Security System

Overview

The GC2 Networking Security System provides comprehensive server-authoritative protection for all Game Creator 2 networking modules. It includes:

Rate Limiting: Prevents request spam from clients
Sequence Validation: Detects replay attacks
State Validation: Detects state desynchronization and cheating
Violation Tracking: Logs, warns, blocks, or kicks malicious clients
Optional Source Patches: Deep integration for maximum security

Architecture

┌─────────────────────────────────────────────────────────────────┐
│                    NetworkSecurityManager                        │
│  ┌──────────────┐ ┌──────────────┐ ┌──────────────┐             │
│  │ Rate Limiter │ │  Violation   │ │   Sequence   │             │
│  │  (per module)│ │   Tracker    │ │   Tracker    │             │
│  └──────────────┘ └──────────────┘ └──────────────┘             │
└─────────────────────────────────────────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────────┐
│                   SecurityIntegration                            │
│  ┌──────────────┐ ┌──────────────┐ ┌──────────────┐             │
│  │ValidateCore()│ │ValidateStats │ │ValidateMelee │             │
│  │ValidateShooter│ │ValidateInventory│ │ValidateAbilities │       │
│  └──────────────┘ └──────────────┘ └──────────────┘             │
└─────────────────────────────────────────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────────┐
│                   Network Controllers                            │
│  NetworkStatsController | NetworkInventoryController | etc.     │
└─────────────────────────────────────────────────────────────────┘

Quick Start

1. Add NetworkSecurityManager to Scene

// Add to your NetworkManager or a persistent object
[RequireComponent(typeof(NetworkSecurityManager))]
public class MyNetworkManager : MonoBehaviour
{
    private void Start()
    {
        var security = GetComponent<NetworkSecurityManager>();
        
        // Initialize on server
        security.Initialize(
            isServer: true, 
            getServerTime: () => Time.time
        );
        
        // Set up kick handler
        security.KickClient = (clientId, reason) =>
        {
            // Your transport adapter's disconnect/kick implementation
            MyNetworkTransport.KickClient(clientId, reason);
        };
    }
}

2. Configure Security Settings

In the Inspector on NetworkSecurityManager:

Setting

Default

Description

Enable Rate Limiting

true

Limit requests per second

Max Requests Per Second

Per-module request limit

Enable Anomaly Detection

true

Track violation patterns

Violation Threshold

Violations before action

Violation Action

TempBlock

LogOnly/LogAndWarn/TempBlock/Kick

Temp Block Duration

30s

Block duration for TempBlock

Enable State Validation

true

Periodic state checks

3. Integrate with Controllers

// In your server-side request processor:
public NetworkStatModifyResponse ProcessStatModifyRequest(
    NetworkStatModifyRequest request, 
    uint clientNetworkId)
{
    // Validate using SecurityIntegration
    uint correlationId = NetworkCorrelation.Compose(request.ActorNetworkId, request.RequestId);
    if (!SecurityIntegration.ValidateStatsRequest(
        clientNetworkId, 
        request.ActorNetworkId,
        correlationId,
        "StatModify",
        request.StatHash, 
        request.Value))
    {
        return new NetworkStatModifyResponse
        {
            RequestId = request.RequestId,
            Authorized = false,
            RejectionReason = StatRejectionReason.SecurityViolation
        };
    }
    
    // Continue with normal processing...
}

Optional Source Patches

For maximum security, you can patch GC2 source files to add deep network validation hooks. This prevents clients from bypassing network validation by calling GC2 methods directly.

Access via: Game Creator > Networking Layer > Patches

Module

What Gets Patched

Abilities

Caster.Cast(), Learn(), UnLearn()

Stats

RuntimeStatData.Base, AddModifier(), RemoveModifier()

RuntimeAttributeData.Value

Inventory

TBagContent.Use(), Drop()

BagWealth.Set(), Add()

Melee

MeleeStance.InputCharge/Execute(), PlaySkill(), Hit()

Skill.OnHit()

Shooter

ShooterStance.PullTrigger(), ReleaseTrigger(), Reload()

WeaponData.Shoot()

How to Apply Patches

Go to Game Creator > Networking Layer > Patches > [Module] > Patch
Review the dialog explaining changes
Click "Apply Patch"
Backups are created automatically

How to Remove Patches

Go to Game Creator > Networking Layer > Patches > [Module] > Unpatch
Original files are restored from backup

Check Patch Status

Single module: Game Creator > Networking Layer > Patches > [Module] > Check Status
All modules: Game Creator > Networking Layer > Patches > Status Overview...

Security Violation Types

Type

Description

RateLimitExceeded

Client sending too many requests

InvalidSequence

Out-of-order or duplicate request IDs (replay attack)

ReplayAttack

Request ID already processed

OutOfBoundsValue

Value outside acceptable range

StateDesync

Client state doesn't match server

UnauthorizedAction

Action not permitted for client

InvalidTarget

Targeting entity client shouldn't access

Violation Actions

Configure in NetworkSecurityConfig:

Action

Behavior

LogOnly

Log to console only

LogAndWarn

Log + send warning to client

TempBlock

Temporarily block client requests

Kick

Disconnect client from server

Custom

Call your custom handler

Module-Specific Configuration

You can configure different security settings per module:

var security = NetworkSecurityManager.Instance;

// Get config for specific module
var statsConfig = security.GetConfigForModule("Stats");
statsConfig.MaxRequestsPerSecond = 30; // Stats need more requests

var combatConfig = security.GetConfigForModule("Melee");
combatConfig.ViolationThreshold = 3; // Combat is stricter

Enable module overrides in Inspector by checking "Use Module Overrides".

State Validators

State validators periodically compare client-reported state with server-authoritative state:

// Example: Stats state validation
public struct StatsState : IEquatable<StatsState>
{
    public Dictionary<int, float> StatValues;
    public Dictionary<int, float> AttributeValues;
    public HashSet<int> ActiveStatusEffects;
}

Configure validation interval and discrepancy threshold per module.

Events

Subscribe to security events for custom handling:

var security = NetworkSecurityManager.Instance;

security.OnViolationDetected += (violation) =>
{
    Debug.Log($"Violation: {violation.ViolationType} from client {violation.ClientId}");
};

security.OnThresholdExceeded += (clientId, violationType) =>
{
    Debug.LogWarning($"Client {clientId} exceeded threshold for {violationType}");
};

security.OnClientBlocked += (clientId, duration) =>
{
    Debug.LogWarning($"Client {clientId} blocked for {duration} seconds");
};

Best Practices

Always validate on server: Never trust client data
Use rate limiting: Prevent request flooding
Enable state validation: Catch desync early
Apply patches for competitive games: Maximum security
Test thoroughly: Security can cause false positives
Log violations: Track potential exploits
Tune thresholds: Balance security vs. false positives

Troubleshooting

"Rate limited" errors for legitimate players

Increase MaxRequestsPerSecond for the module
Increase RateLimitWindow for burst tolerance

False positive state desync

Increase ValidationInterval
Increase MaxDiscrepancies threshold
Check for high network latency

Patches fail to apply

GC2 source may have been updated
Check console for specific error
Create GitHub issue with GC2 version

File Locations

File

Purpose

Security/NetworkSecurityTypes.cs

Config, enums, helpers

Security/NetworkSecurityManager.cs

Central manager singleton

Security/StateValidators.cs

State validation classes

Security/SecurityIntegration.cs

Controller integration helpers

Patches/GC2PatcherBase.cs

Abstract patcher base

Patches/GC2PatchManager.cs

Menu items & status window

Patches/[Module]Patcher.cs

Module-specific patchers

Library/GameCreator2NetworkingLayer/Patches/Backups/[Module]/

Auto-generated backup files

Version Compatibility

Unity: 6 LTS
Game Creator 2: 2.18.6+
DaimahouGames Abilities: 2.0+

Support

For issues or questions, please open a GitHub issue with:

Unity version
GC2 module versions
Console error logs
Steps to reproduce

PreviousAbilities NextOptional Patching Strategy

Last updated 19 days ago

hashtagOverview

hashtagArchitecture

hashtagQuick Start

hashtag1. Add NetworkSecurityManager to Scene

hashtag2. Configure Security Settings

hashtag3. Integrate with Controllers

hashtagOptional Source Patches

hashtagPatch Menu

hashtagHow to Apply Patches

hashtagHow to Remove Patches

hashtagCheck Patch Status

hashtagSecurity Violation Types

hashtagViolation Actions

hashtagModule-Specific Configuration

hashtagState Validators

hashtagEvents

hashtagBest Practices

hashtagTroubleshooting

hashtag"Rate limited" errors for legitimate players

hashtagFalse positive state desync

hashtagPatches fail to apply

hashtagFile Locations

hashtagVersion Compatibility

hashtagSupport

Overview

Architecture

Quick Start

1. Add NetworkSecurityManager to Scene

2. Configure Security Settings

3. Integrate with Controllers

Optional Source Patches

Patch Menu

How to Apply Patches

How to Remove Patches

Check Patch Status

Security Violation Types

Violation Actions

Module-Specific Configuration

State Validators

Events

Best Practices

Troubleshooting

"Rate limited" errors for legitimate players

False positive state desync

Patches fail to apply

File Locations

Version Compatibility

Support