Haochen Han¹ and Yu Sun², ¹USA, ²California State Polytechnic University, USA

P2P(peer-to-peer) multiplayer protocols, such as lockstep and rollback net-code, have historically been the cheaper, direct alternative to the Client-Server model. Recent advances in WebRTC technology raise interesting prospects for independent developers to build serverless, P2P multiplayer games on the browser. P2P has several advantages over the Client-Server model in multiplayer games, such as reduced latency, significantly cheaper servers that only handle handshakes, etc. However, as the browser environment does not allow for third-party anti-cheat software, having a secure protocol that catches potential cheaters is crucial. Furthermore, traditional P2P protocols, such as deterministic lockstep, are unusable in the browser environment because different players could be running the game on different browser engines. This paper introduces a framework called Peercraft for P2P WebRTC games with both security and synchronization. We propose two P2P cheat-proofing protocols, Random Authority Shuffle and Speculation-Based State Verification. Both are built on known secure cryptographic primitives. We also propose a time-based synchronization protocol that does not require determinism, Resynchronizing-at-Root, which tolerates desynchronizations due to browser instability while fixing the entire desynchronization chain with only one re-simulation call, greatly improving the browser game’s performance.

Cyber Security, Anti-Cheat, Peer-to-Peer multiplayer, WebRTC.