List of games that use power-on state to seed RNG

Discuss technical or other issues relating to programming the Nintendo Entertainment System, Famicom, or compatible systems. See the NESdev wiki for more information.

Moderator: Moderators

User avatar
rainwarrior
Posts: 8731
Joined: Sun Jan 22, 2012 12:03 pm
Location: Canada
Contact:

List of games that use power-on state to seed RNG

Post by rainwarrior »

Game bugs: Reliance on RAM values wrote: Note that using power-on RAM content as a seed for random number generation is not a game bug.
We've deliberately excluded this case from the wiki, so I'm curious: which games do do this?

Offhand the only one I've heard of is:
  • Final Fantasy - power-on is used for a usually-consistent startup seed by speedrunners
I made two games leave most bits of the RNG uninitialized at reset so that gathered entropy propagates across each reset. (They don't bother to scan all of RAM at startup for entropy that way, though. I didn't really care too much about methods that don't work well on emulators or PowerPak.)
  • Lizard
  • NESert Golfing
Does anyone else know any?
User avatar
Dwedit
Posts: 4922
Joined: Fri Nov 19, 2004 7:35 pm
Contact:

Re: List of games that use power-on state to seed RNG

Post by Dwedit »

There are games that *indirectly* use the power on-state for RNG. They keep running the RNG code in a loop until Vblank happens, and that causes a very volatile RNG. Any variation in power-on CPU/PPU alignment or such will mess with the RNG.

Dragon Warrior 4 is notorious for having unreliable RNG on real hardware, preventing even TASes from playing back correctly.

Most Konami games also use a CPU cycle counter based RNG. Notable, Blades of Steel seems to have a new demo every time you play it!
Here come the fortune cookies! Here come the fortune cookies! They're wearing paper hats!
User avatar
rainwarrior
Posts: 8731
Joined: Sun Jan 22, 2012 12:03 pm
Location: Canada
Contact:

Re: List of games that use power-on state to seed RNG

Post by rainwarrior »

Those are good examples to list too. Maybe an alternate goal for this list would be "games that are tricky or impossible to hardware TAS".
Fiskbit
Posts: 890
Joined: Sat Nov 18, 2017 9:15 pm

Re: List of games that use power-on state to seed RNG

Post by Fiskbit »

I don't know the details, but I believe Ridley's behavior in Metroid depends on uninitialized RAM. This causes speedrunners to seek out specific consoles (usually toploaders) or use flash carts with firmware that leaves favorite values in RAM.
User avatar
Gilbert
Posts: 564
Joined: Sun Dec 12, 2010 10:27 pm
Location: Hong Kong
Contact:

Re: List of games that use power-on state to seed RNG

Post by Gilbert »

Fiskbit wrote: Thu Dec 17, 2020 1:14 am Metroid
This makes me think. What about the original FDS version?
I'm not familiar with what the FDS Bios does. Does it clear RAM upon boot and reset?
If it does, then these randomised RNG things won't work there.
However, if it doesn't, then it can be easily exploited like say boot some other game and play until certain memory locations hold some particular known values, reset and boot a game with its RNG relying on initial RAM values, and you know the rest.
This is similar to the hot swap trick for cartridge games but is much safer and easier to pull off, and you won't have the risk of tosting your cartridges and consoles.
User avatar
rainwarrior
Posts: 8731
Joined: Sun Jan 22, 2012 12:03 pm
Location: Canada
Contact:

Re: List of games that use power-on state to seed RNG

Post by rainwarrior »

The FDS BIOS does not clear RAM. It modifies some of it at boot for its own purposes, but there is no bulk clearing.
User avatar
Gilbert
Posts: 564
Joined: Sun Dec 12, 2010 10:27 pm
Location: Hong Kong
Contact:

Re: List of games that use power-on state to seed RNG

Post by Gilbert »

Then it is very easily exploited, as long as the target game's RNG (or other things like those games that may glitch out in case some memory locations hold some initial specific values) depends on initial RAM contents.

However, as pointed out in TCRF the two versions of Metroid used completely different RNG schemes. It is not clearly stated whether the FDS version's RNG would rely on initial RAM content but I think this is implied to be 'no'.
Pokun
Posts: 2675
Joined: Tue May 28, 2013 5:49 am
Location: Hokkaido, Japan

Re: List of games that use power-on state to seed RNG

Post by Pokun »

Yeah the incorrect behavior of Ridley and other enemies is supposedly because the NES version uses a faulty RNG routine that doesn't change enemy behavior properly, while the FDS version uses an RNG routine provided by the BIOS. I suppose it's BIOS call $E9B1. This RNG routine doesn't seem to rely on uninitialized RAM in the way Metroid uses it, and the BIOS even seems to initialize it to $D0, $D0.
User avatar
gauauu
Posts: 779
Joined: Sat Jan 09, 2016 9:21 pm
Location: Central Illinois, USA
Contact:

Re: List of games that use power-on state to seed RNG

Post by gauauu »

rainwarrior wrote: Wed Dec 16, 2020 6:03 pm I made two games leave most bits of the RNG uninitialized at reset so that gathered entropy propagates across each reset.
Super Homebrew War gathers entropy from power-on state of OAM to randomize which character it features first in the opening credits sequence. I'm not sure if that's what you're looking for, though.
didn't really care too much about methods that don't work well on emulators or PowerPak
I also read a few memory locations that I've been told have some entropy on the PowerPak, so that it is somewhat randomized there also.
User avatar
rainwarrior
Posts: 8731
Joined: Sun Jan 22, 2012 12:03 pm
Location: Canada
Contact:

Re: List of games that use power-on state to seed RNG

Post by rainwarrior »

gauauu wrote: Thu Dec 17, 2020 12:01 pmSuper Homebrew War gathers entropy from power-on state of OAM to randomize which character it features first in the opening credits sequence. I'm not sure if that's what you're looking for, though.
It's exactly what I'm looking for.
lidnariq
Posts: 11430
Joined: Sun Apr 13, 2008 11:12 am

Re: List of games that use power-on state to seed RNG

Post by lidnariq »

These are mentioned on the Tricky-to-emulate games page, but it's far from comprehensive:
Final Fantasy, River City Ransom, Apple Town Story, Impossible Mission II amongst others
Use the semi-random contents of RAM on powerup to seed their RNGs. Emulators often provide fully deterministic emulated powerup state, and these games will seem to be deterministic when they weren't intended to be
Older versions of the "Game Bugs" page–before we moved this group over–mentions
''Apple Town Story'' (FDS) — Uses RAM to determine what character name to default to when starting a new game; when RAM is pre-initialised to $00, the name キャシー (Cathy) will be used. — viewtopic.php?p=183064#p183064
and
'Impossible Mission 2'' — Reads uninitialised PRG-RAM for map generation. — viewtopic.php?t=18111
and
''Final Fantasy'' — Relies on portions of RAM to act as an RNG seed for battles/encounters.
and
''River City Ransom'' — Relies on portions of RAM to act as RNG seed for which gangs you encounter, particularly at start. — viewtopic.php?p=178166#p178166
JRoatch
Formerly 43110
Posts: 422
Joined: Wed Feb 05, 2014 7:01 am
Contact:

Re: List of games that use power-on state to seed RNG

Post by JRoatch »

I should visit this forum more often.

Martin Korth's Magic Floor also seeds random levels from power-on RAM
User avatar
gravelstudios
Posts: 159
Joined: Mon Mar 13, 2017 5:21 pm
Contact:

Re: List of games that use power-on state to seed RNG

Post by gravelstudios »

This thread has given me an idea. A game might be able to detect (somewhat inaccurately) whether it's running on an emulator or physical hardware by the RAM state. if the initial RAM state is all zeros, then the game could be pretty certain that it's running on an emulator. Of course, the opposite wouldn't necessarily hold true for physical hardware because many emulators give the option of starting with randomized RAM. Anyway, I'm just thinking out loud.
User avatar
Dwedit
Posts: 4922
Joined: Fri Nov 19, 2004 7:35 pm
Contact:

Re: List of games that use power-on state to seed RNG

Post by Dwedit »

Not just possibly an emulator, could also be a flash cartridge system that reset the RAM to zeroes before booting the game.
Here come the fortune cookies! Here come the fortune cookies! They're wearing paper hats!
User avatar
rainwarrior
Posts: 8731
Joined: Sun Jan 22, 2012 12:03 pm
Location: Canada
Contact:

Re: List of games that use power-on state to seed RNG

Post by rainwarrior »

gravelstudios wrote: Sun Dec 20, 2020 1:55 pm This thread has given me an idea. A game might be able to detect (somewhat inaccurately) whether it's running on an emulator or physical hardware by the RAM state. if the initial RAM state is all zeros, then the game could be pretty certain that it's running on an emulator. Of course, the opposite wouldn't necessarily hold true for physical hardware because many emulators give the option of starting with randomized RAM. Anyway, I'm just thinking out loud.
We've discussed SRAM tendencies in the past here. I think some do seem to power-on all 0 or all 1, but I don't think you'd typically find those in a conventional NES (but possibly in clones). PowerPak and Everdrive also initialize large parts of RAM with their menus, though not to 0 or 1.

There are probably much better ways to try and detect an emulator, but honestly if your software is worth running whatever that test is will be defeated by a newer emulator (and/or a patch). Stuff like this tends to age pretty poorly, and I've seen several mildly embarrassing past attempts at things like that which turned out not to work correctly.
Post Reply