Message from Manuel Freire about the Fleet architecture

6 views
Skip to first unread message

richard....@gmail.com

unread,
Sep 16, 2007, 5:25:53 PM9/16/07
to Fleet architecture, ri...@annexia.org
Hi
Rich,

Found a pointer to the "fleet architecture" document at Slashdot's
discussion on MMOGs from a few days ago. Skimmed through it, and
thought
that the idea was really very, very
nice.
I assume that the answer to "what happened to it" will be "so much
to
do, so little time" - and no, I can't really offer to take on the
burden
myself. But I would still like to suggest an idea, in case you
ever
decide to revisit this again. I think Fleet is a very, very
interesting
step to true P2P MMOGs, and I just can't help giving it some
thought.

The idea of every player-server policing the activities of
all
surrounding player-servers looks fine, but it introduces the problem
of
zero-effort intelligence gathering -- and also of players being able
to
reshuffle their assets any which way when nobody is
looking.

Policing could be moved to a time-delayed activity, thus
making
information gathering a bit more challenging, but keeping all other
game
mechanics intact. Messages exchanged would have two parts - one
for
actual gameplay (ie.: I'm accelerating by this much in this heading)
and
another for auditing (ie.: I'm using up this much fuel for the
task,
which I bought at such-and-such, and have that much still left).
The
auditing part would be encrypted, and after a delay, old encription
keys
would be distributed so that peers could check their
data.

However, this does not solve the "resource-reshuffling" problem. And
I
also think that giving everybody "full information", even if
somewhat
delayed, could be better served by "consolidating" player
operations
every so often. This would require "auditor-servers" running in
the
system; which would have to be trusted not to disclose the data
that
they operate on, and trusted with the unique privilege of stamping a
set
of player information as "honest". Notice that they would not
*keep*
this information themselves, they would only validate that
the
operations were legal, listening to any possible witnesses.
Therefore,
aditors could be easily be replicated, and would not be a
bottleneck
(except from the POV that you would have to host them somewhere,
and
there's the off chance that player-hosted auditors can be bribed.
Same
as in the real
world :-).

So, for instance, if the consolidated data of player "Alice" was
last
signed as "honest" and timestamped on T0, and it is now T1, and
Alice
has traded with Bob and fought with Carol since the T0 audit, and a
new
audit takes
place:
- The auditor asks Alice to provide her last ('T0'-dated,
digitally
signed) consolidated data; and include all her actions in the T0-
T1
range, and the keys to decrypt her audit-data as sent to Bob and
Carol
in the T0-T1
interval.
- The auditor requests Bob and Carol's Alice-related, encrypted
logs;
and checks them against the Alice-provided
data.
- The auditor signs Alice's consolidated T1 data, and marks Alice
as
clean.
- The auditor tells Bob and Carol that they can safely remove
their
pre-T1 Alice-related information, since Alice has been marked as
clean
up to
T1.
Auditors would be like web spiders, crawling up and down the web
of
inter-player connections, keeping people honest, and
offloading
policing, thus making information-gathering an important element
of
gameplay.

Any thoughts? Any ongoing developments on the Fleet
side?

Best,
Manuel Freire

Reply all
Reply to author
Forward
0 new messages