MQL code authorship protection in MT5. - page 2

 

As far as EX4 is concerned, it is most likely Editor that has been decompiled.

And it seems to be naked from the protections. There are no financial flows there.

And if both protected components (Client & Editor) operate with keys - more hope for success.

;)

 

5 cents...


1. Most (if not all) products require a connection to be used.

2. Thus, a "key" in the form of a "service" placed on the network (on the author's website).

When you start the terminal, the terminal with an indicator or Expert Advisor, running on it, "use" it...

And, consequently, the decompilation problem is no longer a problem.


Out of the category. The product must be really interesting.

A review of a product sold on the "basis" of super secret algorithms

showed that there's nothing interesting and even less useful... alas...


In principle, the algorithm itself is super-duper, if the author thinks so, can be placed on the site.

The Expert Advisor should only handle and implement in trade processes, which is not a secret, even if it is openly published.

- the EA sends a request (by subscription)

- receives values

- processes

- trade

- may be simultaneously engaged in drawing

//

Same for the indicator, except for trading


Organize the subscription itself by account number...


In general, as a Roman emperor used to say: divide and conquer!

 
circlesquares :


The fact is that decompiling is still a problem. If all the necessary code is inside the EA, then decompiling it together with a known working key yields the source code of the EA with all the consequences that follow.

If part of the code is located on the website, however, this is a very unreliable solution. Any failure of the site can lead to mind-boggling losses in customer money.

 
api :

Also, I once saw a mention somewhere that MQL5 code compiles into native CPU code. I don't know: is it really or not, but if it is, it's a serious hole in decompilation protection.

And how would this reduce security?

Adding code is prevented by using asymmetric cryptography - if the key is long enough, it would be impossible to forge the signature.

If you mean decompilation - its automation is very difficult for machine code. I don't mean disassembling - it's possible because the processor itself has to execute code somehow. There are attempts of automatic decompilation(http://www.hex-rays.com/) but they are mainly reduced to analysis of all possible options of code generated by compiler (which becomes not a trivial task at all, because as I understood conversion to machine code will be performed on metaquotes side). If we bind the code generator to the phase of the moon (i.e. to compile the constructs in different ways), the automation of decompilation becomes unrealistic!

 
lea :

And how would this reduce security?

Adding code is prevented by asymmetric cryptography - if the key is long enough, it would be impossible to forge the signature.

If you mean decompiling - its automation is very difficult for machine code. I don't mean disassembling - it's possible because the processor itself has to execute code somehow. There are attempts of automatic decompilation(http://www.hex-rays.com/) but they are mainly reduced to analysis of all possible versions of code generated by compiler (which becomes not a trivial task at all, because as I understood conversion to machine code will be performed on metaquotes side). If we bind the code generator to the phase of the moon (i.e. to compile the constructs in different ways), the automation of decompilation becomes unrealistic!


Indeed, I meant disassembling. I, as is often the case with everyone, judged by my own capabilities. For me it's similar to decompiling, since in most cases I can easily reconstruct the algorithm from assembler text. Of course, this process can be complicated greatly by using polymorphic virus algorithms, but in the end, since there are anti-viruses, this method does not give a complete guarantee either.

 
api :


Indeed, I meant disassembling. As is often the case with everyone, I was judging by my own capabilities. For me it's similar to decompilation, since I can easily reconstruct the algorithm from assembler text in most cases. Of course, this process can be complicated greatly by using polymorphic virus algorithms, but in the end, since there are anti-viruses, this method does not give a complete guarantee either.

Disassembling large files (even with ida) and manually reconstructing the algorithm takes a lot of time and effort. It is doubtful that people will often practice this approach. But it seems that this is the only method that will be possible for machine code files in the future, if the developers manage to complicate the generated machine code in some way.
Antiviruses rarely use any special algorithms. Mostly they cling to peculiarities of files and instruction sequences - I have encountered an antivirus complaining about calculating pi through the sum of series (I was training to use fpu). Decompiling is a fundamentally different task. If you perform irreversible code mutations during code generation, decompiling by characteristic code variants will be impossible in principle (you will need to emulate/trace the code and watch what happens at a "high level" - where it was read from, what and where it was written, what and with what parameters was called... antiviruses seem to use similar approach, but they only watch the sequence of calls of various system functions).

On the subject of irreversible mutations, I'll perhaps throw in a few links to articles (I hope the administration and readers won't mind links to such):

 

Just for code littering/ obfuscation in MQL5, you can specify a special modifier for each function:

void MyFunc(int val) trash
  {
   Print("Val: ",val);
  }

So far it is called trash, but we will most likely change it to protect.


This will result in deep littering of the code and slowdown of the specified function.


In addition, the MQL5 compiler uses a lot of optimizations, which dramatically reduces the possibility of reverse decompilation.

 
Renat :

Just for code garbage/obfuscation in MQL5, you can specify a special modifier for each function:

That's good :) Will it be possible to adjust the percentage of rubbish code? Will functions be embedded by their call location?

 
lea :

That's good :) Will it be possible to adjust the percentage of rubbish code? Will the function embedding be done at the point of call?

The rubbish will be different each time. You can't customize the percentage - it's up to the compiler to decide.


Automatic inline functions have been working for a long time - the compiler itself makes the decisions depending on the size and complexity of the function. That is, large functions are not inlined.

 

Eh... How easy it is for me to live...

I have no desire to hack, nor do I intend to sell anything in the foreseeable future.

That's the trouble with people...

:)))