Automatic Votekicks

[Henrik0x7F]

In this video at 13:25 you claim that a player that is on the cheater list will be detected by the client program and it will automatically coordinate a vote kick by users of the program.

This requires:

1. One of the clients has to start the vote
2. Other clients have to F1 this vote

Step 1 is fairly straight forward:

• The client scans the current lobby with the status command and searches for steamids that are on the ban list.
• If a banned player is found it it starts a votekick with the command callvote kick player_id cheating. The player id can be extracted from the status command

Step 2 is not straight forward:

• First the client has to somehow detect a running vote. There's no message in the console that could parsed though
  • Reading the currently recorded demo back from disk to parse the vote packet won't work reliable since demos are flushed to disk about every minute. In this time span most votes will be over
  • Sniffing network traffic is incredible intrusive. Additionally network traffic is encrypted. You might be able to extract the necessary keys from memory but that risks VAC detection
  • If you already hook into the process you might as well just use a hook to capture the vote event. Quite easy but same problem as before
  • Everything that includes capturing audio, video or keyboard inputs is incredible intrusive and won't work either because you don't get the vote id
• After detecting the vote the client has to check it's validity and F1 it
  • Again video/audio capture and simulating key presses is incredibly unreliable
  • The vote command requires a vote ID. This ID is not shown on screen or logged into the console. Therefore the client won't be able to F1 valid votekicks

To me it looks like the promise of automatic vote kicks is not possible to be implemented. I would love to be proven wrong though. Does anyone know of alternative solutions?

[megascatterbomb]

The vote command takes only an "option1" or "option2" parameter for F1 or F2 respectively. You don't need an ID to do those.

You're right about everything else though, definitely worth investigating.

[Henrik0x7F]

The vote command takes only an "option1" or "option2" parameter for F1 or F2 respectively. You don't need an ID to do those.

What's your source on this?

[megascatterbomb]

The vote command takes only an "option1" or "option2" parameter for F1 or F2 respectively. You don't need an ID to do those.

What's your source on this?

https://wiki.teamfortress.com/wiki/Voting

[Henrik0x7F]

The TF2 wiki seems to be out of date. The page from the valve developers wiki I linked is more up to date: Vote for an option in a currently running vote. Usage: vote <vote index> <option1-5>

[JoshuaVandaele]

To detect a running vote, I propose multiple solutions:

• Taking a page out of the bot's book, bots can communicate by sending an "Unlock Achievement" packets which is then sent to all clients. But VAC might be a worry.
• Use chat messages, maybe with an asymmetrically signed message by the master host, to ensure malicious actors can't lie to the client about who is being kicked. But this could create spam and also wouldn't be friendly to F2P players which cannot chat.
• Connect all clients on the same tf2 server to a TCP server hosted in parallel by the masterbase host, allowing them to freely communicate in parallel.

[Bash-09]

Coordination will happen via the masterbase, no need to abuse chat.

[JoshuaVandaele]

I thought that was the best option, I was worried it wouldn't be picked for resource usage reasons. If so, the Masterbase would also be able to send the vote ID, resolving both detection of a running vote and the F1'ing of said vote. 👏

[JoshuaVandaele]

Something I just thought about: Are we able to tell if a vote was correctly started? If not, if a vote is "tried" to be started while another vote is running and silently fails, and Masterbase tries to tell other clients to F1, we may end up votekicking someone innocent by mistake

[Bash-09]

There has already been considerable thought put into this and a protocol proposed.

Iirc it goes something like:

• Clients report the current game info to the masterbase
• Masterbase decides it's time to call a votekick
• Masterbase indicates this to the clients, either electing a specific client to call it or just telling everyone to try call one
• After a few seconds, the clients force flush a demo chunk
• Clients parse out the vote information and confirm a votekick has been called against the player the Masterbase requested
• Votes f1 if confirmed, or refrains if things don't line up

[JoshuaVandaele]

Oh, I was not aware, perhaps this conversation should be cross-referenced here for future contributors to this feature to look into?

[Bash-09]

The planning for this part has mostly just been done through experimentation and verbal discussion without much documentation so far. I guess you can consider these comments the documentation lol.

[JoshuaVandaele]

I would like to assert for future reference that multiple sources should be checked so that a malicious actor can't upload a fake "correct vote is started" to Masterbase.

And I'd also like to ask why a use a demo file instead of a screenshot? You can use console commands such as "jpeg" to take one

[Bash-09]

Screenshots and OCR would be extremely unreliable and have many considerations. Demos are officially supported by the game, we already have everything implemented to pull the information out, and all we would need is to add functionality to force a demo chunk to flush (as simple as spam echo a bunch over a few seconds).

The Masterbase will also not be telling the clients that a vote was successfully started, the clients are all independently checking the demo and verifying this on their own.

[JoshuaVandaele]

With validation from @Bash-09, here is the diagram representing the current plan on how this should work:

Some of the actions may not end up happening: It may not be necessary for clients to report if a vote was successful or not because that might be implicit in that player being reported as disconnected or not changing.