Designing a Hub‐and‐Leaf Architecture for Multi‐Server MUDs - wwestlake/Labyrinth GitHub Wiki

Designing a Hub-and-Leaf Architecture for Multi-Server MUDs

Abstract

This paper explores the architectural design and considerations for creating a Hub-and-Leaf system for MUD (Multi-User Dungeon) servers. In this architecture, each "Hub" is a MUD game that can connect both to other Hubs and individual Leaf servers. The system allows for varying degrees of trust between servers—ranging from full trust, where all user records and permissions are shared seamlessly, to limited trust, where users must register independently on each server. The goal is to create a flexible, scalable, and secure network of interconnected MUDs that supports player mobility, role management, and authentication while maintaining control over server-specific policies.

1. Introduction

Multi-User Dungeon (MUD) games have evolved from single-server environments to more complex, interconnected ecosystems. In modern MUD systems, the ability for players to move between servers—whether for gameplay expansion, collaboration, or community growth—creates the need for more sophisticated server-to-server communication and trust models.

In this paper, we propose a Hub-and-Leaf architecture where:

  • Hubs serve as central nodes, connecting to both other Hubs and Leaf servers.
  • Leaf servers represent individual MUD game servers or sub-networks.
  • The system supports three levels of trust: Full Trust, Partial Trust, and Limited Trust, each dictating how user data and roles transfer between servers in the network.

2. The Hub-and-Leaf Architecture

The Hub-and-Leaf model is inspired by hierarchical network designs, where each Hub can act both as a game server and a relay point for other servers or Hubs. This system is highly modular, scalable, and allows for flexible server configurations, facilitating complex game networks. Each MUD server acts independently, but can collaborate with other servers in various degrees of integration.

2.1 Hub Role

  • Hubs serve as connection points for both Hubs and Leaf servers, acting as both a game server and a router for network traffic.
  • Hubs manage data routing between connected servers and synchronize users across interconnected servers.
  • Hubs can either allow global management (for fully trusted networks) or impose restrictions based on trust agreements.

2.2 Leaf Server Role

  • Leaf servers connect to a Hub, either operating as standalone servers or part of a larger ecosystem.
  • Leafs can have local policies and role-based access control (RBAC) specific to their own server but interact with global settings dictated by Hubs.
  • Leafs operate independently when disconnected from Hubs, and the integrity of gameplay is preserved within the Leaf itself.

2.3 Trust Levels in the Network

To account for varying degrees of server ownership and autonomy, three levels of trust are defined:

  • Full Trust: In a fully trusted network, all user records and roles are seamlessly transferred across servers. When a player moves from one server to another, all their data, including player statistics, inventory, achievements, and roles (such as moderator or admin), move with them. All servers recognize and accept roles set by other servers.

  • Partial Trust: In partially trusted networks, user data (player statistics, inventory) transfers seamlessly, but server-specific roles (such as moderator, admin, or owner) do not. This level allows collaboration while maintaining independent server control over high-level privileges. Server owners can limit access or modify role permissions for transferred users based on their local server policies.

  • Limited Trust: Limited trust applies to servers with different ownerships or more stringent access controls. In this model, players can establish initial connections to other servers, but to gain full access, they must register and verify their account separately. Server-specific roles and policies are completely independent, and user data is not transferred automatically. This setup is ideal for networks where servers need to maintain autonomy while allowing basic player mobility.

3. Key Challenges and Considerations

3.1 Data Synchronization and Integrity

In a Hub-and-Leaf system, maintaining consistent and accurate user data across servers is critical, particularly in Full Trust environments. When a player moves from one server to another, their game state (inventory, achievements, progress) must be synchronized correctly. Additionally, player roles such as moderators or admins need to propagate across servers where applicable.

Proposed Solution:

  • Implement a distributed database architecture where user data is mirrored across servers in real time for Full Trust systems.
  • Event-driven synchronization through webhooks or message queues (e.g., using RabbitMQ, Kafka) ensures that when user data changes on one server, it is broadcast to the connected servers in the network.

3.2 Role and Permission Management

Roles and permissions (e.g., moderators, admins, owners) need to be handled differently depending on the trust level. In Full Trust systems, all roles should be recognized network-wide, while in Partial Trust and Limited Trust systems, roles should remain server-specific.

Proposed Solution:

  • Develop a Role-Based Access Control (RBAC) system where roles can be flagged as global or local.
    • Global roles transfer across servers in Full Trust environments.
    • Local roles are confined to individual servers in Partial or Limited Trust environments.
  • Use role translation layers to map role permissions between servers in Partial Trust networks. For example, a player may have a "Player" role globally but be promoted to "Moderator" on one specific server.

3.3 Authentication and Authorization

Authentication and player verification across servers need to be streamlined to reduce friction, particularly in Full and Partial Trust environments. In Limited Trust environments, additional steps like re-registration and separate verification should be enforced to maintain server independence.

Proposed Solution:

  • For Full and Partial Trust systems, use OAuth2 or JWT-based token systems for seamless user authentication across servers.
    • Tokens can carry user roles and permissions, and servers can verify the token's authenticity and trust level.
  • For Limited Trust environments, players should be required to go through separate registration and verification processes, with servers maintaining independent authentication systems.

3.4 Security and Privacy

A crucial element of the Hub-and-Leaf system is ensuring that player data and game states are transferred securely between servers. This includes protecting against man-in-the-middle attacks, ensuring encryption for sensitive data, and preserving the privacy of user records.

Proposed Solution:

  • Implement end-to-end encryption for all server-to-server communication, ensuring that user data and roles are transferred securely.
  • Use public/private key infrastructure (PKI) to authenticate servers within the network, ensuring only trusted servers can join the network.
  • Store user data encrypted at rest and enforce GDPR-compliant data handling for user privacy.

4. Technical Design

4.1 Network Architecture

In a typical Hub-and-Leaf MUD network:

  • Hubs act as nodes that connect and route traffic between multiple Leaf servers.
  • Each Hub is responsible for managing synchronization, data integrity, and trust policies across connected servers.

The architecture can be implemented using cloud-based solutions such as:

  • WebSockets for real-time communication between Hubs and Leaf servers.
  • Microservices architecture where each server acts as an independent service that communicates through REST APIs, gRPC, or message brokers.

4.2 Data Storage and Distribution

For Full Trust networks:

  • Use a distributed database system (e.g., Couchbase, MongoDB Atlas) that allows for real-time replication of user data across servers.

For Partial and Limited Trust networks:

  • Each server maintains an independent database, with optional data bridging for sharing basic user information (such as player progress) when needed.

5. Conclusion

The Hub-and-Leaf architecture provides a flexible and scalable solution for creating interconnected MUD servers. By allowing for varying degrees of trust between servers, from Full Trust to Limited Trust, the system can accommodate different use cases and ownership models while maintaining a high level of security, data integrity, and control over roles and permissions. With the proper implementation of data synchronization, authentication, and access control, this architecture enables rich player interactions and seamless server-to-server transitions in complex, multi-server MUD ecosystems.

6. Future Work

Future work may involve exploring more advanced AI-based moderation systems that can operate across servers, integrating blockchain for decentralized game economies, and enhancing the performance of real-time synchronization in large-scale MUD networks.