V
V
VzzzzZZ2020-01-21 00:06:01
JavaScript
VzzzzZZ, 2020-01-21 00:06:01

Is it possible to make the password coming to my server invisible to me?

I'm making a simple game with hidden information:
The player enters the site with his username and password, makes changes (gets a secret card)
Node JS server receives changes, changes the state of the game
Is it possible to provide privacy from me as the server admin? This can be any information - a password, a change in the game, etc.
Players must be sure that I ( also participating in the game ) will not be able to find out their secret information

Answer the question

In order to leave comments, you need to log in

1 answer(s)
K
Karpion, 2020-01-21
@Karpion

The task statement is unclear. The idea is that in order to change the state of the game, the server must know the actions of the player. This means that the admin can set everything up in such a way as to find out the information necessary to obtain a fraudulent advantage in the game.
Moreover: Even if you implement what you want - the player has no guarantee that the admin did everything honestly.
In theory, you need to learn public key encryption. It allows a lot of interesting things - for example, "SSh authorization by key", when the server checks the authenticity of the user (more precisely, the presence of a secret key), but the server cannot log in to another server where the user goes with the same key. Those. it's like using the same password on different servers - but the servers never know this password, incl. even when changing the password to a new one.
There is such an option: the
user sends his actions to the server in the form of "an archive with a checksum under a password". Without knowing the password, the server cannot open the file. However, when the user sends a password, the server can open the archive and make sure that the user made a decision about the actions at that particular time, i.e. before sending the archive.
This method is relevant for conducting a "blind auction", when participants offer their price once, not knowing what prices were offered by others. With such an auction - the organizer can tell his nephew what other bids were made - and he will outbid the rest of the bids with a minimal margin (after all, it is impossible to organize so that everyone sends their applications at the same time).
Conclusion:
1) It is possible to classify the password from the administrator.
2) The actions of the player in the game and the issuance of a secret card to the player is most likely impossible. Well, I can offer an option when this is also secret. But I'm afraid that the playability will be nullified. I am ready to discuss in more detail - but for this I need to know what the game is; but I'm not sure that you are ready to tell it publicly or to me personally, and I don't insist.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question