My SF IGDA Talk on SpyParty Networking Infrastructure

Here is my talk from last night’s SF IGDA meeting, all marked up and flashified.  Apparently MyPlick finally died, so you can download the raw ppt and mp3. I talked about my goals for the network infrastructure for the SpyParty Early-Access Beta, both at a high level in terms of polish, security, scalability, and flexibility, and then also a bit at the low level, in terms of specific technologies and approaches I’m using for solving some of the problems.

Here’s a quick text summary:

  • On the polish front, I want to either support or be able to support things like Single-Sign-On, Auto-discovery of Lobby Servers, NAT Punchthrough, Relay Fallback,  Personalized Beta Homepages, Ajax Forms, Private Forums, Bug Reporting & Feature Requests, etc.
  • For security, the first rule is “No DIY Security!”, so I’m using MIT’s Kerberos with an OpenLDAP backend, and then hooking it up to the University of Michigan’s CoSign Single-Sign-On platform for the website. Then I talk a bit about AuthN & AuthZ, AuthN Client↔Server & Client↔Client, using https, TLS, revokable certs, timed downloads, etc. I also talk about how none of this means the game will be “unhackable” or “unwarezable” by any stretch.  There’s not going to be any DRM, and it’s a PC game, so there’s basically nothing I could do about it even if I wanted to.  But, Kerberos will allow me to always associate and authenticate a real account with a play session, and an honest client will be able to authenticate other clients and servers and know they are “official” and in good standing.  Of course, being the PC, nothing is going to stop people from hacking the client and even making their own servers, except that’s a bunch of effort for not much gain except “see, I did it”, and hopefully people will be more into playing the game as I update it, and supporting the development of new and interesting indie games.  We shall see!
  • I’m trying to make it scalable, so if a lot of people want to play, I can let them!  Scalable means Very Few Centralized Services, the very few Centralized Services are Replicatable, and need Few Writes, the rest Runs in the Cloud, and is Load Balanced.  I talk about the importance of Load Testing Everything, and Assuming Nothing before testing.  And, I talk about how I did the email signup to support an Incremental Roll-out.
  • Finally, I talk a bit about flexibility, and how there are going to be lots of ways the code sucks, at least at the beginning, so knowing where it will suck and knowing how I’m going to fix it when the time comes is important.

I also try to pre-emptively answer the most common questions at the end, namely, Why do all this yourself?, Why not use Steam/XBLA/PSN/etc?, and Why not start with the “MVP” and iterate?

Hope you enjoy it.  It’s pretty short, about 20 minutes with 8 minutes of Q&A at the end.  Feel free to ask more questions in the comments!


  1. jordy says:

    Nice speech, although the million dollar question remains.. When is BETA!!!

    I’m suiting up to press F5 all day tomorrow… don’t let me down!

  2. Gible Fog says:

    I’m not going to claim I understand everything you said about the security, but I very much hope it (the final product at least) will not be dependent on XYZ server to play.

  3. Alex says:

    Great talk, glad I got to see it. Also glad I wont have to rent a server and enter ip addresses like I do in Minecraft.

  4. chequers says:

    Nice talk! A few questions:

    Why not balance after launch? Is the problem that “balance” is more than just tweaking numbers until you get near the end of the process?

    How much experience did you have doing this backend stuff before SpyParty?

    All your talk recordings are done at like 22kHz and sound like a telephone call. Is this your fault?

    • checker says:

      > Why not balance after launch?

      Do you mean game balance, or load balance?  I’ll assume you mean game balance.  And then, do you mean after launch of the final version, or of the beta?  I am waiting to do more balancing until I get the beta out. I’ve done a bunch of balancing to get to this point, but I’m heads-down on the server stuff right now, so any more game features, balance, and tuning will wait until it’s live, at least for the first batch of people.  Balancing a player-skill game like this is a long term project, and it’s the most important task if you care about having a healthy competitive online community.

      > How much experience did you have doing this backend stuff before SpyParty?

      Basically none.  As I say in the talk, I’ve learned most of this stuff since PAX East.  I’ve run my own webserver for a while, and used things like varnish for caching, and done some simple server side stuff, but nothing like I’m doing now.

      > All your talk recordings are done at like 22kHz and sound like a telephone call. Is this your fault?

      Mostly.  First, they’re recorded by my laptop mic, so they’re not great to start with.  Then, MyPlick downsamples them for size, and I also downsample the mp3 to make it smaller.  I figure if you can hear the words, that’s the most important thing for these lectures.  It’s not like I’m singing an aria.  :)

    • chequers says:

      Thanks for the replies.
      On the audio, I’d love to get bigger files that sound better if that’s possible in future. Sure the content is still there, but you could make the same argument about having an ugly frontend for Spyparty :P
      I have been thinking this week about Frozen Synapse. I was one of the rather-early beta players for that game, and by the time of release (a year later) I had long played it to death and went back for only 15 minutes. Is this something you need to be worried about from a marketing perspective: that your most enthusiastic fans might be over the game by launch if you have a long beta?
      PS, bug report. Clicking anywhere on this blog in IE9 toggles a pagewide dimming of everything (you know when people have the lightbox javascript image preview thing? Dimming like that.)

    • checker says:

      I have an ugly front end for SpyParty, so there is that.  :)

      I guess I’m a little worried about people losing interest, but the entire goal of the game is to be a deep player-skill competitive multiplayer game like C-S or SC, so if I can’t keep people around, then that’s a problem I’m going to need to fix.

      Hmm, that sucks about IE9.  I guess I will have to install it.  I’ve stayed on IE8 since I figured that was more important to test with for now.  I do run a modified lightbox, so that’s probably the issue.  Weird, and thanks for the bug report.

  5. Gaber says:

    You are pretty brilliant Mr. Hecker, I hope you’re planning on supporting Macs as I’m totally willing to beta test your game! That was an excellent point you made about “why not just get steam or XBLA to do it?” keep up the good work

  6. Govert says:

    Hi Chris, it seems the site you used to host this is no more.
    Is there any chance I could still see it? I’d love to hear more about this topic.


    • checker says:

      Hmm, yeah, I will upload the slides and audio as a stop-gap. Oh, they were already linked, but I made it more obvious at the top.

    • Govert says:

      Thanks! That was very interesting. I completely missed the links, sorry.

I have temporarily disabled blog comments due to spammers, come join us on the SpyParty Discord if you have questions or comments!