netcode is a secure connection-oriented client/server protocol built on top of UDP.

netcode is designed for use by real-time multiplayer games.

But why do we need a new protocol for this?

Well, real-time multiplayer games typically UDP instead of TCP, because TCP reliable-ordered delivery and causes head of line blocking, effectively holding the most recent, more valuable packets hostage while it waits for older, out of date packets to be resent. When multiplayer games are played over a combination of both latency and packet loss, this causes significant jitter and popping for players in the game.

netcode fixes this by providing the simplest possible connection-oriented approach on top of UDP where the server has n slots for clients, while still allowing clients and servers to exchange unreliable unordered packets. It also provides security feature like encrypted and signed packets, and only allows authenticated clients to connect to a server with a novel 'connect token' system.

Building and testing all these features yourself on top of raw UDP is complex and error prone. So if you are thinking of building your own game network protocol from scratch, netcode can be a really good choice. You get client slots, encryption/decryption of packets, connect tokens and other security features already built, and you can exchange unreliable unordered packets between the client and server just like UDP!

• Secure client connection with connect tokens. Only clients you authorize can connect to your server. This is perfect for a game where you perform matchmaking in a web backend and then send clients to connect to a server.
• Client slot system. Servers have n slots for clients. Client are assigned to a slot when they connect to the server and are quickly denied connection if all slots are taken.
• Fast clean disconnect on client or server side of connection to quickly open up the slot for a new client, plus timeouts for hard disconnects.
• Encrypted and signed packets. Packets cannot be tampered with or read by parties not involved in the connection. Cryptography is performed by the excellent sodium library.
• Many security features including protection protection against maliciously crafted packets, packet replay attacks and packet amplification attacks.
• Support for packet tagging which can significantly reduce jitter on Wi-Fi routers. Read this article for more details.

netcode is stable and production ready.

Start by generating a random 32 byte private key. Do not share your private key with anybody.

Especially, do not include your private key in your client executable!

Here is a test private key:

static uint8_t private_key[NETCODE_KEY_BYTES] = { 0x60, 0x6a, 0xbe, 0x6e, 0xc9, 0x19, 0x10, 0xea, 
                                                  0x9a, 0x65, 0x62, 0xf6, 0x6f, 0x2b, 0x30, 0xe4, 
                                                  0x43, 0x71, 0xd6, 0x2c, 0xd1, 0x99, 0x27, 0x26,
                                                  0x6b, 0x3c, 0x60, 0xf4, 0xb7, 0x15, 0xab, 0xa1 };

Create a server with the private key:

char * server_address = "127.0.0.1:40000";

struct netcode_server_config_t server_config;
netcode_default_server_config( &server_config );
memcpy( &server_config.private_key, private_key, NETCODE_KEY_BYTES );

struct netcode_server_t * server = netcode_server_create( server_address, &server_config, time );
if ( !server )
{
    printf( "error: failed to create server\n" );
    return 1;
}

Then start the server with the number of client slots you want:

netcode_server_start( server, 16 );

To connect a client, your client should hit a REST API to your backend that returns a connect token.

Using a connect token secures your server so that only clients authorized with your backend can connect.

netcode_client_connect( client, connect_token );

Once the client connects to the server, the client is assigned a client index and can exchange encrypted and signed packets with the server.

For more details please see client.c and server.c

This repository holds the implementation of netcode in C.

Other netcode implementations include:

• netcode C# implementation
• netcode Golang implementation
• netcode Rust implementation (updated fork of vvanders/netcode.io)
• netcode Rust implementation (new from scratch Rust implementation)
• netcode for Unity
• netcode for UE4
• netcode for Typescript

If you'd like to create your own implementation of netcode, please read the netcode 1.02 standard.

These people are awesome:

• Val Vanders - Rust Implementation
• Walter Pearce - Rust Implementation
• Isaac Dawson - Golang Implementation
• Alan Stagner - Unity integration, C# implementation
• Jérôme Leclercq - Support for random connect token nonce
• Randy Gaul - Discovered vulnerability in replay protection
• Benny Chen - Typescript Implementation
• Benny Nazimov - Rust implementation

Thanks for your contributions to netcode!

The author of this library is Glenn Fiedler.

Other open source libraries by the same author include: reliable, serialize, and yojimbo.

If you find this software useful, please consider sponsoring it. Thanks!

BSD 3-Clause license.