morpheus/XeroAntiCheat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

XeroAntiCheat v1.0.8 bug fixes

Browse Source 
- SpiderCheck: fixed Location mutation bug - bodyBlock was reading y-1 (same as feetBlock) and headBlock was reading y instead of y+1. Now uses block coordinates directly.
- ConfigManager: decay task no longer reads YamlConfiguration from background thread. decayRate is now volatile and refreshed on reload from main thread only.
- JesusCheck, SpeedCheck, NoFallCheck: loc.subtract() now uses .clone() to prevent silent Location mutation.
- VelocityCheck: decrementVelocityCheckTicks() moved past the minExpected threshold check to avoid consuming a tick on packets that are immediately discarded.
This commit is contained in:
Axel
2026-03-15 03:39:39 -03:00
parent 71daf9ffc1
commit daccfedae6
23 changed files with 866 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

339
target/classes/config.yml Normal file
View File

@@ -0,0 +1,339 @@
# XeroAntiCheat Configuration File
# Version: 1.0.0
# Target: Paper 1.21.x (compatible with 1.20-1.22)
# ==========================================
# GENERAL SETTINGS
# ==========================================
# Enable or disable the anti-cheat
enabled: true
# Enable debug mode (logs additional information)
debug: false
# Number of async threads for background tasks
async_task_threads: 2
# Database settings
database:
# Set to false to disable SQLite logging (flat-file log always active)
enabled: true
# ==========================================
# VIOLATION SYSTEM
# ==========================================
violation:
# Time in seconds between violation level decay
decay_interval: 30
# Amount to reduce VL by each decay interval
decay_rate: 0.5
# ==========================================
# CHECK CONFIGURATION
# ==========================================
# Movement Checks
checks:
# ----------------------------------------
# SPEED CHECK
# Detects horizontal movement faster than possible
# ----------------------------------------
speed:
enabled: true
# Base maximum speed (blocks per tick)
max_speed: 0.56
# Ping compensation factor (scales latency leniency)
ping_factor: 1.0
# Number of ticks to buffer for rolling average
buffer_ticks: 5
# VL thresholds
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# FLY CHECK
# Detects flying without elytra/creative/spectator
# ----------------------------------------
fly:
enabled: true
# Number of ticks to allow for stepping/slabs
fall_buffer: 10
# Maximum ground desync ticks before flagging
ground_desync_threshold: 3
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# JESUS CHECK (NoWaterWalk)
# Detects walking on water without Frost Walker
# ----------------------------------------
jesus:
enabled: true
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# NOFALL CHECK
# Detects no fall damage after falling >3 blocks
# ----------------------------------------
nofall:
enabled: true
# Minimum fall distance to track
min_fall_distance: 3
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# TIMER CHECK (Blink/Packet Timer)
# Detects packet timing anomalies
# ----------------------------------------
timer:
enabled: true
# Maximum packets per second allowed
max_packets_per_second: 22
# Milliseconds of no packets before flagging blink
blink_threshold_ms: 500
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# SPIDER CHECK
# Detects climbing non-climbable blocks
# ----------------------------------------
spider:
enabled: true
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# GLIDE CHECK (ElytraHack)
# Detects glide-like movement without elytra
# ----------------------------------------
glide:
enabled: true
# Minimum horizontal speed for glide detection
min_horizontal_speed: 0.5
# Maximum Y decrease per tick for glide curve
max_y_decrease: 0.1
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# KILLAURA CHECK
# Detects impossible combat angles/rotations
# ----------------------------------------
killaura:
enabled: true
# Maximum angle in degrees from look direction
max_angle: 100
# Maximum rotation change between attacks
max_rotation_change: 45
# Window for multi-target detection (ms)
multitarget_window_ms: 100
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# REACH CHECK
# Detects attacking beyond reach
# ----------------------------------------
reach:
enabled: true
# Maximum reach in blocks (survival)
max_reach: 3.2
# Maximum reach in blocks (creative)
creative_max_reach: 5.0
# Ping compensation factor
ping_factor: 1.0
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# CRITICAL CHECK
# Detects critical hits without being airborne
# ----------------------------------------
critical:
enabled: true
# Allow legitimate jump-crits
allow_jump_crits: true
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# AUTOCLICKER CHECK
# Detects excessive CPS or perfect patterns
# ----------------------------------------
autoclicker:
enabled: true
# Maximum clicks per second
max_cps: 20
# Minimum variance (lower = more suspicious)
min_variance: 2.0
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# FASTPLACE CHECK
# Detects block placement too fast
# ----------------------------------------
fastplace:
enabled: true
# Maximum blocks per second
max_blocks_per_second: 20
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# PHASE CHECK
# Detects players clipping through solid blocks
# ----------------------------------------
phase:
enabled: true
# Minimum movement distance before ray-cast runs (blocks)
min_distance: 0.5
# Maximum movement delta — larger values are treated as teleports
max_distance: 5.0
warn_vl: 5
kick_vl: 15
tempban_vl: 30
permban_vl: 60
# ----------------------------------------
# VELOCITY CHECK
# Detects players ignoring server-sent knockback (requires ProtocolLib)
# ----------------------------------------
velocity:
enabled: true
# Minimum server-sent velocity magnitude to check
min_expected_velocity: 0.15
# Player must move at least 20% of expected knockback
min_displacement_ratio: 0.2
warn_vl: 8
kick_vl: 20
tempban_vl: 40
permban_vl: 80
# ----------------------------------------
# SCAFFOLD CHECK
# Detects automated scaffolding
# ----------------------------------------
scaffold:
enabled: true
# Minimum pitch angle for suspicious placement
min_pitch: 75
# Number of signals required to flag
signals_required: 2
# Signal 4: Max yaw change (degrees) between placements
rotation_lock_threshold: 2.0
# Signal 4: Min horizontal speed (blocks/tick) required
min_move_speed: 0.15
# Signal 5: StdDev below this triggers signal (too-perfect timing)
min_placement_variance_ms: 30.0
# Signal 5: Min blocks/sec before signal 5 is evaluated
min_bps_for_variance_check: 5
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# FASTEAT CHECK
# Detects eating faster than possible
# ----------------------------------------
fasteat:
enabled: true
# Maximum eating duration in ticks (32 = 1.6s)
max_eat_ticks: 32
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ----------------------------------------
# INVENTORYMOVE CHECK
# Detects movement while inventory open
# ----------------------------------------
inventorymove:
enabled: true
warn_vl: 10
kick_vl: 25
tempban_vl: 50
permban_vl: 100
# ==========================================
# PUNISHMENT SETTINGS
# ==========================================
punishments:
# Commands to execute for each punishment level
# Use %player% for player name, %reason% for reason
kick_command: "kick %player% &c[XAC] Illegal activity detected"
tempban_command: "tempban %player% 30d %reason%"
permban_command: "ban %player% %reason%"
# Default reason for bans
default_reason: "[XeroAntiCheat] Suspicious activity"
# ==========================================
# ALERT SYSTEM
# ==========================================
alerts:
# Enable or disable alert broadcasts
enabled: true
# Alert format (MiniMessage)
# Available placeholders: %player%, %check%, %vl%
format: "<dark_red>[<red>XAC<dark_red>] <white>%player% <red>failed <white>%check% <red>(VL: <white>%vl%<red>)"
# Staff-only alert format
staff_format: "<gray>[%time%] %message%"
# ==========================================
# COMMANDS
# ==========================================
commands:
# Permission required for admin commands
reload_permission: "xac.admin"
# Permission to bypass all checks
bypass_permission: "xac.bypass"
# Permission to receive alerts
alerts_permission: "xac.alerts"
# ==========================================
# TPS COMPENSATION
# ==========================================
tps:
# Enable TPS-based threshold scaling
enabled: true
# Minimum TPS to apply compensation
min_tps_threshold: 18.0

185
target/classes/plugin.yml Normal file
View File

@@ -0,0 +1,185 @@
name: XeroAntiCheat
version: 1.0.8
main: com.xeroth.xeroanticheat.XeroAntiCheat
author: Xeroth
description: Lightweight, accurate anti-cheat for Paper 1.21.x
api-version: 1.21
softdepend:
- ProtocolLib
commands:
xac:
description: XeroAntiCheat main command
usage: /xac <reload|status|punish|clearviolations|verbose|alerts|version>
permission: xac.command.version
aliases: [xeroanticheat, anticheat]
permissions:
# ── Wildcards ────────────────────────────────────────────────────────────
xac.*:
description: Grants all XeroAntiCheat permissions including bypass
default: false
children:
xac.admin: true
xac.bypass: true
xac.admin:
description: Grants all staff commands and alert access (does NOT grant bypass)
default: op
children:
xac.command.reload: true
xac.command.status: true
xac.command.punish: true
xac.command.clearviolations: true
xac.command.verbose: true
xac.command.alerts: true
xac.command.version: true
xac.alerts: true
# ── Commands ─────────────────────────────────────────────────────────────
xac.command.reload:
description: Reload XAC configuration
default: op
xac.command.status:
description: View a player's violation levels and ping
default: op
xac.command.punish:
description: Manually trigger a punishment for a player
default: op
xac.command.clearviolations:
description: Clear all violation levels for a player
default: op
xac.command.verbose:
description: Toggle verbose per-flag output for a specific player
default: op
xac.command.alerts:
description: Toggle receiving anti-cheat alerts in chat
default: op
xac.command.version:
description: Show the plugin version
default: true
# ── Alerts ───────────────────────────────────────────────────────────────
xac.alerts:
description: Receive alerts for all checks
default: op
children:
xac.alerts.movement: true
xac.alerts.combat: true
xac.alerts.misc: true
xac.alerts.movement:
description: Receive alerts for movement checks only
default: false
xac.alerts.combat:
description: Receive alerts for combat checks only
default: false
xac.alerts.misc:
description: Receive alerts for misc checks only
default: false
# ── Bypass ───────────────────────────────────────────────────────────────
xac.bypass:
description: Bypass all anti-cheat checks
default: false
children:
xac.bypass.movement: true
xac.bypass.combat: true
xac.bypass.misc: true
xac.bypass.movement:
description: Bypass all movement checks
default: false
children:
xac.bypass.speed: true
xac.bypass.fly: true
xac.bypass.jesus: true
xac.bypass.nofall: true
xac.bypass.timer: true
xac.bypass.spider: true
xac.bypass.glide: true
xac.bypass.phase: true
xac.bypass.combat:
description: Bypass all combat checks
default: false
children:
xac.bypass.killaura: true
xac.bypass.reach: true
xac.bypass.critical: true
xac.bypass.autoclicker: true
xac.bypass.velocity: true
xac.bypass.misc:
description: Bypass all miscellaneous checks
default: false
children:
xac.bypass.fastplace: true
xac.bypass.scaffold: true
xac.bypass.fasteat: true
xac.bypass.inventorymove: true
xac.bypass.speed:
description: Bypass SpeedCheck
default: false
xac.bypass.fly:
description: Bypass FlyCheck
default: false
xac.bypass.jesus:
description: Bypass JesusCheck
default: false
xac.bypass.nofall:
description: Bypass NoFallCheck
default: false
xac.bypass.timer:
description: Bypass TimerCheck
default: false
xac.bypass.spider:
description: Bypass SpiderCheck
default: false
xac.bypass.glide:
description: Bypass GlideCheck
default: false
xac.bypass.phase:
description: Bypass PhaseCheck
default: false
xac.bypass.killaura:
description: Bypass KillAuraCheck
default: false
xac.bypass.reach:
description: Bypass ReachCheck
default: false
xac.bypass.critical:
description: Bypass CriticalCheck
default: false
xac.bypass.autoclicker:
description: Bypass AutoClickerCheck
default: false
xac.bypass.velocity:
description: Bypass VelocityCheck (requires ProtocolLib)
default: false
xac.bypass.fastplace:
description: Bypass FastPlaceCheck
default: false
xac.bypass.scaffold:
description: Bypass ScaffoldCheck
default: false
xac.bypass.fasteat:
description: Bypass FastEatCheck
default: false
xac.bypass.inventorymove:
description: Bypass InventoryMoveCheck
default: false