Velocity - the bhop game


dammit i didnt think this through


edit: Actually no because the server side is closed source and there would still need to be other checks
I guess it would be needlessly complex for a small-scale game though :stuck_out_tongue:

edit 2: Ah but hold on the binary sent by the server would only be callable by the client, and it could do memory checks to prevent other applications using it!


Yeah or you could just send demos to server


You would do that too, but the server can’t automatically detect cheaty demos (easily), which may not matter now but if the game ever gets really popular there needs to be a proper way to filter out fake times.


Have the game insert a piece of encrypted metadata into the demo file, when sent to another player to be played, the game decrypts and reads the metadata which has an md5 like ID in it with VELBHOP[randomcharacters]GAME.
That’ll verify that the demo was produced legitimately with another copy of the game, the demo could also have a log of what inputs were used while the demo was being recorded, or even a list of hooked .dlls in it.

But that all sounds a bit too extreme for the time being. I’d imagine if Bhopping were a popular competitive game, or even an “e-sport”, this kinda thing would be used to make sure demos were legit.

That brings up the question: Why isn’t bhopping that popular of a thing to do in games nowadays? Skill based movement in modern games is dead if you ask me, it’s all just clicky clicky shoot shoot these days.


An external tool could do it, so how does this serve to verify the demo. And where are you going to store the encryption key?

That brings up the question: Why isn't bhopping that popular of a thing to do in games nowadays? Skill based movement in modern games is dead if you ask me, it's all just clicky clicky shoot shoot these days.

Because bunnyhopping was never intended as a feature even in Quake. Modern games probably learnt from this “mistake” and took care to prevent it. Or, they simply do not have the sophisticated airstrafing mathematics, hence there is not much to exploit.


The encryption key would have the characters “VELBHOP” and “GAME” in it, therefore proving that it wasn’t made externally, It would probably be stored as a second file, kind like we use .sav and .dem along side one another, or have it be like an archive, kinda like how ZIP files have passwords stored in themselves but can’t be decrypted without a dictionary attack or something. There’s probably a more secure way to do it but, it’s just an idea.

Or there’s this: The game has a Meta-Info file that isn’t re-writable that has a list of all the files that should be in the game if it weren’t modified. The demo will write a list of files that were added to the game and were used during the recording of the demo, and a small warning may appear that says the demo was recorded with unknown files or something. The detected files could be kept in the LZ77 compression so that it won’t look much different to the rest of the Demo Info.

Such a shame :’(


I don’t know if you know how encryption works. The zip file doesn’t store the password, it uses it to create a key which modifies the data so the same password is needed to turn it back to something readable.


I thought the passwords were just compressed/encrypted with the same method used to pack the .zip (LZMA, BZip)


No, because that’s reversible, so then the password would be pointless :stuck_out_tongue:


I need to go back to encryption 101.


Real men store passwords as plaintext


Made a new update! It has some small bug fixes and v_tempel_v1 looks better now. This should be the last update before 0.2.3


Hi. So, uh… today, I decided to load up Velocity today for the first time in a while, and I discovered that, for whatever reason, as soon as my antivirus (BullGuard) sees the .exe for velocity, it quarantines it almost instantaneously. If I restore it, it just gets quarantined again, and I don’t see a way to whitelist it. :-\ Obviously it’s a false positive (that or Asuro is trying to l33th4ck us 8) ), but is there any way around this or do I need to contact BullGuard about this? Also, why would this even be detected as a virus? Is there some kind of hacky code involved that AV software doesn’t like?


Chrome had similar issues, and i don’t really know why. I suspect the save demo to file feature, but that’s just a wild guess. I already scanned all the game files with multiple anti virus software, without results. Do you get any information about why the file gets moved in quarantine?


Nope. I worked out how to whitelist a specific file, which would be a solution, though in the unlikely event that an actual virus replaces it then that would be bad. It’s a solution kind of I guess, but obviously the best solution is for it not to be considered a virus in the first place. The weird thing is BullGuard often warns me of programs doing stuff but it lets me let them run if I click Allow. Whereas this just got dumped in the quarantine. I think contacting BullGuard is the only solution to this.

Actually, come to think of it (also just a wild guess), maybe the leaderboard thing is scaring it. You’re using some obscure free PHP host with a dodgy domain name which is probably used by at least a couple of viruses. In that case you’d have to go for, e.g. Heroku Postgres or some other trusted service.


I guess that could be a reason too. When I “release” the game I’ll certainly look for a paid host, but for now the free host is enough.


Small progress report:

The level editor still needs a lot of work, but spawning GameObjects works.

World record and personal best will now be displayed every time you restart a level.

Other things:

[ul][li]You can now skip the start countdown by pressing space.[/li]
[li]After leaving a level you will return to the map selection screen instead of the main menu[/li][/ul]


Nice! You’re doing an excellent job!
Btw you’ve an error.


World Record? Do you harvest that data through a server or something?


I just get the #1 time from the leaderboard server ;D