netcode

netcode is a secure connection-oriented client/server protocol built on top of UDP.

Design

Real-time multiplayer games typically use UDP instead of TCP, because reliable-ordered delivery holds the most recent packets hostage while it waits for older, out of date packets to be resent. This is not helpful for real-time games because most of the time they only care about the most recent data, and can skip over any missing data that wasn't received.

netcode fixes this by providing the simplest possible connection-oriented approach on top of UDP so you can build your own custom UDP-based protocol on top. In netcode, the server manages n slots for clients to connect to, while allowing clients and servers to exchange unreliable unordered packets. It also provides security feature like encrypted and signed packets, and a novel 'connect token' system that only allows authenticated clients to connect to your server.

Building and testing all these features yourself on top of UDP is complex and error prone. So if you are thinking of building your own game network protocol from scratch, netcode can be a really good choice. You get client slots, encryption/decryption of packets, connect tokens and other security features already built, and you can send unreliable unordered packets between the client and server just like UDP!

Features

• Secure client connection with connect tokens. Only clients you authorize can connect to your server. This is perfect for a game where you perform matchmaking in a web backend and then send clients to connect to a server.
• Client slot system. Servers have n slots for clients. Client are assigned to a slot when they connect to the server and are quickly denied connection if all slots are taken.
• Fast clean disconnect on client or server side of connection to quickly open up the slot for a new client, plus timeouts for hard disconnects.
• Encrypted and signed packets. Packets cannot be tampered with or read by parties not involved in the connection. Cryptography is performed by the excellent sodium library.
• Many security features including protection protection against maliciously crafted packets, packet replay attacks and packet amplification attacks.
• Support for packet tagging which can significantly reduce jitter on Wi-Fi routers. Read this article for more details.

Usage

Start by generating a random 32 byte private key. Do not share your private key with anybody.

Especially, do not include your private key in your client executable!

Here is a test private key:

static uint8_t private_key[NETCODE_KEY_BYTES] = { 0x60, 0x6a, 0xbe, 0x6e, 0xc9, 0x19, 0x10, 0xea, 
                                                  0x9a, 0x65, 0x62, 0xf6, 0x6f, 0x2b, 0x30, 0xe4, 
                                                  0x43, 0x71, 0xd6, 0x2c, 0xd1, 0x99, 0x27, 0x26,
                                                  0x6b, 0x3c, 0x60, 0xf4, 0xb7, 0x15, 0xab, 0xa1 };

Create a server with the private key:

char * server_address = "127.0.0.1:40000";

struct netcode_server_config_t server_config;
netcode_default_server_config( &server_config );
memcpy( &server_config.private_key, private_key, NETCODE_KEY_BYTES );

struct netcode_server_t * server = netcode_server_create( server_address, &server_config, time );
if ( !server )
{
    printf( "error: failed to create server\n" );
    return 1;
}

Then start the server with the number of client slots you want:

netcode_server_start( server, 16 );

To connect a client, your client should hit a REST API to your backend that returns a connect token.

Using a connect token secures your server so that only clients authorized with your backend can connect.

netcode_client_connect( client, connect_token );

Once the client connects to the server, the client is assigned a client index and can exchange encrypted and signed packets with the server.

For more details please see client.c and server.c

Source Code

This repository holds the implementation of netcode in C.

Other netcode implementations include:

• netcode C# implementation
• netcode Golang implementation
• netcode Rust implementation (updated fork of vvanders/netcode.io)
• netcode Rust implementation (new from scratch Rust implementation)
• netcode for Unity
• netcode for UE4
• netcode for Typescript

If you'd like to create your own implementation of netcode, please read the netcode 1.02 standard.

Contributors

These people are awesome:

• Val Vanders - Rust Implementation
• Walter Pearce - Rust Implementation
• Isaac Dawson - Golang Implementation
• Alan Stagner - Unity integration, C# implementation
• Jérôme Leclercq - Support for random connect token nonce
• Randy Gaul - Discovered vulnerability in replay protection
• Benny Chen - Typescript Implementation
• Benny Nazimov - Rust implementation

Thanks for your contributions to netcode!

Author

The author of this library is Glenn Fiedler.

Other open source libraries by the same author include: reliable, serialize, and yojimbo.

If you find this software useful, please consider sponsoring it. Thanks!

License

BSD 3-Clause license.