With the starting hot lap competitions, I think there should be taken some steps to make the system more secure.
One example - who prevents me from using a .rdf file with all checkpoints removed?
PiBoSo here's a simple proposal to prevent manipulation of tracks:
Each track has to be packed in a pkz file. A MD5-hash of the pkz has to be disposed for registering a new track.
When you drive a hot lap, KRP takes a MD5-hash of your local pkz file and transmits it with your lap time to the stats server.
Only if the MD5-hashes match your lap is valid.
You need the 3dmax generated code for the stats and if you modify the checkpoints, you will have a different code, haven't you?
Yes, you were right, the checkpoints are created after the collision file...So the code is the same :S
RDF file is already registered the first time a new track is used online.
Also, all clients use the race data from the server they are connected to.