Server Structure
Current Structure
Clients connect to game servers. Game Servers connect to the master server.
This allows for flexibility and scalability, as well as enhanced security.
The idea is that a game server will be hosted, either locally or in the cloud/on PearProgramming servers, for every class or school, depending on which the client prefers. Game Servers have full control over the state of clients' data, so all anti-cheat logic can be distributed over the game-servers, saving processing time on the master server. This does mean that there is a possible attack vector, where a modified game-server could send whichever data it likes to the master server. The solution to this is mostly to not care. While there is a small defense against this kind of attack since game-servers need to be registered, this does not guarantee security. However, the current game-design specifies that students can only interact with other students from the same class, so a game-server being modified or compromised has no effect on other servers.
Proposed solution for inter-class communication
Since we can never guarantee that a game-server is 100% trustworthy, we can delegate determining whether a game-server can be trusted to the other game-servers. This can be done by having 'befriended' game-servers, which can communicate with each-other (through the master server).
Hypothetically, we could add a 'web of trust', similar to how PGP does it.