• tal@lemmy.today
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    edit-2
    1 year ago

    I’m kind of surprised that, given the history of the series, they didn’t make it a point to have atomic transactions.

    I mean, it’s not as if it’s an unsolved problem.

    EDIT: Not to mention that I’d have kind of thought that games like this would have a UUID attached to each generated item, to help deal with scammers and the like.

    • PenguinTD@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      I think they have but the exploit probably also generated a new uuid. (I have no idea how they implemented but I believe they can track down all the items. )

      • tal@lemmy.today
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        1
        ·
        edit-2
        1 year ago

        I mean, it sounds like this involved trading.

        There should be two types of interactions involving an item.

        First, when the item is initially-created, like at drop time, maybe loot boxes, that sort of thing. That should create a UUID, if the game uses them.

        Second, when an existing item is transferred. But the transfer code shouldn’t involve creating new UUIDs. And the trading code should only be doing item transfers.

        And any code transferring an item should be happening only on the server side, and should be atomic.

        I could maybe understand someone figuring out some way to get an item to be generated twice, like at drop time.

        But duping items when trading means that either probably code authoritative as to world state that shouldn’t be on the client is running on the client, or code that should be atomic isn’t. And for the latter case, I wouldn’t expect the item transfer code to be able to generate new item UUIDs, because it should be running transfer code, not item generation code.