Tic-80: scoreboard api

Created on 29 Oct 2017  路  8Comments  路  Source: nesbox/TIC-80

How i think this would work: You can enable a scoreboard for the game, which will show up in the web browser. Then there is a variable like 'SCORE'. The highest value of the variable SCORE will be saved in the online scoreboard when played with internet connection.

EDIT:
i dont think that variable thing is good. New idea:
Function submit(num score) will send the score score to the leaderboard if it is high enough.

API discussion enhancement

Most helpful comment

i don't think there's a generic way to make it secure. In a game i made years ago, i sent, along with the score, a recording of the game (like all user inputs with tic numbers) so that the server could "replay" the game and validate it. It was a car racing game and the recording worked also as downloadable "ghost car" for the record. I think only this kind of "ad hoc" solutions are possible.

All 8 comments

I am afraid that everybody would be able to send the same message and fake the score on leaderboard.

I am a little bit confused. What message? You mean the message the website is sending to change the top 10 list?

I suppose that the cartridge would send message to some web site to record new score on online leaderboard. I am not sure how to prevent anybody to send the same message. Basically I see no way how to validate that the score was reached in a game except sending all player actions in a game and replaying the game on the trusted server.

If you build it into tic, you could encrypt the message. Somebody could look at the source code though, or could look what message is sent at which score...

@Jummit Only submit the score if the game was ran directly from surf and the hash is unchanged. This would prevent anyone from submitting false scores.

All what is needed is to listen on the network and send the same request with larger score. The client is untrusted so any computation on the client are also untrusted.

I don't see a way how to implement it :(

i don't think there's a generic way to make it secure. In a game i made years ago, i sent, along with the score, a recording of the game (like all user inputs with tic numbers) so that the server could "replay" the game and validate it. It was a car racing game and the recording worked also as downloadable "ghost car" for the record. I think only this kind of "ad hoc" solutions are possible.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

novemberisms picture novemberisms  路  5Comments

ambyra picture ambyra  路  6Comments

Spreit picture Spreit  路  4Comments

nesbox picture nesbox  路  5Comments

Kozova1 picture Kozova1  路  4Comments