Valorant Dev Tracker

I've written an article about the Fog of War system, hopefully it'll come out next week. It includes a gameplay clip that shows a wallhack both before and after Fog of War. Hopefully that'll be helpful!

I agree!

It's going to take a lot of time and effort to keep cheaters under control but I think it's necessary if we want to create a competitive shooter that lasts.

Thanks for the kind words!

One of the reasons I like talking about Fog of War is that it's one of the rare anti-cheat systems where knowing how it works doesn't make it less useful. We often don't share details of our security measures in fear of helping out cheaters but this is an area where I think being transparent is helpful.

I experimented with this a little bit and it was harder than I thought.

The problem I ran into is that how the sound is "rendered" depends a lot on the exact location and not just the attenuation due to distance. There are factors like occlusion and special effects like reverb that get applied based on position. Even the sound asset itself can vary based on exact location (imagine footsteps on grass versus footsteps on wood).

I concluded that it'd be possible to get it mostly working but the effort wasn't worth it. You'd end up with a mostly correct sound (probably a noticeable difference to what was originally intended) but a hacker could still guess a location from it with reasonable accuracy by taking the direction and volume of the sound.

Maybe someone cleverer than me will figure out a solution, if so I'd be happy to hear it!

It's similar to web security bounties, reports are eligible for a reward if they lead to a change in the software to address the reported flaw.

So for example if a researcher reports a way to defeat the mechanism that ensures that the game client executable hasn't been modified and in response we make a change to fix the attack (by improving the mechanism) they'd be eligible for a reward.

On the other hand if a researcher created a general purpose AI that could play the game impossibly well by using a keyboard and mouse that report is unlikely to be eligible for a reward since there's no improvements we can make.

Though this would be the least of their (and our) worries as the tac shooter robot uprising would soon begin likely destroying human civilization.

Yeah, the need to play sounds for enemies even if you can't see them does weaken the Fog of War system, especially if a sound visualizing hack is used.

Sorry for the inconvenience! If we find a way to support cloud gaming services without weakening our anti-cheat protections we're definitely open to supporting them. We don't have any plans for this right now though.

Because pushing you out of a safe position in to something like a Vandal trained on you is a deadly threat. It takes threat of death to force repositioning - you can soak a Diva arrow, but Raze is about small area, high threat position clearing

We're working on it! It's not anti-cheat related though, it's because of how our netcode works.

What's happening is that the game is sending a packet every frame (sometimes more) to try and maximize game responsiveness. However, if your frame rate gets high enough the amount of packets can overwhelm your router (or your upstream bandwidth).

The workaround for now is just what you suggest (turning the FPS limiter on) but in an upcoming patch we'll have a fix that reduces the number of packets sent so that we don't accidentally crush routers.

Well said!

I wouldn't say that it's fine exactly but I don't think the measure of success is whether or not there can be cheats, instead it's what impact cheats are having on the game as a whole.

I'm hoping to get the bans as close to the detection as possible, even terminating a match if a player in it is detected. Sometimes there will be a delay because the cheater will be detected by some offline processing but I believe that where possible cheaters should be removed quickly.

It's a balancing act though because each ban gives cheat developers more information about what is detected and what is not, that's one reason that banwaves are a thing. Sometimes a banwave makes sense to try for maximum disruption of a cheat developer's operation.

We'll probably use both strategies but I'm going to advocate for immediate bans as much as possible because I want to remove cheaters from the environment before they damage any more matches.

Yeah, having anti-tamper technology is important but it's definitely not all we're doing!

Support tickets are great for bugs because the support agents know how to route the reports to the right developers. Other than that I know that devs are reading the bug megathread so that's another decent spot!

Edit: I'm pretty sure we've received other reports of this map bug, I heard someone mention it today so if I'm not confused we're working on a fix at the moment.

This is a tough one because one of the functions of the enemy outlines is to make the enemies easier to distinguish against the environment.

I'm talking to game designers and our art team about possibilities here, maybe we can figure out something that's good for humans and bad for pixel bots.

Yes, definitely! Riot Vanguard is very similar to ESEA's anti-cheat in some ways, one of the anti-cheat devs from ESEA works at Riot on Vanguard now.

Yes! We've got a bug bounty program on hackerone, it's entering its 7th year I think, for a little while at the beginning I was one of its admins. We accept reports on anti-cheat topics as well as more traditional application security reports.

Yes! We reward bug bounties for information on weaknesses in our anti-cheat technology as well as game bugs that can lead to exploits.

Oh sure, while I'm a little disappointed, I've never really expected the security work to be foolproof. The work over the last few years has really just set the stage for all the hard work that's to come. I hope that all this preparation will situate us well to respond to cheats going forwards.

I'm not really the brains of the outfit, I'm just the member of the team that's happy to talk to everyone. While I built some cool things (it's why I keep going on about Fog of War) the rest of the team are the real brains trust.

There're plenty of people both inside Riot and in the hacker community that are smarter than me but that's ok, working with (and against) really smart people is how I push my limits, learn things and just generally grow :)

Thanks for the kind words, I'll keep at it!

It looks like in this video the cheat is drawing the last known player locations on the screen, but you can see that they're wrong/obsolete until just before they come around the corner.

One way to tell is in a lot of the clips the enemy wallhack symbols teleport just before the engagement. This is because that's when the server had decided that the player needs that location information.

The fog of war system is dramatically reducing the effectiveness of the ESP here but as you can see there are still possible improvements we could make.

I've got a big article about how this system is built that I hope to release next week that goes into some more details.

thanks for the report, we're investigating