • DayZ
  • Conan Exiles
  • Minecraft (also P2P mode)
P2P (Listen Server)
  • Halo Reach (host migration)
  • Destiny (hybrid P2P and server client with “constant” host migration”)
  • For Honor (host migration)
  • Ghost Recon Wildlands
  • Dark Souls Franchise
  • Call of Duty Franchise
  • The Forest
  • Zombie Vikings
  • Knight Squad

To Document Top