1

I am making a browser card game. Each player has a number of purchased cards out of a big pool of available cards.

I need to make sure a player can not hack the cards he uses from the browser, so the server must authenticate he owns each card he uses and it is indeed the same card.

In order to make the app faster I want to store the cards data in an external JSON file and only say "player x owns cards y and z" and get the info on those cards from the JSON.

Are there any security patterns that can help me here?

4

1 回答 1

1

您可以将openPGP用于节点以创建两组密钥:一组公钥 - 用于您的客户端,一组私钥用于服务器。

使用每个客户端的公钥 - 您将能够加密代表每个玩家状态的 JSON,并防止通过黑客方式对其进行规避。

确保您阅读了依赖部分,以便为旧版浏览器正确填充您的游戏。

于 2015-01-16T20:18:46.363 回答