@pipe01

Developer


Responding to some comments @GHXX made on Discord here for posterity:

1) does monomod include ALL featurs of harmony? e.g. - accessing the instance of class of a patched method - modifying the return value of a method - Patching by name / when stuff is private

AFAIK there’s nothing that Harmony does that can’t be done with MonoMod.

2) monomod makes on-disk changes as it generates a dll. Does that play well with steam in the context of updates and validating game files?

3) what is the advantage of using this over harmony?

4) >Generated assemblies will be strongly typed, allowing for easygoing and idiomatic modifications. Isnt all of c#, excluding ‘dynamic’ strongly typed? Did you mean “strongly named assemblies”?

No need to distribute assemblies like Harmony with each mod. Thats also not required if the game distributes a copy of harmony OR if there is a single mod that offers harmony (which was the case in 0.90.3 for example)

Can still use MonoMod Hooks manually if more customization is needed.

Is the idea to provide preexisting hooks? If that’s the case then i would suggest making such hooks just a public method which is listed on some api docs and can then be pre or postfixed using harmony which does the same to my understanding but is much more intuitive.

TLDR for 4) if at all possible id argue that it likely is better to stick with harmony unless monomod includes ALL harmony features AND harmony cant/wont be updated for net7

It doesn’t actually modify the DLL files, it works pretty much the same way Harmony does. The difference is that MonoMod allows you to create a separate DLL file that contains method stubs for every method, property, etc that the game assemblies have, regardless of accessibility.

This is what I meant with strong typing, you don’t need to hardcode class and method names to access internal stuff, you can use the generated hooks to make sure you don’t make mistakes. Check the example code to take a closer look at what I mean.

5) a hook system could definitely be useful, e.g. when someone wants to run code when a simulation graph was modified i.e a wire was added (i think the bundled wire mod could have made use of this)

Yeah, although honestly I’m still not sure what this will look like. If MonoMod’s hook generation works well, there may be no need for this, as it would be basically the same thing. Maybe we will only provide a very reduced amount of event points for common functionality, and leave everything else up to MonoMod hooks.

6) gui system would be great, but it may be worth not limiting it to custom data. One idea would be allowing to place sliders and other components into the ui, similar to RimWorld, although id opt for a setup/use style of doing it rather than having a single call that adds it if its not there and also updates it

In the future we will provide a powerful UI system powered by Unity’s UXML, but in the meantime we want to give you something to address the most immediate need, which I think is editing custom components’ data. The details aren’t clear yet so I’m not sure how customizable it will be, but I do intend on at the very least letting you choose the kind of widgets that will show on the dialog.

8) Mod uploading .lwmod may work pretty well, especially if its just a zip file I think uploading it via website and cli would be best, that way stuff can be automated and you dont have to boot up the game to upload your mod. (this would also allow people to tell their gitserver to automatically compile the mod and push it to LW if a commit was made on the publish-branch for example. 5d.ghxx.dev’s GitHub actions do this for instance, minus the uploading it to lw part obviously)

I definitely want to make some kind of CLI utility for mod making and uploading, there are many things that could be automated like project and components scaffolding.

9) mod id and versions AUTHOR.MODNAME is a good choice imo, and so is version immutability. As far as uploading older major versions go: Id argue it does make sense to upload an older major version. As an example: Look at Minecraft’s Industrial craft: I believe there was a time when IC2 and IC1 coexisted, this possibility would be taken away with the enforcement of this rule. Thus I think it would make sense to allow people to upload any major version but enforce that major and patch must not be smaller or equal to what the current values for the newest release with the currently selected major version are (i.e revision or patch has to increment if the major version stays the same)

That’s a good point, I think we will probably end up doing this.

10) Auto updating on boot: Id argue that this should not be done. Some modders might not follow conventions regarding when to push what version numbers. so you might end up with a modder making a breaking change which then causes havoc for everyone. What would be better imo is having an ingame list of the installed mods, letting you see what the current and new versions are (factorio style) and letting you update specific ones, or all, with the click of a button. Additionally, there isnt really a benefit to pushing out a mod update quickly imo; in fact, it only makes it easier to push devastating or malicious code to more people.

Oops, I changed my mind about this but forgot to update it. We settled on something like what you said, I have updated the post.

11) code scanning: i believe this is a first in terms of modding, while definitely good. id not sum it all up to a numerical score, but instead list it on the mod’s page: Reads Files On the local system Peforms http requests Spawns new processes Whats a bit tricky though is that it might be easy to get around this detection (dm for specific details) Additionally, the game client could, upon installing the mod, ask the user if thats fine that the mod does that, adding an extra layer of protection. Such that its not possible to make a mod, get people to install it, then add code which flags it as Reads-system-files and then have people update it without noticing

I agree that it would be easy to circumvent detection in some cases, but the goal is to identify that such circumvention has ocurred by, for example, detecting the use of reflection. At the end of the day though, it is impossible to know exactly what every piece of code does, but this will at least give users a heads up on most cases. We don’t intend to build an antivirus, after all.

What i also wanted to point out is, that mod signing (by lw.net) is not on the list and i feel like it should be added as the prerequisites are all met and the benefits could be quite good. With mod signing, players could actually download mods from multiplayer servers directly (possibly only asking lw.net if a certain mod version has been taken down due to containing malicious code) Additionally this also severely mitigates the re-distribution problems of mods. E.g. think of the minecraft-mod-redistributors such as 9minecraft.net and similar ones. You never know what they put into the mod files.

This is actually already implemented in-game, although I didn’t realize that, since lwmods aren’t actually being used, nobody knows about it. You brought up great points, that is exactly why we’re going to sign every mod that is downloaded from logicworld.net.

Deleting mod versions If a mod does contain malicious code i think it would be worth for staff to be able to delete it off of the lw-mod-website and to also force all clients to disable the mod once locally (but allowing people to re-enable it maybe?) Such a deleted mod version also shouldnt be auto-downloadable from a gameserver (even if the signature is good)

And another topic: Id suggest requiring a lw accountt linked to a game purchase for uploading mods on lw.net, that way malicious people can be banned off the platform and making malicious mods becomes expensive. I do however hope that nobody innocent gets negatively affected by this. But i think overall this should be beneficial

Those are also great ideas, we will definitely implement them in the future. Especially the second one, that might come on launch.


Thank you for such a thorough response!

As a workaround you can try running the server with the --plain-text option.

When you buy the game on Steam, you also get a separate tool called “Logic World Dedicated Server”. Once you run it and forward the port 43531 on your router, other people should be able to join your server.

Can you post the log file when it crashes?

Those images are not actually attached, you must instead click on them to insert them on to your text. I agree this isn’t very intuitive, we’ll look into a better solution in the future.

Fixed, thank you.

Completely forgot about this, thank you.