- minimaxirMax Woolf's Internet Blog Thingy
- Skip to content
- ABOUT CONTACT RSS BLOG COMMENTS
- Diablo III Economy Broken by an Integer Overflow Bug
- • 12 • 7 • 1 • 0 0
- Technology • May 7, 2013 stones of jordan
- Diablo III, Blizzard’s highly-awaited online-only Action RPG released almost a year ago to the day, has had its share of technical difficulties. From Error 37 to lag spikes that can cause hundreds of hours to go to waste, Blizzard has spent the past year improving the game backend to better accommidate the millions of active players.
- Diablo III is also noted for its economy, with an emphasis on a region-wide auction house where players can trade one-in-a-million items for millions and billions of gold. (inflation is crazy). Additionally, Diablo III emphasized the use of a Real World Auction House, where players can sell gold or items for real world cash.
- Today was the launch of Patch 1.0.8, a patch which promised improvements to character progression. After spending a few weeks on a Public Test Realm, where players volunteered to tested the patch to ensure that there were game-breaking exploits, the patch released successfully.
- Except for one patch note that was added last minute and not tested in the PTR. And it’s a patch note that broke the economy to tiny pieces.
- The patch notes from the final build contained this change:
- The stack size for gold sales on the auction house has been increased from 1 million to 10 million.
- Normally, on the Real Money Auction House, the player can only sell money in 1 million gold increments. In 1.0.8, the player can sell it in 10 million increments. So, what happens when the player tries putting an absurd amount of money on the Auction House?
- Reddit user tyropro has a nice explanation:
- The gold “dupe” involved creating a RMAH auction for billions of gold while staying under the $250 limit. The example I saw in a video was 6 billion gold (600 x 10,000,000 at $0.39 per stack, for $234). When they posted this auction only ~1.7 billion appeared to be for sale, with the rest “missing” until they sent it to their stash and ended up with more than they started with. The exact numbers from a duping video:
- Create RMAH auction for: 6,000,000,000 gold
- Auction shows up as: 1,705,032,704 gold
- This much is missing! 4,294,967,296 gold
- The missing amount, divided by 2: 2,147,483,648 gold
- 2,147,483,648 (or 231) is the maximum value you can store in an int32 in programming. I’m no programmer, but I took one class in high school and was taught about the limits of different variable types. See:http://stackoverflow.com/questions/94591/what-is-the-maximum-value-for-a-int32
- Simply put, their RMAH gold selling code wasn’t written to handle numbers over 2,147,483,648 properly, and the result was duplicate gold being added to people’s stashes.
- 4,294,967,296 is also 232, or the bound on an unsigned integer, which would be an interesting implementation choice on Blizzard’s part.
- And so, the dupers created these 6-billion-gold auctions which only appears to sell as 1.7 billion (and therefore only had 1.7 billion deducted from the current balance), canceled them, and were fully refunded the 6 billion for a net profit of the difference (4.2 billion). Repeat ad nauseum.
- A popular game streamer showed off the exploit. Other streamers followed. It was easily reproducible and everyone knew how to reproduce it.
- Hilarity ensued.
- Yes, that’s 420 billion gold.
- After buying up all the duped items in the Auction House, the items were then sold on the Real Money Auction House. For real money. And people bought them.
- This is the definition of a worst-case scenario for Diablo III. All because of an untested patch note. What could Blizzard do? Performing a roll-back would wipe all progress obtained by players for the patch day, which would result in a lot of bad PR. But leaving the economy as-is will devalue all items in the game (and Diablo III is all about getting items).
- In the end, Blizzard has not done a roll-back, but instead banned anyone who duped, and refunded anyone who spent real money. The bug was temporarily fixed by reverting the patch note which caused the entire mess.
- Let this be a lesson on what happens when you include an untested change at the last minute. You could break an entire economy. Eh, no big deal.
- diablo • gaming • hax
- • 12 • 7 • 1 • 0 0
- Post navigation A Blog Comment System That Steals Comments From Facebook
- ABOUT MINIMAXIR
- Minimaxir is a blog by Max Woolf about startups, technology, and blogging. It's so meta, even this acronym.
- Max is a recent graduate from Carnegie Mellon University in Business Administration with a concentration in Computing and Information Technology, and currently works as a Software QA Engineer the San Francisco Bay Area.
- All opinions expressed by Max Woolf are his own.
- more about max
- ABOUT THE THEME
- The theme used for Minimaxir was adapted from the minimalist WordPress 3.5 default theme, TwentyTwelve, with a fanatical obsession with icons and more bullets ( • ) than a Call of Duty match. A large amount of custom CSS and PHP was used in the development of the theme, especially involving the custom social sharing buttons.
- Search for:
- © Max Woolf • Icons by Font Awesome, licensed under CC BY 3.0
a guest May 8th, 2013 5,442 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
RAW Paste Data