AntiCheat
If a new anti cheat was supposedly released to the market.
What would you guys look for to make it an ideal anticheat? What features you use in an anticheat or like in anti cheats?
1767 Replies
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close
!close
!solved
!answered
Requested by haloslol#0
i'm getting certain hints here... xD
well
good performance
decent checks
discord (webhook or bot) integration would be nice (if with a bot possibly option to hook into discordSRV)
low false positives
Discord alerts is a good QOL feature
Performance is pretty important in my opinion but you gotta balance it with checks
well
grim and/or vulcan have decent checks for decent perf
those are the two main anticheats imo
Yeah, they built there anti cheat well.
Compared to other solutions
Dear fuck let it have GitOps support.
LOL
yes
Whats this?
Im not very code savy
GitOps is a process you can use for automating software dev and IaC.
The gist is you write config to Git and push it to a system, the system is then brought into the state defined in Git.
O
U learned how to use github a month ago or so.
Updating servers becomes a matter of push to Github. What this means is you can scale config updates across thousands of servers instead of having to setup some kind of stupid bullshit script to clone the config or do it manually.
I made a org and thats it
O auto update configs?
Yep.
Gotcha, will note that down.
The AC would just stare at the Git repo for changes and pull them and refresh when something new gets pushed to whatever branch.
Yeah, thats good
Ikr.
Easy to implement
And nobody ever wants to do fucking GitOps anyway.
>:(
I assume
Yeah not hard at all.
No problem.
have you ever actually implemented gitops into smth
just curious
Get a Git application key, repo, branch details, then instruct it to look at a folder structure.
Yep.
My current Kube cluster protoype is fully GitOps driven.
yeah but doesnt kube have gitops support in some way
Well not yet. I'm working on making it work with Terraform and MaaS.
The best of cloud-native delivered in minutes instead of months
Kubefirst is a fully-automated open source application delivery and infrastructure management gitops platform providing you with the best cloud-native tools in a single command.
Well yeah. GitOps is how you do any scaling system.
ArgoCD is the big one.
It will use a loader to auto update the jar
Implementation for a auto update config sys should not be a problem.
<3
Oh and please make the framework for the mod a microservices one.
Huh
theres no mod
I mean bro is taking notes very specifically to obviously do something.
Can't imagine what it'd be if not making a mod.
yeah a plugin
Do you guys think ML is viable in an anti cheat?
Yeah yeah whatever. Plugins and mods are functionally the same shit if you do it right.
I know lots of anti cheats mostly cap with claiming ML works like matirix
ML is viable kinda.
My developer told me a way we can make the ML more accurate and better for servers.
Its just lots of data collection on our end.
But for microservices? Let me explain.
Have a base framework that only serves to load as a plugin, and another that loads as a mod. These take the required config and microservice for whatever platform they're on.
The microservice is API driven so it's easily ported. You write a microservice to do a task, (find people using wallhacks), and then API abstract it so it's ported by changing the framework instead of the microservice.
Means that you can write a really good thing and put it near anywhere with minimal extra work.
Never mind that it works with anything you can turn into a microservice, not just anticheat.
It also makes your work extremely extensible. Want more functionality? Another microservice.
Hell, you can even have the framework download microservices so it's an install once update anywhere type of deal.
Mini docker. :sheyes:
honestly auto update config would definitely be considerably more annoying to implement than using a loader
The loader is very easy as we made a global loader for all our products so all we need to do is attach the api we have.
Il have to talk to my developer on the config updater but he can legit do any plugin and any java project. So should not be a challenge.
its not hard just more annoying
Yeah
We are still coding the base so it should be no problem.
imo ur real difficulty is bringing more value than other options
Yeah, for sure.
Thats what my thread was here for.
See what others want. Im definitely gonna have more QOL features as not many anti cheats do lots of that.
But then again there all busy doing checks
even just coming up with checks or maintaining them can take a lot of time tho ofc
also the fact is, a majority run a few x amount of anticheats, getting them to switch aint gonna be easy, when they already have paid x amount/already have their own setup
making checks and fixing bypasses and not burning dev time doing so is hard
maybe config migration?
Yes, so Im trying to make it the ultimate anti cheat that I can charge a recurring price.
Im not 100% on the price cause we have not done the checks yet. If Its extremely good I will, cause as you said time is taken to maintain.
But only if its like top tier level better then all anti cheats no questions.
which is gonna be hard
with so much progress over the years
Do you mean the ability to configure like how the setbacks workv
knowledge etc
Yup
competing with other recurring products like polar will definitely be a task
well punishment, flag amount etc
Yeah.
also why wouldnt polar just add your features?
Yeah, no worries I wrote all the configs recently and have plenty of configuration.
well
migration from other anticheats
when you add them, similar features can be added to polar if its mostly just QOL
Thats the thing that may happen.
and your market share is basically 0
Yeah, polar does not have many QOL features and I was thinking of improving on that.
My dev had a good idea with the ML and AI checks.
you would have to get a few big servers to use it, but then you have the issue of getting them onboard, and them risking their servers playerbase, because too much hacking especially in a competitive gamemode can kill engagement
Which is apparently possible if wr code our own AI and train it
polar already has ML checks iirc
having a good idea, and knowing how to properly implement it
are two different things
how much experience with anticheats does your dev even have?
Yeah, convincing people to switch from the solution they have now is a worry. But I think if I market it right and show off the correct features we should be fine.
A good amount. He used to code private ACs.
showing those features off can also just kill your product
doesnt mean they were good tbh, even giant servers use off the shelf solutions
Ey, rn just focusing on development.
Yeah, Il let you know how it goes. But thanks for your guys input.
Il definitely expand on this.
also remember to take into account the cost of hosting the ML infrastructure yourself
Yeah lol
Lots of data
We obviously have tones of testing to do do before we go live. Im going to be using it on my personal server once its considered production ready and see how it performs.
Tbh I see a microservice architecture as a huge win.
Anticheat isn't exactly the most cheap thing to run, being able to strip parts of the mod out that you don't even need would be really valuable in minigame situations.
make it a plugin and fabric + forge mod :TrollDespair:
Folia support
i mean that would definitely be added value
folia support is definitely a must have
I suggested using a framework design earlier for this very purpose. Framework for every individual thing, microservices don't need to change other than being able to run on it.
bedrock support would be hella good but hell to implement
From what I understand its just udp packets to listen for
yeah if ur charging for a monthly ac and didnt have folia then thats kinda dumb
yup
Does polar support folia?
its also they have their own movement and physics
probably
no idea
Isn't Polar mega expensive or something?
so their own checks
Like can be 50 a month I think
monthly
Ah.
halos also wants to be monthly
Im only gonna have one plan for monthly
They do like server limits and shit
were comparing his stuff to polar because thats who hes tryna compete with
If I end up doing a SaaS
Polar doesn’t support folia
I may not, if its not that good.
damn really?
Welp time to take out polar.
from the looks of it yeah
Compatibility | Polar
This page lists known compatible, incompatible and unsupported 3rd party software.
What if you did a modular framework as your base mod and just had it autodownload modules from Git repos based on what the user wants.
Charge per module per month.
Eh yeah. Idk Il prob just make it one jumbo
A bedrock anti cheat is def needed tho. Themis is not cutting it.
¯\_(ツ)_/¯
Can we get Fabric support though?
Dont even get me started on spartan bedrock lmao
No anticheats on Fabric rn.
Really?
well it almost definitely wouldnt download from git
Nothing good.
Literally none.
Dam
Well there's one and it's bad.
forge as well iirc
but forge sucks
Fabric support tho?
Yes?
Simple guys to make an anti cheat
Super easy steps
easier said than done
lol
Speaking of things being done, BinarySearchinator where? :sheyes:
lmao yeah 5 steps
very simple
O I know.
:lolbye:
Biometric player ids
I got distracted with porting Parkertron to js
Its possible apparently
i saw a post online abt that kinda thing
It can detect alt accounts, or people joining on a diffrent account
By req there movement patterns and sens and other things they do.
that
would be a fantastic feature
interesting as to how you’d implement it though
ok easy false ban tool
sounds like bs
literally follow someone
God why? It's already written in Go. :husk:
copy their movements
Lol
kek
It does sound like the ultimate false ban tool
why not? xd
You did a language downgrade. :LUL:
Stuff like that would never be accurate
For now
a mod could easily clone another players movement
Cause there is not many diffrent movements you can make that makes you diffrent from another player
Yeah
I mean you could always limit it to only actually banning if they were on the same IP
But then
That would defeat the point
yup
You would know its them if they are on the same ip
"my little brother moves the same way as me and got me banned :(((("
no
O a vpn
imagine cgnatting and playing the same game
:OMEGALUL:
your neighbour plays a servre
exactly
you try and join "Already logged in from this IP"
Fair fair
ip bans are getting progressively worse
"Damn this IP is sus as fuck, it's playing a lot of accounts, must be a bot farm smh my head"
heh
osrs doesnt chain ban
i like it
but:
- would be nice if you could keep me / us up to date on this; seems very promising
If you’re planning on fabric support? DEFINITELY keep me up to date lol
Ban IPv4 entirely and ban IPv6 GUAs. :weSmart:
waiting for my he ipv6 shirt 😭
Fabric support would legit net you so much money. :Kek:
Easy thing to ban all hackers. /whitelist on
Then no more hackers
ikr?
I have been forever wanting such things
we need a mass porting of plugins to modded
gl!
Go on Skullian. Port Multiverse Core.
(Don't actually.)
god no
nah
myworlds
atleast
I’d rather port myworlds or phantom worlds (iirc that’s the name)
and also I should probably finish binary searchinator…
before moving onto anything else
I’ve been procrastinating busy for ages
Honestly? I wouldn't bother with a multiworld mod.
Idk, been thinking about it more and a MicroMC server makes more sense.
NEBULACORE
:lolbye:
:lolbye: :lolbye:
:lolbye:
:lolbye:
Please do. I keep needing it. :LUL:
modded is such a pain to dev for ngl
I have another thing that will 100% work, it will basicly instant detect clients like vape injected into lunar or modified lunar clients.
yup
not worth it for me when i dont even like modded
And yet like... all of the good shit is on modded. :THONK:
To be fair this feels like a skill issue where everyone is so used to working with crippled software that when they look at a real API they go 'holy shit'.
you call it good shit
i dont like modded
There is also a way to get what mods a client is using
If using fabric clients
yes but i can't remember
i think
Taste is taste. :p
Our opinions don't define if something is good or not.
I gotta read into the fabric client api again
absolutely
enjoy!
DOES THIS MEAN FABRIC ANTICHEAT?!?!!?!?!?!?
:crazyeyes:
but yeah its just more of a pain and i wouldnt even want to use it
Nah thats for paper servers thing, Il have to see how complex it would be if we supported fabric servers.
I barely know how fabric servers work so me providing support via discord I would have no idea whats going on
porting to fabric would require a major rewrite
Why not? Nothing says you have to install content mods. Just... don't do that lmfao.
You can do purely serversided if you want to.
Well, I can tell you there's about 300 Fabric servers that'd want anticheat.
Just off the top of my head.
Il check with my dev if its possible
I mean it's a market completely void of a working solution.
Better pickings there could not be.
and then its just a more inconvenient dev experience for mostly no gain
Not really. If you want vanilla, play vanilla.
If you want vanilla+ you can do it easily without fucking Oraxen or ItemsAdder.
If you want patches for the client to improve performance? You can do that too.
:bonk_frog: when universefabric
Yeah, I would need to test fabric almost every update.
I have no idea how to run a fabric server just paper servers tbh is all I work with.
stating a fabric server is relatively simple
installing the server is simple
the development environment, not so much but you can use the template generator from fabric
Gotcha
if you need a hand just post here or dm me lol
we’re all always happy to help
Ugh, Root as proven that Plan is not optimal for servers.
But some sort of sys like that that says if the player is a hacker may be good.
it's good
and how is it not optimal?
Idk he explaind it a while ago
I gotta ask him about it again
opinions on a grafana integration for the anticheat :LUL: @AeonRemnant
Grafana would be nice.
Tracking bans, false flags, all this good stuff.
yup!
what was that one Minecraft dashboard that had grafana integration
I can never find it
honestly the whole root against plan i dont understand
havent gotten any actual evidence or proof
what server is this on lmao
bloom
oh
@Justin123 doesnt chickencraft still use plan? how is it for you guys
performancw ise
Ah old jackg
The g him self jackg
I was helping him optimzie his server, cause root was not avaible or something.
He was actually the client having the iops rate limit I was talking about on pufferfish root told me he needs to move to his own box. But he moved to bloom and lots of those issues fixed.
This checks.
Plan not needing to exist on backend servers would indeed increase perf because there’s less stuff going on.
Obvs.
Performance wise its not too good, not sure whether it's plan serving stuff slow (by the big amount of data), or whether it's cloudflare. We have it on all backends but are using it less than before
Plan is horrible 😭
They have somewhat AFK module that basically kills the server performance
oh interesting
Grafana Labs
Grafana Cloud | Observability platform overview
Fully managed cloud observability platform built on the open source projects Grafana, Mimir, Loki, and Tempo. Start your free trial.
He means this. https://github.com/Cubxity/UnifiedMetrics
GitHub
GitHub - Cubxity/UnifiedMetrics: Fully-featured metrics collection ...
Fully-featured metrics collection agent for Minecraft servers. Supports Prometheus and InfluxDB. Dashboard included out-of-box. - Cubxity/UnifiedMetrics
i wouldnt call plan horrible. plan is perfect for smaller to mid-sized servers with how simple it is to setup, (quite literally plug and play). That being said, putting effort into learning unified metrics and grafana will be an extremely better tool to have in your belt if you want to start getting to the big leagues
From what people told me plan is not optimal, I used to use plan a long time ago way back when I ran a small server.
no, this can be done with any anticheat if you do your containers right
If was the operative word in that sentence. :LUL:
ok so do your containers right then
I find most people can't use Docker Compose right, let alone setup IaC and GitOps with containers like you should.
It's a half solution to integrate it into a mod, but it makes something that most will never touch into viable.
99.99% of people aren't using kube for their servers
I was talking about Docker Swarm. :LUL:
then anyone who does probably does it right if they're hitting the scale that makes kube for mc viable
I mean yeah, but I don't see why everyone else should be left out of the fun when it's viable to add it into a mod instead. :p
Very few times has anyone delved far enough into something like Kube to be viable without some kind of amazement at what can be done.
No better way to get people excited than to let them do something cool.
but if you're hitting the point where you need kube, you're already going to setup your docker containers to come in from your cicd in a way where this already works
I don't see this benefiting anyone
nor would I want the server to download the config, I'll just bake it into my docker container when running kube
Again, not talking about Kube.
I'm talking about people that want to run in Ptero or through barebones Docker.
If you're on ptero it's a single instance as is, who is benefiting?..
same with bare bones docker
This doesn't hard require that you scale.
GitOps can be useful for simply editing config without rebooting the server or having to SSH/terminal.
You still need to reboot?
And if you have a ptero panel, you'd just open the flat file config
Why would you need to reboot? You can absolutely write mods to accept new config safely without rebooting.
Maybe for bare bones docker but at that point just get a web panel to access ftp
How are you sending commands without sshing in
Uhhh.
GitOps watches a repo automatically and grabs it, that's kinda the point.
yes, or use the ptero web panel / ftp web panel
Or I can whip open my IDE, change 3 values and have my server update without me having to move files around.
or open the web panel, change 3 values and have your server update without having to move files around
Hell, I don't even need to do that. I tell the AC to track
HEAD and it'll always grab the most up to date compatible version of the checks.
Exploit happens? Well, Halos fixes it and I don't even need to patch anything, it just works.It's not going to be open source?
It wouldn't need to be.
to redownload the jar and reload at runtime then?..
are we talking about the actual anticheat itself
Yep.
Think about it.
Make each check an isolated jar that tries to hook into the framework via API.
The framework grabs the new jar, renames the old one, then reloads and resumes like nothing happened.
If any error occurs it warns the admin and resumes using the old jar.
no, id never want that, that sounds awful
Elaborate your thoughts.
Id never want to risk having the anticheat fuck up from a hot reload
Most anticheats are not hot reloadable
Nor would I ever want to risk it
Esp in prod
You could absolutely design it to be hot reloadable, just like you can design any mod or plugin to be.
It just needs to be done with intent.
Are you going to put your faith into a closed source software then?
Am I paying for support and an SLA?
not a chance this is under an actual company nor comes with an SLA
@Halos you offer SLA 's
?
Then no, I'd want source opened to me as a customer.
But if Halos wants to provide an SLA then yes I would.
yeah I just don't see that happening
Iirc he did mention being interested in starting a business earlier, so it might.
No way of telling.
Most anticheats that are good go with the security through obscurity methodology for good reason
Ie: polar
I don't see any decent anticheat ever giving source
I mean neither do I.
nor an SLA, this isn't like getting an SLA with mongo
But let's be completely honest, a decent AC is going to come with some kind of guarantee of support because if it doesn't have one then it dies to Polar.
There's no way around support if you're closing source.
Well yes you're getting support, provided with your license
Most anticheats will lock down what you can do with jvm flags & the jvm though
Honestly so long as the support is pretty good I'd actually be fine with it.
Only so much you can ask without a professional SLA.
I don't see them allowing you to hot reload your jar
¯\_(ツ)_/¯
Agree to disagree, it's doable as far as software goes and provides a nice feature lots of people underestimate.
@Halos do you allow hot reloading if your jar
There is no jar yet.
I'm aware
Have you seen polar tos?
Ah. Thought you might've joined late. Sorry I'm a bit tired.
no all good
For context I've been talking to halo about his ac before this thread was made
Oh yeah I'm not a fan of Polar's TOS.
I get it, but seriously fuck the fuck off with obstructive TOS, I need to work.
My view is if you're going to obstruct what I can do and say to others then you'd best be ready to give me in house support for what you restrict.
Polar is halfway decent at it, Astro is trash.
It's a feature for very niche users that when you are doing that niche setup can be completely made obsolete by just setting up your containers properly (which anyone who knows how to do the niche setup in the first place will)
I don't see anyone benefiting from it
I kinda get it just cause they need to keep their trade secrets, having those out will harm the quality of the product significantly
not that I like it
Vulcan is more open with a nicer tos & that nicer tos has let cheaters make Vulcan bypasses
Setting containers properly for actual CI/CD is beyond the realm of most people. I don't see a good reason to restrict the benefits of GitOps because you're not smart enough to use Kube.
Like if you aren't using CI/CD pipelines and several tools to handle updating servers then you're hard in a shit decision to pick.
Or alternatively we have the mod reload itself so I don't even have to do CI/CD, much less reboot the server.
So is running their server in docker standalone mode, if you're going that far then you can already do the rest
Yeah no that's insane.
Also, can be done with GitHub actions
You don't need a cicd server yourself
Itzg has put a LOT of work into making his images easy to run with excellent documentation.
You're overestimating the ability of most people in this space. They can work basic Git, they cannot do a CI/CD pipeline, much less Docker Images.
then they aren't going to make a server using docker images & probably will do it via ptero instead
My point wasn't that people will do that, my point was if you can then aren't going to not go the full mile
Right, so hear me out.
Install server in Ptero -> install AC -> setup their config in Git according to docs -> AC automagically pulls new config and updates if needed, this is a far cry from the complexity of doing this in the traditionally correct way.mhm
And again, it means you can change config without rebooting and you can do it in a safe way. For a server that tries to be online 100% of the time this is invaluable.
Plugman is only shit because it tries taking a standard approach for things that were never designed to take that standard approach. If you bake it into your mod then there's no issues.
Shit, we use IaC and dev tools to patch new CVEs as they happen, why should minecraft be exempt from such benefits?
Sure in theory you can hot reload your jar but holy fuck id never do it in prod.
Right, which is why we have --dry-run.
yes sure but when actually putting pen to paper I'd still take the current approach of what hypixel & others do where I do rolling restarts
And hell, let's say I 1:1 duplicate my prod server as a dev server, test my work there, then import it to prod.
I'm still removing ever having to reboot my server which is a benefit CI/CD pipelines won't give you.
And never mind the implication that if anything goes wrong it should go down instead of self healing.
When was this decided and by who? The committee of stupid? Why can MC servers not self heal? That is not new code.
Shit out of any kind of mod I'd want with this capability more than any others it'd be anticheat.
Hot removing exploits? Self healing broken config? Sign me the fuck up for those safety features.
ok let's take log4j for example where the user can exploit RCE
Righto.
I don't care if I can hot patch it, I'm taking prod down to ensure that shit is properly patched
I'm not risking shit when it comes to a rce
10/10 times I'm taking the safe option where I don't get 100% uptime
And my solution for that is when an RCE is located it puts everything into temporary read only and shuts things down and alerts any staff with priv.
There's ways around RCEs being problems, and the implications of an RCE mean things go down.
Edge cases are edge cases. I'd rather have automatic patching with RCE shutdown versus no automatic patching and me having to be awake whenever an RCE happens so I can safely shutdown.
you have way too much faith in the mc source, id never trust automatic patching of plugins
nor having an anticheat auto update
I've already had that shit happen & break my server
Don't assume things. I have no faith whatsoever in the MC source code.
What I do have faith in is properly designed programs that can handle themselves, not the MC code that likes to implode.
I've experienced loader based anticheats loading bad builds that don't error but do funky things such as give God apples the wrong potion effects & shit
How do you want to detect that
I don't have faith in my loader based anticheat not breaking my server as is and you want to hot reload it? A private closed source project nevertheless
This isn't a public piece of software such as updating a Linux depend which goes through several rounds of code review & public scrutiny & has a release cycle
Honestly? Don't do autopatching where it matters or put in delays to wait for errors or manual intervention.
You're saying a lot of things that really don't mean all that much because it's not going against the point of 'safe refresh without reboot' as we can test these things in dev.
Say we literally never hot patch automatically in prod, fine.
What we can do is confirm a patch in dev and then reload it into prod to avoid any downtime.
And yeah yeah, rolling reboots, I know.
That's only viable when you have enough servers to do that.
Are you going to test every use case (how likely are you to check if gapple are working) in dev before pushing to prod
Which if you're at the scale where this matters, you do
Hoplite, mcci, hypixel, origin realms
And yet I don't see a good reason to lock actually nice features behind 'should have been bigger, idiot'.
Is literally anyone if they aren't biggest of the big? No.
That point doesn't even hold water because it's not a standard outside of enterprise in this cursed space.
No, it more comes from my internal dev cost vs impact counter not lining up
Anyone who this would actually impact has the resources to make it themselves without your intervention
The feature itself would be nice
It doesn't make sense to actually add
Probably just a difference in philosophy then. I enjoy making good features more available and innovating.
I don't enjoy locking everything good behing 'should have been bigger, dumbass' or 'no money? Shame, idiot'.
(which is kind of irrelevant because it's not my choice to add)
Yeah if you're running a 60 server cluster you can do rolling updates and then it doesn't matter.
Guess what? That's rare.
Why should higher uptime be limited to the big guys and not everyone that wants a server with their mates or a small public server?
Seems unfair to me that they don't even get the choice.
fuck wait now we're going in circles
And y'know what? If I'm writing a program that'll get used by thousands of people, my personal dev time is less important than bringing something special to thousands of people, even if it's a small gesture in the grand scheme.
It's the little details that breathe life into a project, it's why I do stuff. Maybe that doesn't translate and I'm too hopeful, fuck knows.
We just have different perspectives & are coming from different places xd
My perspective is years of clawing my way up an unforgiving tech stack, trying to achieve greater projects and being kicked down by 'oh but you cannot use this properly'.
I didn't care then and I don't care now. Share the damned tech.
You put like 3 extra days into the project? Cool, given the sheer absence of a Fabric anticheat and the amount of people looking for something better in spigot that 3 whole days you spent is going to get appreciated by a whole fuckload of people.
I think there was a comment in the vulcan server about a fabric ac
fabric ac would be cool to see
People that literally, technologically get prohibited from doing it properly. Be it money, playerbase, skill, or licenses.
How is that fair and in what world should I or anyone else tolerate that state of our software? No world.
Always get a little riled up at this topic.
unrelated note, good interview https://www.youtube.com/watch?v=UBXXw2JSloo
ThePrimeTime
YouTube
I Interviewed Uncle Bob
Recorded live on twitch, GET IN
Uncle Bob
https://x.com/unclebobmartin
http://cleancoder.com/register
My Stream
https://twitch.tv/ThePrimeagen
Best Way To Support Me
Become a backend engineer. Its my favorite site
https://boot.dev/?promo=PRIMEYT
This is also the best way to support me is to support yourself becoming a better ba...
Everyone always wants to drag innovation down. "Oh you don't need this feature, enterprise already does it", "Yeah but will you really need it?", "Are you even smart enough to use it?".
That bullshit tires me.
This guy has some wild vibes, wot?
bob or prime?
Bob.
idk much about the guy other than he wrote the clean code shit, I just like the interview itself & dont get weird vibes from it
Bob is an actual chad, ngl.
He did all the langs fr.
yeah the interview is great, thought provoking conversation
This guy has some "I was there when it was written" vibes going on.
Tbh he probably did write a lot of the old stuff.
well tbf, he was there when it was written
:LUL:
he did infact write a lot of the old stuff
his name is on the clean code manifesto
Oh. :LUL:
:kekW:
bro has written assembly in prod
That's one fuckoff scary landmine to be flirting with.
& cobol 😨
I'll take the COBOL over ASM fr.
What in the fuck... functional languages are bizarre to read.
I keep hearing that if you wanna get super high pay to do COBOL but I got recommended a COBOL job listing recently at a University & it wasn't even great pay
Any fictional language can be OOP if you try hard enough
COBOL at banks is where the money is at.
ah that'll be why
Universities are clearly the cheap ones then
Go high in that stack and they'll pay you absurd amounts of money to guarantee it stays online.
Like... 2 million a year to always be near a PC and available to repair broken shit.
Seconds of a bank being offline eclipses your salary for a decade.
sounds about right
What the fuck is this. https://fable.io/
Jesus Christ
Some kind of F# weird ass functional language to fucking javascript conversion?
Why the hell does this exist?
waiting on my c to JavaScript converter
:husk:
a quick Google search disappointed me
CodeConvert AI - Convert code with a click of a button
Convert code from one programming language to another in just a click of a button.
...
Why does this exist?
because you need to convert your backend to node? Idm
Idk
Bruh.
Please no.
Wait just one fucking minute here.
F# is Microsoft. :THONK:
oh lord
What is F# trying to clone
Microsoft
F# Tutorial | Hello World in 5 minutes | .NET
Step-by-step instructions and videos for installing .NET and building your first Hello World F# application. Develop with free tools for Linux, macOS, and Windows.
I might need to learn C# actually
Python by the looks of it...?
I have no idea.
oh well
can't wait for the Microsoft rust clone
R#?
Well, Discord supports F# formatting.
Not on mobile
Ah. :LUL:
But yeah that's apparently an implicit entry point code.
MS was really drinking the stupid juice when making dotnet.
lots of business rely on it though which was kind of the goal
Touché.
Anyways, gtg, good argument, same time tomorrow?
Always. :LUL:
the entirety of syscraft calls his server cursed
meh
it shouldn't be heavy on the server
atleast after tweaking it
Hey casper! Like do you mean reloading the config?
Ik lol
I see how you feel about those 2 anti cheats. Polar support is not the best. For my other plugins I legit do better support then them and only need to pay once.
If i was charging monthly I would be ontop of every ticket lmao
I could make a company I just turned 18
no, downloading a new jar at runtime, unloading the existing jar and loading in the new one
like plugman unload & loading the jar
are you offering an SLA tho
one thing:
please don’t do an Astro (iirc) where it prohibits you from putting any indication of the plugin in logs that you share xd
imagine offering an SLA
if your product is unusable for %200 of the billing period you are eligible for a 1000x refund in robux
they're not wrong to do that tho
Everyone knows pika runs polar so they'll develop their cheats off pika
fair enough
wym, what do you want to do which is obstructed?
also Halos I noticed that you said it would be only one monthly plan.. but also that it was SaaS. That means that the big servers and small servers are paying the same, but the big servers will be using 3-4x more resources, while not paying that much. for SaaS, you should try to make it cheap for normal people, and an appropriate amount for those who will use most of your resources
aka, the polar pricing.
otherwise you're going to be paying out for the big servers and not gaining much of a profit from them as you would if it was relative to their usage
Take Astro as an example. I cannot send anyone spark reports if I have their AC installed.
Polar is less bad, but they have restrictions on how I’m able to configure my server and what I can show publicly.
This gives me hope.
I wont be strict like that. But we will offer a plugin renamer and command renamer so you can hide the ac if you want
What is SLA never heard that term before?
The jar its self most likely not gonna reload like that. I don’t know why you would want to do that tho, but the config will reload.
Im still working out how we will do pricing as the checks are not done yet, so depending how good my developer does Il choose between monthly or one time. I am aiming for monthly and my developer also recommends it as maintenance will need to be done to keep the ac up to date.
Service Level Agreement.
You guarantee a particular service, if you fuck up I get to sue you for damages.
But you can charge an arm and 2 kidneys for an SLA.
Ah I see
Yea, letting people not know what anti cheat is good. But I don’t think Il shove it down peoples throats, just add the option to hide the anti cheat if you want.
imagine offering an SLA :KEKW:
Btw I appreciate yalls suggestions and questions. Il be going through this for sure.
Also thanks for the opinions on other anti cheats in what can be improved on def will be doing that.
Il leave this open feel free to add anything else.
Yeah, I use polar, but I haven’t not been able to configure something/or say something. Could you elaborate on that?
Only thing you’re prohibited to do is well use it as a test server for hack clients. that would be a rule for every anticheat though
Yep fair enough. Just if you are doing cloud related checks, monthly kinda has to be done for sustainability
Yeah, we might.
Also if you want active updates then I think monthly would be good. Cause it willbr lots of maintenance to keep the anti cheat update and you see one time payment anti cheats dont be updating a lot.
Or patching stuff fast
Definitely with a monthly payment we will be able to more instinctive to keep updating quickly and efficiently.
or charge a heavy price
Any heavy price wouldn’t by justified. You’d be losing money on any customer who would stay with you. So the anticheat dev wouldn’t be motivated to keep you as a customer as they would lose money from you every day
Cloud servers ain’t cheap
a simple cloud server from hetzner wouldn't be too costly
How would you need a simple cloud server for AI/ML which would be communicating with possibly hundreds of instances?
AI?
Yeah
Whichever key word is your fancy
a gpu would be costly
yeah
that’s why (iirc someone said this) different tiered pricing would be better, similar to polar.
More players, more server stress
And more servers, more data to train AIs.
yep
Yeah I said that above
oh gotcha 👍
Yeah, I heard Ml will be heavy to run on backend servers. So we will def need to be looking into that. Rn we are working on the base, then checks.
Spartan 4.0?
:gasp:
I can’t wait to get all my players banned for breaking bamboo
Chefs kiss :kiss:
No lmao
Spartan is not even a AC anymore
Spartan is the real definition of no players = no cheating
but it's true :brain:
just support all vanilla mechanics. its surprising how many anticheats don't support all vanilla mechanics
what
they don't?
Really?
yes. There have been many anticheats we have had to discard because they don't even support walk speed attributes
Vulcan didn't until recently I had to bug frap a couple times for him to add support. intave finally added support but the plugin still has other issues
so what ac are you using now?
spartan doesn't support it
spartan :KEKW:
grim didn't until recently but still throws a ton of false positives
giving matrix a try but not really that impressed
https://minecraft.wiki/w/Attribute is what im talking about search
Minecraft Wiki
Attribute
Attributes are values which dictate certain properties of mobs, armor stands, and players. Attributes also have modifiers that adjust the strength of their effect.
doesn't even support 1.19.4
smh
its dead
aw man
Karhu was promising but has some issues with other vanilla mechanics like powdered snow and tridents
So basically every anti cheat has its own issues
I just want an anticheat that focuses on supporting vanilla mechanics and fixing false positives
that's just basic features you'd want in a anticheat
the rest is usually QoL
yes but quite a few don't do it. intave for example seems more focused on their cloud features than fixing existing issues
spartan is well yeah
grim is just dead
ACs is one of those projects that needs a full time developer working, but it’s not sustainable/profitable enough area to where a developer will be willing to but that much effort into
matrix dev just seems MIA dude hardly responds
hasn't fixed a single issue yet
amazing 😍
So instead u get the ACs we do have that are maintained by people who the AC is their side gig/hobby project
If it is ran SaaS it can be worth maintaining
polar is great its honestly the best anticheat I have ever used
To a certain point maybe, there’s just not a big enough market
ah yes, X anticheat LLC
99% of servers don’t won’t be willing to pay subscription plans for an AC, let alone anything over a one time $20, so ur only marketing to the 1%. So if ur realistic, kinda just a dumb decision to develop an anti-cheat unless ur strictly doing it has a hobby, which as a result we get the ACs we have now
My issue with polar isn't the subscription. its their HWID system
I dont find that to be the case. From what I heard from people they would be willing to pay for a subscription based anti cheat, if it is better then the one time priced anti cheats and will gurntee the anti cheat is maintiand with constant updates.
The targert market for a SaaS based anti cheat is servers with 15-20 players and above. If they want something reliable, constant updates, and amazing checks. Then thats the price, if not you can continue to use a one time priced anti cheat and wait months for an update.
Fs
Im not saying the 1% aren’t willing. Its just that those “people” you’re hearing from are the 1%
?
For sure (Fs)
I see.
15-20+ people servers that profit**
Which is a much smaller subset
Lots of 15-20 player servers barely make enough to sustain. Adding a subscription for an anticheat aint realistic, even if it solves the problem
I believe its do able, but Il have to wait and see.
Yeah. Doesn’t mean there isn’t a market. There 100% is
It’s just really challenging, and not something that is logical if ur goal is money
If it’s a passion project, or a hobby and money/time isn’t a concern then Anticheat is great because of how shit the competition is
The market is there as you said this will just be another solution for people to use, if they think there server will benifit then that works. Servers will be willing to pay a subscription base if it solves the problem others can not solve. Iv seen that especially when selling a spoofer, other spoofers charge a recurring price and small servers pay for that and it will sovle there problem. If this anti cheat can solve they problems others cant then I dont see no reason why anyone would have a problem paying for a plugin like this.
Well, there is only way to find out tho so Il go ahead and find out.
Yeah I’m not disagreeing there isn’t a market. I just don’t think ur aware of how complex a perfect anticheat is, and how much time and effort will be needed to get to that point. It’ll be several months before u can get a working SaaS anticheat
then every Minecraft update how much effort is needed and how quick u have to be
Yes, I'm aware of the development.
We are taking it part by part.
Bet.
Thats just my tought behind it.
also another idea for more added value more integrations with other software
What where you thinking of?
plan/analyze, maybe an official hook with some replay system plugin
I dont think we can add custom stats on anlyze
UnifiedMetrics integration :elmoFire:
or just grafana integration
damn fr?
didnt know that
Maybe a custom controll panel hosted by us and you can see all the stats of your server
Like you create an account it will be tied to your license key and what not
wouldnt want that
personally
Grafana hooks.
GRAFANA HOOKS.
O yeah
grafana would be cool
You told me about that
I learned what that was yesterday
allow multiple webhooks
Thats cool
It’s like crack once you use it.
yeah for sure
We are doing that alr
No going back to the before times.
maybe add a special webhook system for other apis
so you could use a setup for discord webhooks
^^
or a webhook that just provides the raw data
discord integration is a must imo
to some other endpoint
For sure
yeah discord webhook is the easy bit
Webhooks are like the first thing I tought off
the other webhook to provide data, if well documented, would be cool though too
Yeah thats good
to allow someone to write some other software for the plugin to send data too
oh yes, please actually include good documentation
Yes yes
We will be doing a plugin renamer
yeah breaks with dcker
right?
They should do it by ips
no we fixed that
ah
I wish
Cause the hwid is not accurate
If you try to pull it
Sometimes
Our new issue is that we use pterodactyl mounts and that breaks the HWID system
:Sadge:
ok so its still broken
yippee
Lol
but yeah really if you want to go for monthly your competition is polar
which already captures a tiny market share
For checks configuration I dont think Im gonna allow people to edit the buffers like vulcan
Its gonna be very simple setup
i know for sure i wouldnt pay probably anything over like $50 one time for an anticheat for the small servers i work on
thats dumb
The buffers?
I just want an anticheat that doesn't piss me and players off
verus cracked for the win guys 🔥🔥
vulcan already restricts more config than some other acs
Really?
yeah fair
verus is dead
ive seen dramatically more configurable stuff
I know that's why it's OP
let the buffers get edited
:dab:
Il see Il see
like for example survival vs minigame servers
a survival server a cheater would be on the server for probably 20+ minutes
so a higher buffer is reasonable to make sure someone doesnt get banned
but unless you setup a system to sync flags
then on skywars or something that lasts 5 minutes
then the buffers may not be reached in those 5 minutes
Honestly please add cross server sync
thats another idea
honestly
would be sick
that would be great
just thought of that
Diffrent mods for diffrent gamemodes?
could probably just be a redis syststem
O I see
like if you flag on one server
the other server knows you flagged
get good, get polar
We have so many servers its annoying to keep track
Tried polar. They cause connection issues for when I used it.
💀💀
tell them to redo their HWID system
I will tell you to redo your container system 💀💀
its default pterodactyl
what, don't use mounts and use what?
so no
don't use pterodactyl
use screen
😎
:Spinning_Skull:
as that's what major servers do
Wtf
yup
yeah thats nice and all until you have multiple machines and need to give access to over 15 people
yep, Rinaorc just changed all their infra to screen to be able to use Polar
🔥
pika network too
if a fucking anticheat makes you do that
that is one shit anticheat
Anticheat does not support the most famous panel system causes people to switch to screens
:this:
.
hypixel use tmux tho
:sus:
They legit could fix it in one solution tbh'
good for them they werent forced to by watchdog
dare you to sell the source code for an insanely high price
50k src
1B minimum
Maybe polar should just do what intave does for HWID intave's hwid system works great for pterodactyl
Should do what spartan does there bussiness module works
spartan 🤣🤣🤣💀😬
What is considerd a small server to you?
i mean i dont work on any major projects
less than 50 players
but yeah thats a good number
under 100
maybe with 50 concurrent players average it may be worth a monthly ac
if its actually well maintained ofc
Yeah, Im gonna heavily promote maintainance and what not.
but like im talkin like maybe 15 20 people servers i work on
which im not paying for a monthly ac for
maybe offer a selfhosted (checks on the server) version of the anticheat for a one-time fee and offer a SaaS for a monthly subscription?
idk how smart that would be
Ah yeah thats good.
yeah, I mentioned something similar to this
Like 2 editions?
yeah u did
I rememeber
one just doesn't utilize the cloud for the checks
like i could totally justify $50 for that for the convenience of getting rid of cheaters if the checks are legitimately up to par but $15-20 nah
and is one-time paid
:YesYes:
something like 30-50$ one time for the whole anticheat (without cloud)
honestly dont allow selfhosting of the ML checks
why not
that takes away massive value from the monthly
it should be monthly locked
We host em
yeah
lmao, so the dev makes 50$ then it gets leaked on some forums and everyone get it for free
😎😎
No No
why would you pay $20 a month for them to host if you could selfhost for like $10
No leak
HWID or license checking
bypassed in 15.6s
obsfucating your plugin would be a good idea xd
doesn't do shit
ok but you could do the same with monthly
server side checks are the only way
sure, you can bypass it
but you'll probably get your license removed, it's stored somewhere in the code
I said no leak.
rip 50$
lmao nice joke
loaders arent a end all
Yeah, there is still dumping
its never impossible to crack the code
indeed
But we have an auto updating block sys
and other security measures which we will use
that typo is annoying me
if someone wants to crack your plugin, he will crack it
Where
regardless of the security
Yeah, there is only so much u can do
"you will need a licnese key"
and the same will happen with monthly
Lol
Has anyone cracked polar?
with cloud based checks this won't happen
O fair
that's why nobody bother cracking polar
doing EVERY CHECK in the cloud is idiotic
Lol
because the client side checks are worth nothing
polar runs some checks locally too
Gods work
maybe add some sort of tracking for every customer and make purchases via applying
like uspigot
they have no leaks
the checks that are worth nothing
afaik
still alleviates some load off the cloud
Sounds like astro
because nobody bothered cracking it
yeah thats what im saying should be the 1 time purchase
doesn't matter if they're low level checks
Yeah
e.g. something like badpackets
oh thats one thing that annoys me abt vulcan when questions are asked
Thanks again for the convo guys enjoying your guys opnion. Il be reading over everything again as we are developing, but for sure will take your guys suggestions. Our base should be started this friday we will iron out all the QOL features in the base and what not.
translate the checks and what they mean to real english
like vulcan has some badpackets that check packet order
but its a weird thing to explain that oh the default client always does things in this order
and therefore packets are in this order
Lol
Thats cool
like just translate it to english instead of
Bad Packets (Type R): Post HeldItemSlot packets.
like "post helditemslot packets" means absolutely nothingyeah, there will be descriptions when you hover
To tell you about the check and some stats
Sharing a lot of info on the alerts isnt a good idea though
They will be able to debug your anticheat in that case
there's a partial leak
you also partially leaked the source code anyway
since that dmca thingy
just misc stuff
nah
time to recode uspigot via your leaks
😭
and sell it
Ultimate bussiness idea
uspigot for 20$
uspigot lite edition
uspigot
uspigot monthly
universefabric 😭😭
universeforge
oh god
that would be awful to make
yea but plugins can be made insanely hard to crack to the point that no one does it
like i dont think any somewhat modern versions of intave have been cracked at all because their security stuff is done well
if i remember right at runtime it downloads part of the anticheat compiled to native code (so no java decompiling even if you can intercept it)
yeah, you can obviously make it extremally hard to do so.
yup, like Qarth (iirc) said cracking is impossible to prevent
but you can make it next to impossible to do so xd
That just prevents most skiddies
Someone with assembly knowledge can still reverse it in 1-2 weeks
But yes
Yeah skiddies can forget about it
omw to crack universe
hi
hello
your patches will be on my github page :sunglas: just give me like 6 months
ok
or become universe dev
fast way
but you will be my slave
commit them all to pufferfish :peepoRun:
:sus_slime:
one hell of a paper PR will be opened
noobi got hit by paypal fees lmao
fym
LOL
from 354 he got 291
oh jesus
im convinced the code is going to be super cursed so you can squeeze out every drop of perf
60 (dollar im assuming) FEE???
smh PayPal
dollar to euro conversion
ah
and maybe some fee for sending the payment
yeah that makes sense
I love paypal
I charge $600 per hour <3
fuck
its ok
that should be easy to cover for you
you better recode the entirety of minecraft in that hour
recoding the entire server in go lang while also maintaining full plugin support for the paper api (including nms & packets)
deal
but i still feel offended
lmfao
because i want roblox crossplay
will also do roblox cross play
ok now im good
bet
roblox cross play would be crazy ngl
ye
@Halos will you support roblox cross play with your anticheat
toxic little Roblox kids vs. Toxic Minecraft players
yes
what could go wrong
beacon hair
works for me
anyway machine
wtf
I still dont have the universe src zipped up and in my dms
>:(
:OMEGALUL:
when you share tubnet src in my dms
100% in the future of our anti cheat solution.
sorry signed an nda :P
wait halos
break it
trust
oh simple enough
… bedrock support…? :owo:
Yes
bedrock checks?
👉 👈
YAY
I was joking to the roblox thing
ofc
But that Im adding
bedrock protocol is public now so
yes it is
HELL YEAH
GitHub
GitHub - Mojang/bedrock-protocol-docs: Documentation of the Bedrock...
Documentation of the Bedrock network protocol. Protocol is subject to change release over release. - Mojang/bedrock-protocol-docs
The 3 anti cheat options for bedrock are all shit Spartan, A, and themis
btw
if you werent aware
GitHub
bedrock-protocol-docs/additional_docs/PlayerMovementOverview.md at ...
Documentation of the Bedrock network protocol. Protocol is subject to change release over release. - Mojang/bedrock-protocol-docs
really interesting that bedrock supports that natively
yes but when datafixers gets a rewrite
YET FUCKING WONT FOR JAVA
halos do you have a donation link :uwu:
TBH I dont know what that means
My dev does all the reading of that
Yes
where :eyeshake:
i quite understand it
how are you going to evaluate whether or not the anticheat is good if you dont know what you should be looking for
handling all that shit server side would make the performance go brrr more than it is now
:catjam: thankyou! will definitely bookmark that
Il be doing the testing mostly with diffrent clients and live test on my own server.
Thanks
unknown channel :(
join halos development
Its the cool kids club
I can’t spell
oh, no ty
Halos x Universe
Lol
arent you literally a grim developer
that would be the ultimate collab :kek:
yes
shut up then
but Grim is Grim
Mojang is Mojang
you right
halos whatchu going to name the AC lol
sorry for hoping theyd be competent
I was thinking of being a competiton on unverse with a 1.20 spigot but I relized its not worth it and I got more important things to spend my money on
I dont think you could
Yeah exactly
I cant, unviverse all ready won the market.
not that I think the AC will go anywhere
machine already has axolotlspigot to deal with xd
what's axolotlspigot?
not really
old news
:huh:
the only other actually viable jar is PF+ because any big server is on PF host and you get PF+ for free
& most servers dont need more than PF+
Im all ready spending money into it so I cant just stop half way and not do anything after tbh
So once I spend that intial money its all or nothing
no I dont doubt that youll finish it
I doubt that you can commission competent or innovative checks that actually make your AC viable to use
yeah, PF+ is only worth it for actual people who use PF host
Ah we will see. We still have that 100 dollar bet 😉
I know
:P
otherwise I’d probably just go US
I mean US is better perf & cheaper
Dizs spigot
even if you wanna argue edge cases that axolotl beats US then its still just significantly cheaper
Golang mentioned. :crazyeyes:
I really want an excuse to use go lang for an actual project
Aeon’s sixth sense activated :LUL:
Rewrite MC in it and port the FabricAPI.
no ty
rather kms
YES THIS
:LUL:
i would actually learn golang for that LOL
Ok ok fine.
Fine.
id rather write a saas http api in go
What kind of project would you want to do in prod?
that
Ok but to do what?
dunno, havent looked into it too deeply
I mean what kind of project.
What would you want a SaaS to do? Game stuff?
likely developer based api
like a vpn checking api
Now that's no fun at all. I vote you to the Talos thing and make a really fuckin' awesome tool and make it API driven.
Shell is for nerds anyway.
gonna make an entirely cloud based anticheat to compete with halo written in go
Yo chill
uses universe to send data to the cloud
the jar is just sending data up to the cloud for async processing
What's your AC gonna be written in?
Cloud checks might be a possablity but I need to look more into the cost
embed the AC into US :peepoRun:
US?
universe spigot
OOOO
grim now bundled with US
universe grim fork
with actual combat checks
Really tho. What lang is the AC gonna be using? Java? Kotlin?
^
please say Java
please
please
Please don't say Java.
fucking hate kotlin
java all the way
^^^^^
Heretics all around.
COME ON HALOS
Banish them to the void.
Not sure, Im assuming java my dev coded spoofer in java so Id assume he picks java.
Il have to check
Kotlin is java—
Kotlin is Java++.
He uses gradle so hes chill
the only true option is saying you are writing a simulation engine in lua using https://www.spigotmc.org/resources/paprika.107156/
This is cursed.
shout out to all my mfs running paprika in prod
look at the repo, if the java files end in .java it’s java
if it’s .kt it’s Kotlin
My poor anticheat
Gradle is called build.gradle.kts for Kotlin
Our base is starting on friday so Il let you guys know
check his other project, blackboxmc
native code in spigot
rust in mc confirmed
grim 3.0 when
^
discord changed their UI
and it’s annoying me again
Vulcan 3.0
Is this ever happeing you guys think?
Frep hyped it up a while ago
But not sure if its gonna happen
I thought it was v2
Supposidly it was gonna have bedrock checks
I swear v2 isn’t out yet or am I hallucinating
grim 3.0 + vulcan 3.0 will be a beautiful day
iirc 2.0 is out?..
You guys are all overcomplicating it.
yea 2.3 is out
xd
was talking about Vulcan, sorry
3.01 reach
2.0 is out
Oh
that shit been out ages
my bad
They are doing a big 3.0 update
LOL
Or something
yeah theyre working on 3.0 rn
Wonder how good it will be
I have faith in it
Same
Hope it will be good they where talking abt it for a while
its my year old project 😭
3.0 is stable btw
:eyes_zoom:
wont be open source tho
:Sadge:
ok so grim 3.0 src + US src zipped up in my dms when
lol
Technically I have 6 copies of US+ for the crazy testing server
Speaking of which, next test when?
More bots go brrrrrrrt.
maybe soon
im porting my plus changes to the new upstream update
👀
When will the whole world be open src
https://github.com/DynamiteMC/Dynamite just fork this
GitHub
GitHub - DynamiteMC/Dynamite: Minecraft: Java Edition server softwa...
Minecraft: Java Edition server software written in Go - DynamiteMC/Dynamite
no commit for 4 months Smoge
yeah they lost motivation :Sadge:
:kappa:
I quickly read the convo, there are a few things that seems odd to me
Can't comment all of them but here is a resume of my opinion:
Halos will not find someone capable of producing a competing product because there is barely anyone in the world autistic enough to learn and practice making an anti-cheat for half a decade to know Minecraft physic, behavior and protocol on every major client and server versions (as a hobby, no income generated in those years) so much that you're able to then start from scratch again and spend 6-12 months writing your state of the art anti-cheat without any income again
And even if this person existed, they wouldn't need a middle man
im assuming this is why companies like hypixel pay like pretty high amounts a year for watchdog devs
So what's going to happen is exactly what has happened to 99% of custom anticheats in the history of minecraft over a decade, it will be primitive, filled with exploits and bugs because the person in charge of programming the ac does not have the necessary competence to fight against minecraft cheats which are one of the most advanced of any games in terms of behavior vs server sided anticheat (because other game cheats must focus on client sided anticheat, forcing them to spend most of their time not reducing behavior detection)
And on top of all of that work needed to make a state of the art anticheat, we didn't talk about every single side pieces needed to have a production product such as obfuscation, licensing, website, backend, (cloud system for saas), time spent on support, advertising, API, documentation and dozens more details
I'd be more than happy to lend my experience to help handle the cloud side of this for free.
And another extra hammer, it's very unlikely it will support multi-version and will likely (if it ever happen) be only for latest, because 1.8 players are very rare and become rarer over time, and you need to learn years in advance, meaning newcomers will not know anything about older versions of minecraft
However anti-cheating is as much needed on older versions (market share) because cheating in 1.8 is more common than latest (arguable as time pass)
and yet, they still rely for 90% of the logic on NCP (with small updates) which is a decade old
watchdog from my observation knowledge is quite primitive if compared to other anticheats we have in the wild, watchdog consist of small checks here and there and NCP doing the main job
That's my vision of it, maybe i'm pessimistic
Usually I'm the pessimist out of everyone so it's a little odd being on this side, but yeah you're being way pessimistic.
It takes exactly one gigachad developer to kick a project from pipe dream into all too fast approaching reality, after that spark of hope is ignited others will flock to it, not if, when.
The trouble in my eyes is finding that one dedicated dev who really can kick it over the line.
Maybe Halos and his mate are that team, maybe not.
What I can say for certain is not shooting the shot because it's unlikely is idiotic from any perspective you choose.
maybe true for a opensource software, but for a basically SaaS/paid only software?
eh
No even for SaaS that's the case.
If this was an established business making a new project then I'd agree, but this is a fresh duo.
There is no shot to take if you haven't studied for years
We lack the context to even try making that call.
Geyser Support
you need to be mentally abnormal to make anticheats
Firstly who Halos is even working with is unknown.
Secondly even if he hasn't done the years of research that isn't a sign to give up, that's a sign to shift tactics.
Say they don't start with a SaaS AC, rather they start with some other kind of SaaS and branch into AC later once they can hire people.
Crystal PvP Cheats Detection -> Anchor Aura, Crystal Aura
Welcome to Admincraft, we're a plenty here.
the problem is not money
there is just barely anyone capable of this niche task
why do you think hypixel has been throwing money for years and still struggle?
I'm an autistic sysadmin and soon to be systems engineer, I'm happy to go make an entire sophisticated cloud. I'm known as the Kubernetes guy around here, plenty of others in the crowd fill niches.
If we exist isn't the issue.
We do.
sure you can do that because this is not a niche subject part
i'm talking about the ac directly
And what? Setting up hyperscalable bare metal infra isn't a niche? Look, if I'm building something that could be used to cover a planet in computers then I somehow believe out of the 10k people in Admincraft there are people with the niche love of anticheats and security.
It's not that unique.
If I exist and I'm trumped by people like TWG then sure shit AC lovers exist here.
It has been done many times and there is a lot of documentation online to do it, many people could be picked to do it, it's not very niche to do something like that, need knowledge and skills sure, but there are definitely many people who spent their time learning it
My point is not "anticheats are too hard", it's just no one spent enough time on them so you can't hire anyone
And anticheat is somehow immune to that? No it isn't, anticheat and security isn't anywhere near as much of a niche as you seem to think they are.
or if they exist they definitely won't work for your little side project
minecraft server sided anticheat are, unlike client sided anticheats which can be very generalist, server sided anticheats are specific to the game behavior and protocol
EAC is a good example of a generalist client sided ac
I am aware of that.
Believe it or not but I've also walked down the anticheat path a while ago.
Frankly nothing you've said has been a dealbreaker of any kind. The worst I'm seeing is unlikely odds, but that hasn't stopped anyone determined before and I see no reason to stop now.
Worst case scenario we wait for a better opportunity, we don't just flip the table and declare the objective impossible.
If you feel that way? You're welcome to find the door, don't let it hit your ass on the way out.
good minecraft anticheats are not profitable, the only profitable anticheats are primitive one that required low efforts and received large amount of advertising
progress curve on anticheats require exponential knowledge and efforts for gain
The door is waiting, friend.
Seems like you're suited for it.
:kappa:
you believe i'm biased against anti-cheats ?
I believe you're pessimistic uselessly. Your argument has been used for every major project in minecraft history, and yet people keep making progress.
If your opinion had real ground to stand on we'd stop seeing innovation, yet that hasn't happened.
If anything innovation keeps sharding off into novel directions.
I think you misunderstand my point
it seems like you think i'm saying it's extremely difficult to make an anticheat
this is not what I am saying
I didn't misunderstand anything. The people required to do it would simply go elsewhere as there isn't profit, etc etc.
Yes I know.
I'm aware.
it's been a decade and the only anticheats that exist were made by single developer as a hobby and then abandonned because interest was lost
and you can count the meaningful one on your hands in this decade
This displays a core misunderstanding of how a human works, I feel. Once you reach diminishing returns in payment happiness you start looking for value external of money, that might take the shape of projects in small games, hobbies, grand gestures, scientific advancement, or simply getting high as a kite.
A lot of the people here are more than wealthy enough to live until they die with little concern, why are they here? It's part of the human condition to embrace your passions, some people like anticheat and goddamn if Minecraft isn't a good place to flex your programming skills.
where is "here"
In the general community.
Why get deeper into MC at all? It's a hobby, it's fun.
But Lucky, you're free to point out probability, and I agreed the chance was low, but the point you made was a statistical one, and it wasn't a statistical impossibility by any measure.
So again, don't let the door hit your ass on the way out, you seem to have nothing to contribute here.
:polarbear:
You where right, the first group I worked with was extremely incompetent and was a waste a time.
Iv found someone who is competent with this stuff and has proven it to me with other projects that he works on for me.
how long has he worked with anticheats?
This side piece will be handled by me expect for cloud and backend. License, website, docs, I do that. Security, license and obfuscation is done all ready.
He has made anti cheats for servers in the past. Not exactly know how long he has been doing development in anti cheats, but he has been developing in java for a long long time.
this is the arguement ive already made to him in different discords, fully agree
I believe I have found someone capable. But only time will tell, work has all ready been started and everything is looking very good.
I just don't believe you & will believe it when I see it
Exciting :eyeshake:
Thats completely fair
I haven’t showed anything yet. But once I do you can keep not believing me all good
is there anything stopping someone from making a simulation anticheat using actual minecraft movement source code or is it just way too slow
Why yes! The thing stopping that is nobody wants to write the code involved in such a thing. :LUL:
It's entirely possible and you could accelerate it with a GPU, it's just lots of work.
of course you could accelerate it with a gpu but dedis for minecraft dont usually have a gpu
If you’re going to that much work you may as well just do cloud computing with a GPU :Shruge:
Like you could just rent some GPU power for it, the issue is the complexity.
Skullian knows.
Just cloud operate it on an A100 or whatever.
cheapest GPU ever :YesYes:
thats whats already been done though?
dont the existing simulation based anticheats use their own movement recreation code?
well the code is still confining to the actual minecraft movement
so there shouldnt be much or any of a difference?
besides maybe a bit simpler in cases
im confused what you mean here
server sided movement simulation has been a thing and it isnt that intensive?
It's just complex pain in the ass code because nobody wants to work with CUDA for MC.
theres also other levels of complexity with doing stuff server side
for example the whole ping thing
well generally spkeaing it best to ban/punish in waves
best anticheat
is
Ghost anti-cheat
🔥
require ur players to install vanguard
a real server injects shit into the player's computers
so they know whenever theyre hacking
Intave is better kek
i dont think any anticheat in any video game compares to vanguard
That's how its done
Yes
Trust factor system
Utilising heuristics for certain things
Having not dogshit checks would be a plus too 😁
Ofc
Actual good security to stop it from being cracked too would be awesome
We finna have polar level security
Never impossible but extremely hard
Loader stuff is still crackable if not done correctly!!
Look into native obfuscation, Astro uses it and it’s a lot harder to crack that compared to a lot of other Anticheats I’ve seen
Yeah, I can do native obfuscation
Look into it, I’d personally recommend JNIC myself, although even then you still gotta pack it and more
Stuff like native call loggers exist, so having actual good security and anti debugging on-top of it is a great idea too
Look into implementing checks against things like JVMTI especially
Yes our loader all ready stops dumpers and jvm attachments
How are you going around checking for people using JVMTI to dump the classes directly from the JVM’s memory? Just wondering since a majority of people never account for it
They rather only account for things like dynamic agents
Couldn’t tell you tbh
There is only 1 bypass and thats if you had known exactly how we block everything and the only person who knows that is my developer. We all ready had people test it who are known for cracking.
We also utilize a api from a security expert where he constantly updates and patches new stuff
That we got privately cause my dev is good friends with him
People say this and then their stuff gets cracked anyways 😭 I’ll believe it when it doesn’t get cracked 3mo into release
Lol
Fair
"Hey guys how do i do x, y, and z"
2 comments
"Hey guys anticheat blah blah blah"
Over a thousand comments
Why is admincraft like this
What my post?
no every post on admincraft
I mean to say for some reason anticheat discussions get everyone popping off for some reason
Surprisingly, they're also the most controversial discussions when it comes to comparing the ones on the market
I guess so
Yeah it has 1.2k messages
The built in vanilla anticheat >>
INSANE take
no players no cheaters
Nuh uh… the vanilla anticheat is the best.
falses less than spartan
So real
Pov; Not even a min in the offical spartan test server https://cdn.discordapp.com/attachments/746133412213030948/1232091913058779146/2024-04-22_18-11-57.mp4?ex=663e9c03&is=663d4a83&hm=688d60348dbec2605df3f5f4929ccffd76a4486800cab462d37fd1402b247ca0&
This Halos anticheat thing feels like something that'll fail horribly no offence
Hope not.
I've not seen anyone succeed
God did
90% of Anticheats do
You gotta find the way to be the 10%
There’s a few that actually create decent checks while not getting cracked instantly
Just like you gotta find a way to be the 1%
Our base is almost done. After that its just checks then Il be doing more sneak peaks and shit.
"just checks"
Very simple
Just block every cheat no falses
Super easy work
Takes 1 day max.
Lucky is p much right
It's definitely not that easy
Me after I call myself an AC dev after compiling NCP from source.
And maintaining is very hard
Let him figure that out dw
Ik its not easy
but yeah i hope your dev is an anticheat autist or your either going to false your balls off or catch nothing
Fr
Even then 90% of AC devs never do anything innovative or different compared to other anticheats
They just market their product using words that 90% of the buyers won’t understand
Or mention they’re using technologies like “machine learning” or “ai” 💀
Iv had trial and process one time a team told me they could do it for just a percent of sales. Turns out there a bunch of skids and waste of time, so I def see who is not good. But my developer has been working with me on other projects and has been amazing on everything and I have no doubt that he can suceed in this.
Have the anti cheats make up the ML
i honestly dont think any anticheat dev worth their shit would sell out
Im paying good money
^^
Like a lot
if they could really make a revolutionary anticheat it would be more profitable for them to just make it for themselves
Anyways only time will tell if this project becomes successfull.
Thats true
Exactly this, doesn’t make any sense to work for someone else when you’re likely better off on your own
They rather do it through me as I handle all the promoting, support, and have a built in system on how to get it done and be sucessfull in the market
at least i know if i knew enough abt anticheats to make an extremely high quality product i wouldnt just sell out the immense profit i could make for what is likely minor cash in comparison
universespigot has spent $0 on promotion and has plenty of customers
a standout product will find its way
Yes, I wont really need to promote as I know exatly where Im gonna sell it.
Why do you have 1.1.1.1.1 in ur pronouns 💀 wtf does 1.1.1.1.1 mean
im not trying to shit on you or your dev im just saying its very unlikely that its going to be at the level you seem to believe it could reach
what
oh wrong reply
Idk
I meant @Halos my bad
Ay man thats fine if you think that, but Im still gonna do it and see where it goes.
Never heard of 1.1.1.1.1 but I’ve heard of 1.1.1.1
i just hope you know what ur doing
Yeah why do I got one extra one
idk
Idk you tell me lmao
Typo chat
now its just cloudflare dns
Anyone wanna bet there’s a full disabler for it made in a day 🔥
really popped off with that one
ate or smthn
Chill
ngl aubrey a pretty unique name did you steal it from someone you know or smthn
I don't expect any of you guys to trust me as I haven't showed you anything but my words but once we are doing checks Il be doing sneak peaks.
Il see where it goes. Thanks for your guys insights appreciate it.
No, not anything in particular, just thought it was pretty lol
fair enough
i know an audrey but never an aubrey
just flip the letter and its the same ig
Hey unrelated, do you think people would pay for well made plugin security
Not obfuscation, but for other factors
what sort of security
licensing systems or something fancier beyond that
Like a loader?
Stuff like a loader, anti analysis etc
My friend was thinking of making a loader for anyone to use
Offering checks a majority of other security vendors don’t account for in the MC community
That they would upload there backend files to there host and they hook up the loader download
And they would provide all the security
Idk how that would of worked
But I think he told me about it before
Loaders aren't that complicated, what's hard is making them safe from dumping/other stuff
Vouch
Making them safe from dumping is annoying, really depends on how the person is dumping it though
yeah a basic loader is just a line or two of code really
Mhm
Yeah loaders are small
Making it safe is the issue, that’s the type of stuff I’d offer
The secuirty is the big part
the problem is that unless you do native obf in that case maybe its still always very dumpable
Also webhook alerts if a crack attempt is made very usefull/
Native obfuscation compiles it to a native binary, like a DLL for example
Or a shared object
yeah
Well, you can’t really dump it, although there’s still other ways to get around it
yeah
Honestly
Native obf kills performance
just more of a pain
And just because it’s transpiled doesn’t mean it’s impossible to crack either
thats the main problem
Its basicly inpossible to to block everything
ofc not
Depends on the native obf, although it happens like every time
Or fully secure your product
Like everything is crackable
You can only do so much to prevent it
I think halos should just purchase Denuvo
Proven to work
and take so many security mesures
What is that?
never heard of it
java is just a very open language
silly drm
I dont code lol
i believe infamous would be a better word
Ebrahim Patel
Irdeto
Denuvo
The global #1 Games Protection and Anti-Piracy technologyhelping game publishers and developers to secure PC, console and mobile games.
Wtf
extremely effective and a immense project to try and remove or at least disable
Is it good?
also extremely effective at killing performance and giving you a worse experience
Wanna know a silly thing I did a while back
Basically splitting the native across multiple files making it especially aids todo
😏
also expensive so most games using it give up after a while
It's for games lmao
Lol
i mean its not for java so
I am making a saas program soon
that does sound aids
Like another bussiness venture Im presuing
Maybe Il use that
its expensive
Yeah, and packing the native makes it a lot harder too
many games using it drop it after a year
ya u know its expensive when there is no prices on the main page
you gotta contact them
Lmao
thats the thing with anything enterprise
Mmmhm
and denuvo is definitely enterprise
Fs
Did Empress stop cracking
what happened to that
Denuvo is apparently kernel level which is interesting
Kernel level java security 🗣️🔥
i think id die if i ever saw someone try that
here b4 riot vanguard is in java somehow
There was meant to be a client anticheat for Minecraft
Technically speaking it isn’t too aids, it’s more about the fact you gotta sign your driver and stuff which is annoying, it’s definitely somewhat possible
Anyways Im off to bed. Appreciate yalls comments, means a lot.
possible yes worth doing no absolutely not
Its my bed time
The Usermode AC after I hook the kprocesshacker driver running on my pc:
Me and my friend were working on a basic client side ac for MC, never got around to finishing it although we did make a few basic checks
Implemented things like API hooking, anti tamper etc
It was Usermode since she was only learning about win api then, although kernel level sounds fun
That would make everyone have to install it. Iv discussed with my dev a method to instant detect almost every cheater, that will indeed work. Because a majority of cheaters actually do it and like to do it when ever cheating on a server..
What even is this
Client side anticheat for Minecraft
What
what
My reaction fr
In C and C++
I cant say how it will work. But it will work it detects a certian thing that cheaters like to enable in there clients almost everyone does this.
its gonna be like detecting using a client brand spoofer or smth
what
All of this yap for me to call the syscall directly
which honestly could in theory be doable with hacky shit
You cant detect if someone is client brand spoofing
You can only detect what client there joining with
I’m assuming translation text components
There's literally no way to detect almost every cheater
Issue with a production level clientside ac for MC is that no one will run it lmao
But that’s already been patched
when lol
By clients
Iv found a way it only works in certian cases if they do this one thing which Ik a majority do.
No you can't
Vanguard surprisingly has been doing stuff a lot better recently, they patched most DMA’s
As Im in a tone of cheating discords on my alt
The only way is with plugin channels and the client's brand
you could detect check a non vanilla but expected translation then
There's no way
Il show yall later when we are closer but it works
most anti translation mods ive seen are improperly coded and have holes
Now I’ve heard this @Halos yap for a bit I think I actually have less faith this anticheat project will actually work well 😭
Most clients just act like vanilla now in that regard
At least open source ones
Mate Im not making it up lol
most dont
You literally can't though
at least not flawlessly
What are you counting as most
Like give an example
it actually works. It wont detect everyone only if they do this certain thing. Its not a cheat or an advantage its just a qol feature that cheaters use.
any ive seen
Because wurst meteor liquid bounce are all patched from what I’ve seen
ill double check but last time i checked it was patched improperly
That all or most use?
My dev doubted me at first when I presented the idea he was like not sure if it will work
If it depends on client brand, how about injection?
Then he did a little reading and found out it can work
Most
Not all I cant say all cause not everyone does it
But most do
What about injection based cheats?
Once we show everyone tones of anti cheats will follow and copy us
I smell bs
This fella is a yapathon
:4Shrug: Doubt me if you want I dont mind.
When’s the release
You still haven’t answered my question lol, what about injection cheats?
2077
Same they all have this feature
💀
Every cheat client has this feature
I smell bs too
Or module in the client that can do this and its something common that people use
Honestly we will code it in the base as its not even a check
just verified the cheats i checked almost all have at least 1 specific gaping hole in their anti translations
Which ones?
What if my cheat is completely unique
What then?
The translation was patched wasn't it?
no
If it has a module that no other cheat has ever had
Yeah
For a specific server
not to my knowledge
What then
who do I trust 😭
Which cheat has it unpatched
It cant be patched
atleast I dont thinkl
the ones you listed where i actually knew where the code for it was
You literally said it's a module cheaters like to use
Answer my question plz
Can't they just turn that off
Y'know
^^
There gonna have to do something crazy to patch it and I dont think they would
So it’s not patched in meteor?
What was it
A module specific to my client, the only module on the client and it’s only made for a specific server
their patch is incomplete
Is it still gonna get caught
How so
They could but most wont know till they get hit with it
Especialy stupid ones will all get caught up with it
Smart ones too untill they catch on
@Halos
it blocks meteor specific translations from being detected thats it
Would it catch me cheating?
I dont want to show it till we release cause ik everyone is gonna just go ahead and copy it to there live anti cheats
no they won't
It would catch you before you cheat if you are using it
such thing is basically impossible
What is this guy saying lmfao
“It would catch you before you cheat if you are using it” 😂
How does that work
i have another idea what it might be
What I mean as soon as you join the server with it on your done
If I’m using an injection based client, what if I inject after I’ve joined the server
What then
here b4 he tries to detect viafabric plus
I wanted to make a verification system once that relied on a web captcha(you visit a website to verify)
and during that time it'd collect your browser fingerprint
Then it would not really work, as you wont have the option on.
there
Thats a thing?
100% ban evasion proof
Huh?
O I see
GitHub
GitHub - abrahamjuliot/creepjs: Creepy device and browser fingerpri...
Creepy device and browser fingerprinting. Contribute to abrahamjuliot/creepjs development by creating an account on GitHub.
i mean yeah, so then meteor cannot be detected no?
not directly
i wasnt talking abt directly
Every client has the option
even metor client
And vape, rise, everything pretty much
and there is still a hole in their implementation
and cheaters use it
I mean if they get by that they better be able to bypass our checks
ok so how would you detect it indirectly
Poor Michael
💀
VFP is so based
I'm in love
cant reveal all my secrets
huh thats so cool
My dev wont let me do anything stupid
Browser fingerprinting has existed for ages
I legit presented him a dumb Idea. He said your stupid, wont work. Or wont be optimized
Fingerprint
The device intelligence platform | Fingerprint
The Fingerprint device intelligence platform works across web and mobile applications to identify all visitors with 99.5% accuracy — even if they’re anonymous.
though that can still be bypassed no?
@Game_Time
game_time has reached level 2!
Roles Added:
Level 2
Yes, with a privacy browser like librewolf
viafabric plus can also be detected even though it doesnt use the minecraft translation system to my knowledge
but not with a normal browser?
But if you keep it a secret that you're doing fingerprinting and don't autoban for it nobody will know
Yeah
might have to add that to my server :stevethink:
There is biometric profiling on a players movement but that wont work as it is basically impossible
My dev told me Im stupid and I should never present something like that again. I said okay.
we also talked abt how someone could just copy another players movement and false ban someone
Yeah exactly
My old ac devs said it would work. But I fired all of them cause there where skidding and wasting my time.
Not reliable at all
Players have to visit a website when joining the server and not everyone is smart enough to do that
No matter how much you explain the captcha to them some are too dumb and won't be able to pass
You'd also have to code your own
honestly that would be a fun proof of concept
lmao
i think i could absurdly easily detect meteor client
a massive portion of modern servers likely could
With no false?
100% instant detect
unless someone is trying to hide something else
through translations, but im unsure how hes going to do that for meteor since they blocked their own translations
Someone is being fishy
yes with translations
There's a "RCE" for old meteor versions btw
RCE stands for remote command execution not code
nah idc abt that
RCE like in gta cheats
We not doing this
creepjs can't be used as a library without intense effort though sadly
meteors translation stuff is detectable with decent accuracy
the dev doesn't want you to
it's intentionally like that
what lol
it would only false on someone trying to hide something thougj
it's for "research purposes", it's not for use
fingerprint.com is though and is very easy to implement
i wouldnt recommend banning off it though of course
fingerprint.com even works for brave etc
Even if you use incognito it won't bypass
lol
fingerprint.com doesnt work on safari
funny
but yeah ive yet to come across a complete and 100% reliable patch in any client for translation detection by one method or another
pretty cool website still though
yeah I wanted to make a poc but I don't know web dev
weird huh it can identify me accross different ips on chrome
but not safari
whats chrome giving which safari aint
Im hiring a web dev for my other porject
Web development its fairly expensive finna be like 10k
Front end and backend
yeah it doesn't use ips at all
Is it true astro skidded grim?
but then what is chrome giving to identify?
check creepjs
fingerprint.com keeps that a secret
chromium skill issue it seems
working on arc as well
Try on Firefox
yeah doesnt work with firefox either
google bad
What about creepjs
creepjs doesnt detect it with safari either lol
i get a F score tho for some reason?
(when i first visited their website)
yeah that's how trustable your browser is
F means you really are trying to hide your fingerprint
heh?
i just logged on safari on incognito and went to it
without a vpn
thats crazy
yeah lmao
safari incognito i guess really hides it? and so does firefox it seems
firefox got a D score
somehow though when i used a vpn my score got upgraded to a D+ on safari🤔
feels so random
Vanguard doesn’t even work lmao.
There’s just so many hacks they’re able to bypass it, either temporary free trash ones or paid actually good ones.
What Vanguard stops is script kiddies, it doesn’t do shit to anyone with $15 and Google. :LUL:
And frankly we didn’t need an extremely intrusive anticheat to stop script kiddies.
Actually nowadays Vanguard has been working a lot better
They’ve patched most DMA cheats which is impressive, noting 90% of kernel level anticheats haven’t patched them yet
Same with the fact every single free cheat just uses some silly method of hooking an overlay or a insecure signed driver or some other braindead method which is already caught by Vanguard most of the time
I would dearly hope it's working better than objective garbage, yes.
Even still, Vanguard misses a LOT of especially more sophisticated cheats that I remind you don't cost a lot of money. $15 for a ring0 cheat that cripples Vanguard when it tries to install, yikes.
You install spyware and get something that only stops script kiddies, this has been done before without the spyware. :husk:
Vanguard has no reason nor excuse to be spyware.
I’d love to know, how do you think cheats get ring 0 access?
Turn off driver signing, install the cheat, hit go.
💀
You get instructions to install it correctly.
Do you think
Valorant runs
With test signing off
Because what they’re doing is literally detected by open source anticheats lmao, 90% of the time they’re manually mapping it into memory, hooking another driver or hooking an overlay like discords or nvidia’s one
Valorant doesn’t run with testsigning off, they also hook a lot of windows API, same thing a lot of EDRs/XDRs/AVs do
I meant on the cheat itself.
Once it's in ring0 you turn signing back on and it does black magic to spoof Windows. Unsure how, all I know is literally a few days ago a guy I know purchased another ring0 cheat.
Works perfectly.
Yea, cheats go undetected for a few days or weeks, after that it never works again
It’s why val cheats are so expensive for anything that you want to last
Incredible that every few weeks another one comes out and then Valorant gets to play catchup again. :husk:
We're in a perpetual cycle where Valorant will do BS, a cheat maker will patch their software and then Valorant has to do more BS later.
That exchange is not worth installing fucking spyware onto your PC. :Kek:
What are you yapping about, you obviously don’t know anything about how the windows kernel works 😭
What do you mean by “spoofing windows” 😭 I hope you realise that there’s no effective way of loading insecure drivers normally due to technology like patchguard for instance
I’ve mentioned you’re able to manually map them into memory although even then, you’re still able to hook the APIs used for allocating that memory
And Valorant does utilise kernel mode hooks for a lot of what they do, API hooking is very common in the anticheat/anti tamper community noting it makes debugging/injection aids
I'm not going to claim to be a low level programmer, you hold that title over me and frankly I don't want to understand ASM at all.
What I do know and can measure is the ineffectiveness of Vanguard. I can see what the cheats are doing and the instructions they provide and gather data based on that.
The instructions for the currently functional cheats are to turn off driver signing, install it, hit go, then enable driver signing again. Going off my knowledgebase the only thing it could be doing is spoofing Windows somehow because of technologies like Patchguard.
Unless there's black magic at play I'm unaware of, which is entirely possible, I don't see how it could be doing what it's doing without something like a Windows vuln or some method of spoofing.
👋
Now that's really not that important because it doesn't at all detract from the cheats still working, and we still have to install spyware to stop the cheats you could stop through other methods like server based detection.
It's been done to death before, it'll be done to death in the future, none of the time it's needed spyware.
Vanguard is F tier software. Bad.
You realise if you turn testsigning off after you’ve installed the driver, it’ll remain installed but it won’t load lol
Again, I don't understand the low level enough to really say. All I can say is that it works and successfully bypasses Vanguard.
$15 on plain google. Don't even need to hit up Tor. :husk:
If you could, DM me the link of what cheat you’re talking about
👌 Will go ask for the link again.
Bro is sleeping or away.
If sleeping, probably 5 or 6 hours, if away idk.
Within a day.
they patched it already
their patch is detectable
in this case or general cause RCE is remote code execution not command
with some other falses possible but likely not on completely innocent people
thats why i said "decent accuracy" instead of if they hadnt patched it a nice 100%
I think liquidbounce didnt fuck up tho
no you can't
because you don't have the state variables
what are those
is it possible to just like... put them in based on server state
not to be annoying but how would you even know considering you don't know how it works?
you're not annoying that's just facts lmao
+
I really do not think he has found someone that is willing to maintain an anticheat for a long time
Or make a good anticheat in the first place
💀
literally no anticheat lets you load the game with test signing enabled lmao
you can't because client won't tell you
most of them can be computed but you are never certain about them
like what sort of stuff does the movement code need that the server doesnt already have though?
Schrödinger variables 🤣
hundreds of things
let's take world for example
sure you can emulate what the client see with packets linked to transaction
but what if they split and land on a different tick?
oh wait lag compensation is gonna be a bit insane
Then you either have it wrong or allow Schrödinger type world
I love math
how do current prediction anticheats do lag compensation?
and then you need to have a custom implementation of the collision and physic and all of it's butterfly effects
you can't directly use the client code
predict the future
transaction packets, if they use 1 per packet, they just pray it doesn't land on a different tick (otherwise it break), otherwise they use 2 and pray they implemented their own uncertainty leniency correctly without extreme bypasses or still edge cases
let me tell you about the cake paradox, hold on
could they just like send one before one after and like test for both cases in prediction if different tick
Sure
but what if 10 ticks happen in between?
Now you need to maintain 10 states branches
I will write you the cake paradox and you will understand
how does that happen lol if you send them at practically the same time
i guess lag exists
TCP only save order, not time of receival
what info do you get from transation packets? i dont really know what they do tbh
Hey, I want to eat a cake while holding stone in my hand!
When you right click the cake, I need to check if it's actually a cake you are right clicking, what if there was a block update with transaction split?
Now i'm not even sure what you right clicked is a cake, we branch 2 possibilities, now I'm not sure if you were sneaking or not, sneaking will make you place stone instead of eat the cake, but if you aren't sneaking, i'm not sure if it was a cake because block updates split aswell so i'm not sure if you placed stone or feed, uhm.... wait, you can only feed on the cake if your food isn't full, but the food update also has a transaction split so i'm not sure if you could eat at all... uhm did you eat or not? wait... did you eat the cake entirely or not? because the block update to change it's size split and I wasn't sure if you eat it last click so now I don't know if you still see it?
wait.. my inventory tracking based on packets also split... i'm not sure if you were holding stone or a water bucket actually...
but now I don't know what this block is, it will remain 100 different possibles states until it's updated again without a split... uhm can you please stop walking on it? hey! i'm not so sure about the collision physic here ahahah! are you swimming or bouncing on the cake?
you just know "hey, he maybe received it in the current client tick"
that's extremely confusing
so you get the current client tick?
and I didn't even mention all state variables and this is just for right clicking a cake lol
at that point just take the server state and force the client to it lmao
now that you explain anticheat dev seems extremely hard
this is why you can't just copy paste the client unless you want a gazillion false positives because state variables are not synchronized, other games change their protocol to be able to compute them properly but mc don't
then all your players are crying
Minecraft should have just had server sided movement
smh
actually would be cool though
will never happen tbh
they would need to drastically change the entire protocol
it's too late for that
if notch did it initially when making the game there was a chance we could have serversided movement
but now? It's too late
if only the game sent just like a tiny bit more data with packets
I didn't even talk about the fact that we have to guess key presses
and random edge case that can cause infinite branching
so you must find a more performance friendly (and complexity friendly) solution
labymod had an addon that sent your client keystrokes to the server lmao
it's deprecated now though
yeah but it's not that crazy, just little performance boost mostly
do you not just like test all of them for movement theres not that many different keypresses that can affect movement
oh wait crouching exists
thats like
oh wait
uhhh
yeah we test them all, during collision though you can't be sure which one they used, so you need to keep multiples branches of key inputs for next tick
like 32 including jump 💀
last tick will affect next tick etc
you can use your imagination to think of a gazillion edge case
screw anticheats
answer this
but hey if you can get through the trash protocol you can make 60 dollar monthly anticheat and become rich
this is why it's not easy as "copy pasting minecraft physic", you actually need to implement your own system to handle state variables uncertainty without just exempting/creating huge bypasses
you must give the least leniency possible while having no false positive
the tiniest leniency will be exploited
how bad would it be if you only lag compensated player position in a prediction anticheat
would it be like NCP style lagbacks whever you ghost block
player position don't need to be lag compensated
the environement around the player is what need to be lag compensated
this include everything, inventory, chunks, other entities, interaction such as teleports etc
oh true
how much of a disaster would it be with non lag compensated prediction checks lol
it would basically instantly false positive
bad/10
with no lag compensation it would just perma setback
what if the server is local and you have 0 ping 🥺
only if theres world state changes tho right?
take a screenshot and ticking is split still 🔥
surely it would just be like a much more exaggerated NCP lagbacks
nah, I hit you, velocity packet is sent
I apply it to your phyisc immediately but you receive it 100ms later
false positive every hit
metadata override your sprinting state everytime you sprint/unsprint, I assume you receive it instantly, now wtap instantly setback you everytime
etc etc
NCP would be way better at this stage
yea i see
because NCP give leniency to compensate for it's "miscalculation"
i see why grim dev quit this now
NCP still has a lot of bypasses and false posities though
yeah grim is a bad design actually
Intave is a bad design too
whats wrong with them?
i own intave because nuh uh im not paying 30 a month again
they want to compute a deterministic position as output of the physic calculation (x, y, z) with non deterministic inputs
and what ends up happening?
false positive central
and unfixable issues
literally unfixable
in the sense that it will take them
10 hours to fix a small issue
because they must calculate it perfectly even if it's extremely complicated/not possible due to unkown state, otherwise it will false positive
other than visual stuff how much of cheats are practically impossible to detect (other than clickers)
grim and intave are the best attempts to use this design but it's a doomed design, they will abandon it
why do you think nobody has succeeded in making a proper engine (till now)
because it's not possible
not with the design they use
i'm talking about any design
because people are rarely trying new things
grim is nothing original
it's based from what every AAA games do but it's not applicable to mc
and even before grim, many people tried to use it on MC
i swear there was like one other long abandoned prediction anticheat (artemis lol)
they won't search for a better design to make it more easy to maintain
because they just think nothing better can be found
3.01 reach check was possible since 2011 and no one searched for it even though it was obvious, when in 2019 I showed it to the public, magically everyone suddenly think it's easy and logical
things seems easy and logical after we've told you how it works, but not before
artemis is based on a 2017/2018 ac made by a german guy
another abandoned project of ghast
they will deny this though but it's very obvious
very similar code
and similar issues
what did you do in 2019
polar 2019 edition?????????
autistic anticheat work
aka working 5 years without selling anything just for "fun"
but in 2019/2020 I told every other anticheat developer on a discord server how to use transaction packets
was the 2017/2018 anticheat made by the german guy good tho lol
before I use it for reach, transaction packets like we know them today didn't exist
what even are transaction packets
same thing as TCP ack packets if you know
what packet actually is a transation packet like is it a minecraft packet or what
oh that makes sense
for the time it was frontier, but it was not really usable in production
i guess it is used for ping/time related stuff?
yeah it's a minecraft packet originally used to synchronize inventory of players based on the server
however people later found that you can exploit it for other use
what is the packet called?
Window confirmation
from 2014 to 2019 people used it in a very very primitive way, calculating ping with keepalive packets and window confirmation and comparing the difference between both
to detect pingspoof which were commonly used to disable anticheat at this time (ping > 500 exempt();)
yes and now anticheats double my network usage with transfer packet spam
in 2019, I realised you could use them to confirm when you receive a packet instead to perfectly lag compensate, then I made entity tracking with it to detect any reach extension
This was the proof of concept for them, then everyone started using them for everything
you can find a video in 2020 on my linked youtube channel
i don't think minecraft was made to have a good foundation for making anticheats
feels like the game was built completely discarding anticheats, almost as if the game is a singleplayer only game
first 3.01 reach check ever 🔥first time transaction packets were using as ACK packets 🔥
i dont get how that actually works
we are very lucky of transaction packets
VERY lucky
Baeldung on Computer Science
SYN/ACK in the TCP Protocol | Baeldung on Computer Science
Learn how to create a TCP connection between a client and server by sending the correct packets to initiate and complete the TCP 3-way handshake.
you wouldn't be able to play the game otherwise
if transaction packets did not exist
you would not be able to play multiplayer without people flying around every game
for general networking knowledge cisco has a networking academy course that teaches you the basics of tcp/networking and whatnot
hypixel 2020 was crazy
in 1.17 mojang removed transaction packets, but thanksfully they understood anticheats needed them and added Ping/Pong packets with the exact same behavior to replace them
this ping/pong packet is not used in vanilla, they were specifically implemented for anticheats
If we didn't find transaction packets ack usage before 1.17
It's very likely they wouldn't exist anymore and we would be fucked
this?
btw
1.17 released in June 8 2021
Transaction packets were discovered in 2019 but only widely used in 2020/2021
Very close call
oh thats why i couldnt find in wiki vg
yeah i was looking too lmao
The reason why we use transaction/ping packets instead of keepalive packets (which also give a response packet back)
It's because keepalive are async, they will send the answer immediately, however this make things even more complicated
meanwhile transaction packets are synchronized, the response will be sent at the start of the next client tick
wait is it one of these (old wikivg)
I just realised my video on reach has 8k views lol
Confirm Transaction yeah
it's Confirm window transaction something originally I think
so could these have been used in 1.17 instead but more annoying
would definitely create a LOT of issues
and make many things not possible
3.01 reach check is not possible with keepalive packets
it will have many false positive
the more you learn lmao
cool stuff
hold on so what fields do you use in this youre not using an actual window
negative number, probably
would be ignored maybe
i can sense the headache you had with this at one point lmaoooo. anticheat dev seems more complicated than ever to me lol
thanksfully i don't do that on polar
Anticheat just requires a shit ton of knowledge on everything xd
I did it with my old project and realised it was a waste of time
I went with a different concept/design for polar
so theres a way to just skip past all this?????????
mhm you don't skip everything, but there are ways to simplify all of it by a lot
strangely no one is doing it and they rather spend 2K hours fixing 10 bugs
0 as window id (player inventory) and false on accepted boolean, the action number is kind of the "id" for you to use in your synchronization tracking, can use anything in 16 bits range
so just like a random number that i assume the client also sends back
generally negative action numbers are used to avoid interfering with vanilla one (vanilla one start from 0 and increment by 1 everytime one is used)
correct
so do you like count down
up to you
as long as you can track confirmations you can use any pattern you want
generally though people just do -1 and when it reach the negative limit of a short they reset it to higher negative values
:polarbear:
truly a bear
this polar bear police thing is so perfect for it 😭
no problem just steal polar source 🙂
so real
who even made this emoji lmao
was this made for polar
💯
or did you just find it on the internet
no clue, I found it randomly and thought it was a perfect polar meme
i honestly thought the polar logo was mapped onto its hat 💀
ai has ruined google
i fucking hate this
yeah
generative AI is really cool but it's causing a distribution problem
Know Your Meme
I am looking for an escapee | Polar Bear GIF
See more 'Polar Bear GIF' images on Know Your Meme!
GG
has anyone tried the entity culling on this yet https://builtbybit.com/resources/raytraceantixray-ores-entities-tiles.41896/ ?
BuiltByBit
RaytraceAntiXray | Ores, Entities, Tiles
The best antixray solution for everything including ores, entities, and tiles utilizes raytracing.
i own imanityspigot
not sure if it has raytraceantixray though
I don't really care about the anti-xray, I care about the entity culling
it prevent ESP
oh
that sounds extremely cool yeah
20$ is a bit pricy though eh lmao
there is another thing they don't do though which is a missed opportunity, you know you can't always hide players behind wall because you need to see their username
they have a test server
you can try
but they could hide all their armors and items they are holding
ima try it out
but they aren't doing it
they have a lot of culling stuff huh
if you can let me test it I would love to see if it's good or not
didn't work when I tried to generate one
i'm trying now
it worked
51.161.207.150:25571
I tried 1 month ago so let me try your ip
nope
starting right now
I had this problem last time too
are you trying on 1.20.4?
im on 1.20.4
hmm yeah
does not work for me either
might contact lee about it?
I swear I remember an open source thing that did that (the entity one not raytraceantixray)
antiaura esp(shit, no offence)
anticheataddition(also shit, no offence)
hahah @Lucky
feels like a raid lmao
Yeah I was considering doing it for Polar so I started looking if it already existed before doing anything
however all the open source one are really bad in terms of code, performance and they are just shit in practice too
hide entities you can see and hide entities only in extreme scenarios
opinions on Grim
im wondering how they deal with ping related stuff
I want to try this one to see if it's actually very effective or not, otherwise I would want to make one that hide even behind tiny walls etc
i was trying to make something to stop players from hitting through cobwebs and delay was killin my soul
lmao
Respect for doing open source, trying really hard, but terrible code structure and the core design is not compatible, define fell into the technical pitfall of trying until he quit instead of looking around if he could do it differently
grimacing is a word?
grimace is a word in french
remove the last letter 🔥
yes!
🥖
🔥
yes, thats how my brain felt
i heard with a french keyboard
I guess you understand why it's not in Polar now
in order to use the number line you need to hold shift
i have a full new appreciation for anticheat developers
otherwise it does not actually type a number
is that true
what the hell
everything I add to polar, I must maintain it, if I start adding billions of random things, it will become as actively updated as grim 🔥
fair enough hahahaha
heard it from a french guy
in a video
that is correct
or you can press caps lock
😭
but that is correct.
😭
tbh i'm so used to it now it doesn't bother me
but i'm guessing it's definitely more efficient to not need it
why do you guys not have a number row though
tru but polar makes a lot more than grim does, like there’s a reason to continue developing it
im pretty sure Ao uses grim for pvplegacy i think?
yes, grim 3.0
here the characters that appear if you don't use caps lock &é"'(-è_çà
is grim 3.0 a thing
yes
damn lmao
it's open source, could have hundreds of contributos :kappa:
is grim 3.0 just permanently private
(won't happen because anticheat is too niche as I said few days ago)
machine is meant to release it soon
wasn’t grim3 always meant to release soon
the only people that can maintain grim heavily (not just small tweaks time to time that take them 20 hours to do) are autistic kid and these autistic kid don't wanna do it, they have a hobby of doing their own things
yeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaah
about that one
this is why grim is dead even though it's open to PR
why autistic
😭
because you are either mentally damaged or autistic
you got to have that mental headspace for anticheat dev i guess 😭
it's not possible to make anticheats otherwise
yeah LOL
I don’t even know how people get started with getting the knowledge to create an anticheat
packets and shit
you enter a mojang employees home
‘Packets’ is so vague though
Nik
YouTube
Spartan Bukkit Events (Official Music Video)
🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏🙏...
thats how you start your ascension
best anticheat
the song is legit fire though
like actually
Minecraft protocol always just finds a way to be as cursed as possible in the most unexpected ways
if we take myself as example, you need to realise i'm not a genius or anything, I literally spent 2016 to 2022 doing anticheat 5-8 hours/day for FREE and without open source or any attention dopamine feedback beside self satisfaction
and then I coded polar from scratch without any income from it for 1 year and then I had somewhat an income from anticheats
you just need dedication and dedication
unless you are mentally challenged, no one will do this
mmm yes
most give up after like a year lmao
does polar not make like quite a lot now
enough to buy one of those oracle yachts
are you fulltime on polar now?
probably the highest paying ac job on mc beside hypixel and some big bedrock servers but NOT worth the 8 years of experience and learning spent into it
I probably spent 10-20K hours on mc anticheats
i really do not understand why someone would make an anticheat lmao
the money you earn is nowhere close to be able to live
I guess but polar is only getting bigger and bigger
yeah, polar and moon are my full time jobs
probably below the hunger line
well maybe not lmao
wait moon???????
how old are you lucky genuinely
i'm 22
mhm?
polar 🚀 🌑
public knowledge for a long time lmao
lucky devs moon
he's on moon discord 🤣
💀
make sense tbh
been in the shadow on moon public relation for a while
why are like all the anticheat devs also at moon
like polar devs intave devs
because I joined intave team to help them
and then lennox got into it with me later
my anticheat src collection is crazy 💀
I have contributed to pretty much every anticheat that exist 😭
this is like minemenclub moment of making the anticheat and the cheats for it
spartan?
Manthe Industries, LLC
only anticheat I didn't code directly for
but I did help vagdedes
that is meant to be a secret...
directly?
(lie)
lucky is coding the ai machine learning used in spartan
polar is secret spartan we all know that
yeah
fork of spartan
why do so many people say that grim is trash
who does?
random conversation with vagdedes
sadly vagdedes is never able to make use of any advice efficiently
grim doesnt have combat checks, and movement still has issues.
but it isnt really trash. There are anticheats worse. its just not really the best, and needs a anticheat to be paired with it to make it workable.
atleast that's my feeling
idk I see a lot of people saying that grim is bad and that like vulcan is better and stuff (I paid for Vulcan can confirm it isn’t better)
have you ever talked with the astro devs? their config looks eerily similar
@Lucky have you ever considered making your own anticheat?\
no astro dev just took grim, added vulcan checks and packed it together while stealing our documentation
you seem knowledgeable enough to do so
I did recently, since 2022/2023
is it done?
he owns polar lmao
the message deleted 😭
thank you for the appreciation though
i didnt see it
you don't need to see it
OH LOL
ah
wait u weren’t trolling????
💀 💀
MB!!
wait what
what
yikes
astro dev are also 100% alts of people I know
I don't know who they are but they are using alts
polar or astro
are there any anticheats that are actually similarly good to polar rn
XD
how do you know?
polar is nice (except they they want to have my address to they can send polar bear police if I decompile)
If i say "i don't think so" I will be called egocentric so make your own opinion 😭
why does polar actually ask for address
no
KYC
@Jenkins I think we all saw that
just a wild guess but it's very rare newly created discord accounts with never heard names start doing this
astro is probably the closest on latest, but yk. they have their own skill issues
KYC is common procedure for enterprise software
also atleast when I had polar the cancel subscription button like conveniently did nothing so I had to remove all my payment details instead
you need identification of your customers
yeah QOL especially for websites are definitely not perfect
also address is a legal requirement for any payment you make lmao
for tax related stuff
sadly we aren't web developers
astro devs also started making something called lynx ac
i am not surprised polar does kyc
but that also ended completely now pretty sure
i saw that too yeah
saw that
why are you deleting messages 😭
you are confusing my brain, stop it
kek
too obvious 😭
if you want to say it say it but just deleting it one sec later does nothing as ppl with message deleting log can still see it clear as day
they only said ‘too suspicious’ iirc.
ppl with message deleting log can still see it clear as daythose are stored locally and deleted after a restart of the client
how hard would it be for someone to crack the offline part of polar
nothing bad
they deleted more earlier
nothing bad, just a bit annoying ig
you wont know till you try! /j
There are several things people can do to stop cracking plugins
But you can never make it impossible
nah this guy has my address the polarbear police will appear at my door
Jenkins bro
should've seen it
anything is crackable, just how long it would take, and consequences for doing so would probably not be good
very speculative ig
offline polar is basically just grim right but less falses
there would be consequences
no...
if you simplify is very extremly i guess
without all the exploits
oh my god
whoever made that REALLY understood web dev
Would you rather make an anticheat or code in javascript?
JavaScript is actually just annoying imo
now that is actually a really hard decision
wait
javascript
now whats the output
I’d rather maintain grim then use javascript
8?
2
nope
nope
33
?!
you sort them so it becomes 2, 8, 33
when you get the second index(1) you get 8
javascript turns it into strings
have fun!
WHAAAAAAAAAAAAAAAAAAAAAAAAAAT
😭
I was guessing 2 hoping that .sort() is a clone rather than mutation meaning it wouldn't change the one you print
oh
god
imagine making an anticheat in js
no cap
rust?
🥺
Either 8 or it won’t because it’s a constant
Polar is rust powered
what
😭
typecript would be better but
whaaa
can it not figure out that 8 is a number
imagine making an anticheat in Skript
skript is the best guys!!!
hey uhm.. 2015..you know uhm... I-
who's gonna tell him
So…
I used to use skript lol
disowned
what did you do
like only 2 years ago
I was a skript dev
oh god.
We still have some legacy skript code on our server but we’ve replaced most of our skript with Java
lucky made a skript anticheat
yes
Skript-MC
Sully Anticheat
Pour commencer, Sully est Anticheat fait en Skript pour Minecraft 1.8.x par moi même, il nétait pas censé être public (Cest une version que jai pas touché depuis plusieurs semaines) mais finalement jai changer davis (Plus dinfos sur ça dans le skript). Sully détecte la plus part des cheat de mouv...
here is the link i just found it
is it..
Wait actually this was you?
any good?
I only ever learned java because I had to use packets and didn’t want 4 TPS
yes
I made it in like 2016 I think
and posted it later
how good was it lmao at detections
WHAT THE
HELL
LMFAOOOOO
terrible
but
not as bad as other skript ac 😭
then again
skript sucks
so we can blame it on that
that is correct
skript code even if you use it properly is terrible 💀
checkout FlyA
at least it's the easiest way to make a quick lil addon
gravity check before everyone 🔥
because it's as simple as writing a sentence
nvm it's FlyB
skript is horrible but like I still respect it because I don’t know if I ever would have even learned Java if skript didn’t exist to get me into server custom stuff development
🔥
This is the closest thing we have to polar in skript
😭
Is there actually any good free anticheat? (I currently use themis but idk)
My god
grim
crack polar 🔥
ight who’s gonna make a prediction anticheat in skript
No way
.
no comment
before transaction packets existed
lol
I’m so close to bypassing it
in 2016 this was 100% of anticheat
I get 350
even gcheat would disable at 500 ping 😭
😭
will look at that tomorrow
just spoof to 500 xddddd
anticheats have evolved a lot
since 2019 yeah
lucky the more i talk to you the cooler you are lmao
from 2015 to 2018 it was very stuck
so you could just run like clumsy + wurst and fly around on most servers?
❤️
yes
100%
i think you can spoof ping without actually making your ping worse
not even that, you could just delay keepalive only and no other packets and it would work
it was pure anarchy before transaction packets were used
yeah that
every single anticheat had INSANE bypasses
it's very new that people don't fly arround all of the time
Imagine if polar was just a script but with actual obfuscation
not really possible
I remember I would go on HCF servers, and the moment I dropped a bow with infinity enchant, I would fastbow and make 100 kills flying around
the best you can do is extremely basic control flow obf and renaming
He didnt quit for that reason
it is
🔥
polar is actually just skript
with drm
curious to see the entity culling thing
yeah i am too
it sounds like something good
especially tile anti xray
At this point just give me a vouch copy of Polar
😎
:kappa:
Give bloom one at this point, anyone who gets an issue with them they just recommend polar
🔥
i'm thankful to anyone supporting the project
I recommended you like 15 people of my discord already 😭
i kinda wanna try making a prediction anticheat just for the challenge of it
Brain damage
Something this impossibly hard isn’t a challenge tbh, it’s brain rot
UniverseAC when
I had one
what
Yes
:HUH:
true minecraft just has way too many edge cases for the most random stuff that will probably give anticheat brain damage
It got his own issues though
when???
1y ago
It will release but paid version
how much to make all your repos public /j
More than 50k
WHAT
grim 3.0 is gonna release as paid???????????????????????????????????????????????????????????????????????????????????????
fair enough KEK
traitor
I'm not into Grim development anymore
I got all my private projects including my experimental 1.8 forks that runs with less ram than 1.7 in that github lmao
is it going to be proprietary?
damn
I didnt said it though
Oh i got images of initial versions of Universe 😭
It could already handle 450 guys
450 guys!
hi
thats sexism
What if all of them were actually guys
initial as in early development stages?
what if otherwise
Ye
damn
respect
From 30 oct 2023
-.-
Lmao
My poor abandoned 1.8 fork
😭
"ThePixelHost"
heh
It's a dead host now
bots or real players
Bots hitting and loading chunks like at fly speed 2
sheesh
44mb idle
I didnt had social life at that time though
wait what
44mb
what was it like with the bots
1.8k bots only 5g
(includes chunk loading)
damnn
chunk loading or chunk gen?
both
:eyes_zoom:
I also tested it on a production server that decided to play with it
Was a minigames one though
I was thinking of doing another 1.8 fork with my new 1.20 knowledge but i'm lazy
fair enough
what was even wrong with it i remember you saying it had some gamebreaking bug that made it trash for pvp or something
All vanilla mechanics except pvp were fine
Hit registration sometimes got desync
so did it just feel trash
Hmm for normal people is okay
But the testing server was a pvp server
💀
uh oh lol
And isnt like 'trash' but a bit random sometimes
send jar 🙂
never
gotta ask nicely
i meannnnnnnnn its not like its gonna get used ever
i will be your slave for a hour for the jar
Deal
NONO
fuck
I can sell it
(if you fix it)
I dont maintain it anymore
I better do a new one from scratch
i mean it could be good for lobby servers lol
holding 2k players on a lobby server would be helpful
Just use multiple lobbies
wdym by this btw
Too late or too early
yea but you want lobbies to have like as minimal resource usage as possible
what even caused that?
Never figured it
I got more than 1k patches
Pain to test
so were the cooldowns messed up?
There is cooldown on 1.8?
like the 10 tick damage invulnerability
huh
Hmm something like that ye
could you not just like override it manually from a plugin ez
¯\_(ツ)_/¯
wait now i think about it if you managed hit cooldown from a plugin you could probably make the hit cooldown independent of TPS to make pvp not unplayable on ass server tps (not universespigot related)
You're still stuck with the packet handling
yea it wont be exactly 0.5seconds if you dont want to break hit listeners but it will be much closer than otherwise
I have a incoming patch to improve hit reg though
(reliably)
to 1.20 uspigot or what?
Yes
not the criticals check 💀
wdym by improve hitreg tho hitreg is generally fine
Ye was a mess
🤫
did this guy break hitreg and fix it again?????
i mean as long as server is 20tps theres like no hitreg issues i know of on 1.20
I know a lot of ways to make that go brr
but like you cant fix something that isnt broken
Never said it's to fix
unless you can like make it a tick faster from something in the game being broken or something
It's just an addon for my 1.8 combat settings
It matters in that case
uspigot 1.20 has 1.8 combat?
Yes
so just like oldcombatmechanics but a little different
Better
¯\_(ツ)_/¯
i mean 1.8 combat emulation is like a blockhit animation away from being perfectly 1.8
You can adapt 1.20 mechanics to work as it would on 1.8
WAIT
hold on
im booting my game i might have cooked a way to get the blockhit animation on 1.20
using a texturepack ofc
let me cook
hold on dont let me cook lunar client wants to update
Minestom :D
Yeah, and from what I know too, one of my friends already has a full scaffold for it 💀
It’s being used on 2b & legacy rn, I don’t know any other server
..it has no heuristical checks
Yeah but I mean a blatant scaffold
They have a scaffold check
It’s just sorta dogshit, same with their speed check
Not coming from me tho ^^ I’m friends with someone who does tend to cheat a lot on legacy
dont let him cook ever again
yooo it works https://medal.tv/games/minecraft/clips/2ctMGfQge5Gkzv/d1337L0eOR4g?invite=cr-MSx3VFcsMTg1OTU0MDg3LA
im_a_blobfish
Medal - ⭐️ Clip up to 4K 144 fps for free!
Untitled - Clipped with Medal.tv
Watch Untitled and millions of other Minecraft videos on Medal, the largest Game Clip Platform.
thats like actually good for oldcombatmechanics sevrers
its just a resourcepack but it'd need a server plugin to go with it to work properly
we also had a deal
for the jar
wait ur actually cooking
if possible could u send me the pack?
I do know how it works
O
Nvm tought you where talking abt something else
The message did not load
By security I meant the loader
Like you guys use a loader and basically every security measure we can take.
I stg when this came out I was like this looks familiar
So the skid accusations are true?
People been telling me about it but some other people where telling me no
its just a concept pack and not like at all usable on a server
i could make it fully but like nrn
yea i know, i wanna see if i could lol
For safety reasons we do not allow executables to be sent as they might contain malware. If you're compiling for someone please DM them and as a reminder. We cannot verify if a compiled jar has not been tampered in any way
i cant send zip files in here
Add me 2s
all it actually is a shield in the main hand with the model files changed
to get this to actually work on a server youd need need to change the pack to only show the texture based on certain nbt so u can have multiple sword types, and on the server youd have to mess with the packets to make the shield get sent to the client instead of the sword, or just use the shield and make them act the same as the swords
Gofile - Free Unlimited File Sharing and Storage
Gofile is a free, secure file sharing and storage platform. With unlimited bandwidth and storage, you can easily store and share files of any type without any limits. Our advanced features, such as CDN support and password protection, make Gofile the ideal choice for individuals and businesses alike.
yeah honestly i think we could make this message ephmeral
you can't
unless you DM the person it
ephemeral is only for application commands afaik
oh
darn
and interactive buttons
well yeah
also when you use that
form thingy
modals
which can be only triggered with the buttons though
yeah
well not just buttons
any interaction
(buttons, application commands)
go away
no
💀ians
fake mustfa clone
eternal smh
what
how dare you
:SUSSY:
I'm submitting a DMCA to that message
what stops people from just manipulating the transaction packet response times around position stuff for like a backtrack or something
it depends what you mean to ask precisely here
if the exact current position of a differnet player on a client is determined through sending a transfer packet before and after to get the full range of places that the player could appear for a perfect reach check, how can you stop players from just delaying the second transaction packet response to send much later to give a bigger range of locations that the server knows that the enemy players could be in so that the client can just use backtrack cheats to hit a player's old position for a sort of reach cheat
If you only delay the transaction packet then you're in troubles
And if you don't send the transaction packet and keep doing actions then also in troubles
(In most cases)
yea but how
Because you check for that specific action
The client needs to answer the transaction packet
I guess it’s tcp so the client cant receive more packets until the transaction gets sent back I guess because they have to arrive at the client in order
yeah you can do that
most of the time it's limited by timeouts etc but
i have yet to see a cheat abuse transaction split for a reach advantage
most of them rely to backtrack which delay all of them rather than the second one only
in theory you can land impossible hits with this just because the server cannot be sure
could be combined with backtrack
had a look at the screenshot, a look at the name, and was instantly thinking "great branding!"
Sheesh
what the fuck
its the monthly anticheat thread, nothing new
happens quite literally every month
your dms are next
I wanna make next months ac thread
I call dibs
No this is my thread
Mine
It’s our thread now
Communism!