Jump to content

Poll: Make mod usage transparent in 0 A.D.

guerringuerrin

By guerringuerrin,
in Game Modification

 Share

Poll: Make mod usage transparent in 0.a.d  

10 members have voted

  1. 1. Having a way to check the integrity of mods is a good thing.

    • Yes
      10
    • No
      0
    • I don't know
      0

Recommended Posts

guerringuerrin Triplicarius

guerringuerrin

Posted
Posted

The debate around the use of mods is a broad and somewhat controversial topic that I’ve observed since I first became part of this community. I’ve noticed that, whether in favor of or against the use of mods, many argue that it’s impossible to prevent them. Even if all players in a match (not just the host) could see which mods are active, they claim there’s no point in adding such a feature because it’s very easy to rename a mod to disguise it as something else and hide what’s actually being used. One could even inject a mod inside another mod and achieve the same result.

Below, I’m sharing a sort of "white paper" outlining what I believe is a possible alternative to this issue. While it may not be free of weaknesses, it could make it significantly harder for players to deceive others.

Mod Integrity Verification in 0 A.D.

Objective

Prevent the use of hidden or modified mods that provide unfair advantages in multiplayer games, through automatic integrity checks without compromising player privacy.

Context

Currently, players can install mods in two ways:

  • As folders, which are easily editable.

  • As .zip or .pyromod files, which are harder to modify without leaving traces.

There is currently no native mechanism that allows the host to verify whether a player is using a modified mod.

Proposal

Implement local mod integrity verification using cryptographic checksums (e.g., SHA256), and report this data to the host.

How it works

  1. On the client (player) side:

    • When launching the game or connecting to a match:

      • The client calculates a hash (e.g., SHA256) for each enabled mod.

      • It generates a list with: mod name, hash, and enabled status.

      • This list is automatically sent to the host.

  2. On the host side:

    • The host receives the list of enabled mods and their hashes.

    • It compares them against a predefined whitelist (for a tournament, server, or community).

    • If mismatches are found, the host may block the connection or issue a warning.

Security and privacy

  • No file content is transmitted.

  • There is no remote access to the player's file system.

  • Only mod names and hashes are shared.

  • Forging these values would require tampering with the engine or core scripts.

Advantages

  • Makes it harder to use undetectable modified mods.

  • Promotes transparency and fair play in multiplayer sessions.

  • Scalable for tournaments, ranked matches.

Suggested implementation

  • Add SHA256 hash computation during mod loading.

  • Extend the multiplayer connection protocol to include mod hash information.

  • Allow hosts or servers to define and enforce a list of accepted mod hashes.

Technical considerations

This system is not intended as a foolproof solution against all forms of malicious modification. While verifying and reporting mod hashes locally significantly raises the difficulty of using altered mods without detection, a technically skilled user could still modify the game engine to falsify the reported hash values.

It’s also worth noting that 0 A.D. is widely used on Linux, where many users compile the game from source due to delayed updates in official repositories. In such cases, the compiled binaries may vary between users even if the source code is the same. However, this does not affect the validity of mod verification, as hash comparisons are made on the downloaded .zip or .pyromod files—whose hashes remain stable as long as their content is unmodified.

Despite these limitations, the proposed system represents a meaningful step toward improving transparency and reducing the prevalence of undetected mod-based advantages, without requiring invasive anti-cheat mechanisms.

  • Like 2
Link to comment
Share on other sites
Seleucids Triplicarius

Seleucids

Posted
Posted

Great effort @guerringuerrin, I look forward to your implementation on gitea! 

Your hashing is useful for debugging mod issues and OOS aside from its intended anti-cheat effect

The only bottom line is don't create an anti-cheat that autobans Linux or windows users. PUBG and Apex legends are the bad role models here

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...