Having just read this thread (after a few weeks off the forum), I must say I'm very surprised that, apparently, .2h (orders) files are
not what (I believe it was Taqwus) suggested, ie, purely a list of orders to be compiled by the server, so they can be checked for consistency. If
anything is trusted on the client and the .trn file (like gem/gold/whatever management), then this means someone can "hack" the easily accessed file (.trn files for his own nation) and cheat, with some trial and error (encrypting the .trn files would somewhat hamper this, though not prevent it).
Basic security - heck, I'd call it common sense, and always feel stupid for pointing this to my students - says, don't trust the client. The .trn files should not contain any information not available to the player "by the rules", either. Then, if it takes attacking the server to cheat, of course there are some people out there that will be able to do that, but (1) there will be fewer of them, (2) a security-conscious host will be able to at least add protection to his server, and (3) people with these kind of attack skills will probably have something better to do than cheat in some obscure TBS game
