2012-02-04, 02:54 AM
SaptaZapta Wrote:I would think that a pre-determined "will succeed" would be much easier to exploit than one that is generated on the spot by the server.
A predetermined will-succeed most definitely would be infinitely more exploitable, you could simply hook a DLL into the client to tell you which scrolls were going to succeed or not, more or less the same way hackers could pre-determine potential. There's virtually no way to exploit a server side random chance of success. That's the entire point of doing it server side. Your scroll sends the trigger and consumes itself, the server determines the outcome and reports it back. It's a classic case of #8 in the list, in how client-server should relate.
It's not having what you want - It's wanting what you've got.

