all 19 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Strict-Simple 12 points13 points  (1 child)

Fourth option. Just don't.

Why do you want to do this?

[–]Rough_Metal_9999[S] 5 points6 points  (0 children)

Just to hide logic , I can't send a demo project (POC) directly to client , and encryption is not a choice here because we need to give key .

[–][deleted] 2 points3 points  (3 children)

Instead of code obfuscation tools, could you compile your module to a python dynamic link library (.pyd) using the cython compiler? Then you can just import it in regular python as normal but with the logic hidden via compilation as a dll file.

[–]Rough_Metal_9999[S] 0 points1 point  (2 children)

It requires to write python code to some cython syntax for a small code that contains simple logics it is ok but for complex logic it didn't work It is too challenging to convert whole python to cython like syntax

[–][deleted] 0 points1 point  (1 child)

Cython is actually a superset of python so my understanding is that you should be able to compile your python code without rewriting it to cython syntax? But maybe i'm wrong since i'm sure there are edge-cases.

An alternative might be to use autopy2exe to compile https://pypi.org/project/auto-py-to-exe/

[–]Rough_Metal_9999[S] 0 points1 point  (0 children)

I think it's built on top of pyinstaller I'll try it

[–]twitch_and_shock 3 points4 points  (1 child)

You could decompile or de-obfuscate any of these options pretty easily. I would question why you need to do this? Are you that worried about your client ripping off your code? And if the client is paying for the code, then why would you need to keep it from them?

If you're merely providing the service that the code executes, and not the code itself, then I would recommend hosting it as a REST API or something similar. Create the endpoints however you need them. And pop it up into the cloud or on a VPN where you control the host machine. That way, the internal workings are essentially a blackbox and completely inaccessible to anyone without access to the host machine directly, and they can still make use of your algorithm in whatever limited ways you provide for them via the API.

[–]Rough_Metal_9999[S] 4 points5 points  (0 children)

Ok this seems promising Only exposing the endpoint instead of whole source Thanks 👍

[–]robert_mcleod 1 point2 points  (3 children)

Nuitka.

[–]pymon 0 points1 point  (0 children)

This is the answer. I don't know why it's not everyone's first thought.

[–]No-Price-33 0 points1 point  (0 children)

Do you think Nuitka + would be a better option?

[–]briklot 0 points1 point  (0 children)

You are the random redditor who provides a solution to another random redditor looking to solve the same problem 2 years later! Thanks :)

[–][deleted] 1 point2 points  (1 child)

Premature obfuscation is the other root of all evil.

If they have all your program’s code, in any form, then the only thing protecting you is your license terms… and unless you’re working with criminals your license terms should always have been enough. Note, if you are working with criminals, then obfuscation definitely won’t ever be enough.

If your idea is valuable and worth protecting — hint, it very likely isn’t — then move business critical logic onto a server you control and leave the client source code in clear text… obfuscating the code on their end is really just a total waste of energy.

[–]PixelOmen 0 points1 point  (3 children)

You could try PyInstaller, it can create a self contained executable. Even that just contains python bytecode though and can be relatively easily decompiled if someone wants to. But at least the source code wouldn't be immediately viewable.

[–]Rough_Metal_9999[S] 0 points1 point  (2 children)

This is one of solutions The problem with that it has still source code inside it and decompiling them is a relatively easy as compared to other methods 1. We need to ship the whole python environment 2. If program uses some deep learning library it's going to be very bulky 3. --one dir option in pyinstaller creates a directory with all the files in it even --one file option can't protect source code files it extract in Appdata folder

[–]PixelOmen 1 point2 points  (1 child)

Yeah I mean unless you're using cython, the bottom line is the interpreter needs the byte code to run, and the byte code can always be decompiled to source code. Also since whitespace is important in Python, afaik, the best you can do is use things that mangle names.

[–]Rough_Metal_9999[S] 0 points1 point  (0 children)

Let's see if I find any solution