# Overall Architecture ## Monetization Layer - Player-data-as-NFT - Player resources bound to the server they're produced on as "localized" unless "exported", fees incurred - F2P means only ever being on one server. - but if global subscription, server owners get % of the fee as rewards based on stake - "export certificate" on goods means paying into the overall network - server hosts gain % of export fee back as reward, based on stake - servers can only export resources per epoch based on overall stake - Players can sell "export certificates" for IGC (ingame currency) - Players purchase "export certificates" with RWC (real-world currency; fiat/crypto). ## Servers - Finite State Machine-based game with a "RNG Oracle" zero-knowledge service providing randomness. - Oracle would need to have reproducible sessions (i.e. allow for post-date verification of gamestate & random numbers used) - Could be completely isolated or publish secret nonce information after an epoch (i.e. once nonce has been rotated) - Reproducible state transitions based on "simultaneous" resolution of player actions per epoch. - "Trailing Verification" of game events, necessitating support for rollback netcode. - Real-time support can't be faster than the time it takes to aggregate and process the packets sent in a single epoch. EVE's 0.5tps is an example of this in action - Could support "serverless" architecture of most epoch-to-epoch events in a sort of "cluster" configuration of clients in an area, with the game server acting as an orchestrator/matchmaker. - ex: players in one of EVE's grids = cluster of users to p2p network and communally agree on gamestate - 51% attack? How does the server's verification play into this? - Mitigations for a malicious server/host? - Unfair/exploitative world state (more/less NPC spawns than normal in an area?) detection - Diminishing weights on consensus from similar viewpoints? - ex: 5th member of the party's trailing verification worth 0.001% of the 1st member of the opponent's party - Servers staked in traditional proof-of-stake model, slashed on consensus verification of foul play - 3rd party servers acting like "judges" in a card tournament, all sides hand off their version of the validation of the gamestate, judges reproduce based on the initial conditions, award whoever matches their validation. ## Player Data - Persistent storage of player data in a "universe-wide" blockchain - Player data as NFT wallet, with handful of "static assets" (EXP, Money, etc) and unbounded list of "variable assets" (e.g. pointers to other NFT instances). - All kinds of potential for Smart Contracts on assets - Guilds/Corps/Parties/etc can all be defined via smart contracts, even including loot rules - slowlorus attacks via smart contracts? - gas for contract execution = IGC or RWC? ## Cross-server Play - "Closed"/private servers unable to export unless available to public to enter - Weird clash with sovreignity & blockchain server staking: does ownership of an ingame territory flipping to another group constitute moving it to another server? - On sov flip, new owners could associate new "hosting server" for the territory - Upper limit of supported territories based on stake? - Server owner conflict of interest? How do we handle someone turning out the lights if they're losing? ## Administration * Voting token layer for handling network-wide disputes * server hosts rewarded for length of hosting? * Epoch-based cash-out, rewarded for not cashing out in voting token? * Flagging users names/interactions could be handled in tribunal manner, but ideally would remain with the developers/company for final say to retain liability protection. * Mostly hands-off moderation, server owners given chat moderation authority without need for dev intervention * Voting token could be used to drive feature development * Voting tokens would be non-transferrable, only revokeable by vote/company dictate