In the end, games need to be built better by sending the least information needed to clients, ie. zero-trust. This is a big part of things like CS:GO, Valorant, and RTS games like starcraft/League/Dota since they can implement a 'fog of war' and only network information if their client actually needs it[0].
The only cheats that still plague Dota are scripts that perform tasks automatically, such as disabling an opponent as soon as they're visible (beyond human ability), and those are taken care of by heuristics[1] and a community-voting-based 'overwatch' system in CS:GO and Dota 2[2].
The problem with zero trust and only sending what the player can actually see is lag. For example, sure, you could eliminate wall hacks by only sending positions of players that you have line of sight of, but that essentially eliminates any client-side movement prediction or other lag compensation and means you have to send each frames data quickly enough. This may work for some games that are less lag sensitive and as internet speeds improve, but its not currently a solution for most players.
Also most fps games use the sound of a player to indicate generally where a player is. You'd need the player xyz on the client regardless of line of sight of they are in aural proximity.
>games need to be built better by sending the least information needed to clients, ie. zero-trust
That isn't possible in real world for every type of competitive gameplay; trade-offs need to be made. Even games you list are not "zero trust" - things like looking direction are left to the client because of the latency.
Moreover, it's not enough. What's also needed is a hardware chain of trust for input devices. On-device cryptographic signing of mouse events would be sufficient and would guarantee that input comes from a fair play-compliant device.
SGX is a super-privileged, encrypted, and isolated enclave in the main CPU memory that can be used for anything. Signed mouse input is much more benign. But sure, I see your point - this is DRM, and it can be used to control the access to your own mouse, even outside of online gaming.
Still, it's the most logical step, and it would probably happen in several years, after Microsoft started demanding TPM 2.0. Valorant already requires TPM to be enabled on Windows 11 to run.
By the way, A4Tech has on-device DRM for more than a decade, they are using it to stop people pirating their software. Which is, ironically, designed for cheating.
> SGX is a super-privileged, encrypted, and isolated enclave in the main CPU memory that can be used for anything.
My position is s/"a super-privileged, encrypted, and isolated enclave in the main CPU memory that can be used for anything"/"a failed experiment in computer pseudoscience".
And the nightmare scenario I imagine is a more lubricated path to framing political dissidents by forging attestations that they were searching for child abuse imagery or some similar scenario.
Heuristics are great in theory but if they could be used reliably then you wouldn't need an overwatch system. Also the overwatch system depends on people being accurate judges of whether people are cheating which we know from pro players going undetected for so long (KQLY) and from pro players being accused for so long and being clean (flusha) that they are not.
The only cheats that still plague Dota are scripts that perform tasks automatically, such as disabling an opponent as soon as they're visible (beyond human ability), and those are taken care of by heuristics[1] and a community-voting-based 'overwatch' system in CS:GO and Dota 2[2].
0: https://technology.riotgames.com/news/demolishing-wallhacks-...
1: https://youtu.be/hI7V60r7Jco
2: https://www.dota2.com/newsentry/3025824821114909461