RFC 0017: Standard Feature Toggle. #17
Conversation
|
|
||
| #### `quilt:features_override` packet | ||
|
|
||
| Describes the overriden features on the client by the server. This packet can be split into multiple packets. |
There was a problem hiding this comment.
Split how? Just sending multiple packets?
|
|
||
| | Fields | Type | Description | | ||
| |:-----------:|:-----------------:|:---------------------------------------------------------------:| | ||
| | expect_more | bool | Determines whether the server should expect follow-up packets or not. If a `quilt:available_features` packet is sent after a similar packet which had `expect_more` field set to `false`, then it should override the feature list. | |
There was a problem hiding this comment.
If expect_more is set to true, should the features simply be appended?
|
|
||
| All types used are either defined in this RFC or are used in MC's own networking. `S->C` means Server to Client and `C->S` means Client to Server. | ||
|
|
||
| In this specification, the type `string` without parenthesis describes an UTF-8 string with a maximum length of `32767`. |
There was a problem hiding this comment.
String is already defined by Minecraft (or at least, by wiki.vg), probably don't need to mention it here.
|
|
||
| #### FeatureAuthorization | ||
|
|
||
| Can be described as an enum with two possible values: `ALLOW` or `DENY`. |
There was a problem hiding this comment.
One question people may ask is how would more granular feature sets be allowed or denied given a more boolean-like state shown here.
|
I am going to think about this for a bit - I have some ideas here. |
|
I intend on having a config API with proper config value syncing. In a world where that exists, it doesn't make much sense to me to implement this as well, when there's so much functional overlap. |
@Haven-King I Believe those two things try to achieve different goals. A config API would be very good at synchronizing configurations between the client and the server (both directions I guess), but it's not really designed to allow features or ranges (if this RFC is modified to allow more complex data-structure than just an enum), while this RFC aims directly at allowing features and maybe ranges (I currently have no idea how this could be represented on the network). The other issue is a config API implies that the mod is also present on the server, while this aims to be as generic as possible so you could have a common server mod managing permissions stuff and multiple client mods using this. |
|
How is a feature or range different from a config value? As for the mod being required on the server, it implies no such thing. Config values are synced with an ID and value much like your features would be, and grants all the flexibility that goes along with that. |
Can you clarify? I'm sure a capable configuration API would have all the necessary features in place to introduce things like ranges and 'feature toggle' metadata.
I agree with @Haven-King on that this is not at all the case. A reasonable compromise would be to require the config API to be present on the server, which I don't believe to be a problem. I do want to plug fiber here, a configuration system Pyrofab and I primarily worked on. It was meant to cover most usecases the fabric ecosystem needed, and grew quite capable of those. Unfortunately it hasn't been very active for the past year, but I'd love to blow new life into it if it turns out suitable as a solution to this RFC (or as a standard configuration system for quilt). |
|
This seems like a very niche feature. I feel like this fits more in individual mods than in QSL. |
|
@zeroeightysix I have been building out Conrad as a prototype to a standard config library for Quilt. Pyrofab has looked into it and approves of my general approach, so we'll likely be building off of that. |
|
This appears to be meant for use in quilt only. However, I propose we allow other mod loaders to use the same packet standard. It's not really a "standard" if it's only going to be used in one thing. Now, I see why you would make this; you can technically implement this in alternative APIs, but my point is that if we want compatibility between fabric/forge servers and quilt clients (or vice versa), we'll want to do something like POSIX. |
I've publicly said I would like this to be something that is platform agnostic, but I have not had time to work on that concept yet. |
|
I was thinking of vanilla servers and more mainstream servers and I was reminded that AIO PvP mods existed and they certainly have a similar feature... I could only find docs for LabyMod and they use JSON out of all things. I think the packet format is good, a good balance of ease of implementation and compactness, given how this is meant to be between servers and clients and use I personally believe what helps people adopt anything is accessibility. If this comes to pass, the only way that it would gain any traction in non-Quilt communities is plugins or mods for non-Quilt loaders that add the functionality, regardless of names. The packet namespace being
I think the main difference between this (the way I see feature override) and a config sync API is that a config sync is to config mods that are guaranteed to be there, whereas feature override would be for mods that might not even be there. In other words, feature override would be akin to enforcing servers' rules by code. As an illustration, you could just say "no movement mods" as an admin and it wouldn't apply to like 90% of people but me, with a well behaved parkour mod, who wouldn't need to restart my client just to disable it, it would just disable itself because it wouldn't be looking for |
Config sync =/= feature override, and you should not create the tools to “enforce rules via code” with feature blocking that requires client cooperation anyway. Don’t give server admins a false sense of security. |
|
It's not meant to replace or even enhance server moderation, cheaters will still cheat regardless, I know that much. This will just make it so people who don't want to cheat don't accidentally cheat. In fact, if you allow me to draw parallels, this is like HackControl for the MC Classic protocol extension (hack in this context being modded niceties), it controls if you can have nice things or not (like not flying in a parkour level), but not how nice nice things are (flight speed). |
|
I think it's a good middle ground for a lot of things - yes, it's not anticheat, and realistically Quilt's job isn't to prevent cheating. However, there are a lot of things it would be excellent for - since the implementation is left up to the mods themselves, there's a lot of possibilities for a feature like this:
That's just a few things off the top of my head. Try not to think of this with a narrow mindset, because the possibilities really are quite extensive. |
|
I don’t think it should be thought of as a feature toggle though. Really it should be part of config syncing. Mods can support changing config values during gameplay if they want, but they don’t necessarily need to. It shouldn’t be a general type of thing. The server can already give clients cheaty things like flying and ESP, it doesn’t need a mod client side to do that. In modern Java edition a sort of feature toggle like this would end up just being used to give a false sense of security, and has privacy implications depending on how much data is shared with the server. Also, tools for this already exist: plugin channels QSL should have tools for mods to set up plugin channels, but I don’t think we should try to create a “standard” around them or have a plugin channel for feature toggles available by default. Let mods handle syncing or not syncing with the server. If you really want a “feature toggle” API, create it outside of Quilt itself and let mods use it, IMO. |
|
I can't think of any advantages your approach would have - standards are a good thing, and this is absolutely not configuration and not something that would be trivial to shoehorn into a more general config system. There are some fairly large plans for a feature like this already. |
This RFC is using plugin channels, and the prior art (LambdaControls) also uses them. The goal here is to offer a much more generic solution that is simpler to interact with. And about the false sense of security, I don't see how this does it? |
|
Regarding features and security, let's step back and think about what the respective sides should be permitted to do and what they can be expected to do. The Client Can present features that it is loaded with, which it is unable to disable without a disconnect. These may change basic assumptions about networking and sync behavior, and missing one of these can cause the server to unintentionally crash a client. So this presentation of features by the client is for the client's benefit. I would call this We also have the opportunity to offer a set of features which can enhance the relationship between the client and server in some way. Think, "WorldEdit GUI". Plugin channels can probe this data manually by sending a S->C message along the feature's channel and awaiting a response. No response means that the feature can't be used. But I'm thinking about teaching people how to do that custom packet handshake versus teaching people to register a feature, and it's pretty clear which one is more approachable. I'd call these features The Server The server can report a list of features which are mandatory to have a smooth and feature-complete experience. Let's call this I think it might be helpful, upon learning the client's "Deny" makes no sense from a server standpoint. It's probably a net security loss for the server to advertise blacklisted features, as the slightly-more-than-casual cheater will change one letter of the feature name and slide right in, or the feature will simply not advertise itself. If you want to say, "I'm incompatible with this" that's another thing, but that's not the sense I'm getting from this RFC and discussion. TL,DR; It makes sense to me for the client to positively enumerate |
|
This sounds fine at a basic level, but feature negotiation should not be limited to the connect phase - it should be possible for a server to say "no more feature X" or "now we're allowing feature X" at any point. This is because it provides a convenient way for mods to support runtime toggling of features without having to make use of custom logic - for example, GOML claims where you can't use your minimap. |
|
From my understanding, Now, with the Additionally, I don't see why a deny functionality should be a security loss - malicious mods can simply not make use of this API. The one security concern I have is that this functionality might provide information on the server's anticheat - which cannot really be avoided. |
|
The one concern I have with both concepts is a privacy concern: The client still sends data to the server, probably revealing the mods using this system. To avoid this, the server simply could send overrides for all features where the defaults differentiate from the server's standards. This should come with some sort of wildcard to catch e.g. all radar features, but then re-enabling one specific sub-feature. I also wrote about such a system in the archived Thread #ModID list alternatives in #qsl-general on the Quilt Toolchain Discord |
|
The Discord poster has struck an important note here: A lot of the concepts in this RFC aren't entirely separate from the concern of permissions. That's not a good thing! There are some places where permissions and networking concerns dovetail: when a server communicates permissions to a client (again, as permitted extensions) you can prevent desyncs. You cannot require a client to disable a clientside feature; you can only ask it nicely. But this is still a permission concern, not a capability concern. We absolutely do need a way to negotiate capabilities, but don't get them confused. |
Is this still planned? Seeing as how Quilt no longer interacts with Forge or Fabric, I'm not sure how this would be achieved. |
12 participants
This RFC aims to defined a standardized way to add feature toggles to mods and synchronize between servers and clients.
Rendered markdown