This question has been raised in various forms, the last occurrence might probably be this: viewtopic.php?f=3&t=2842
In short, I would like to hide certain critical portions of my code. It seems to me that there are 3 options.
1. With the cross-compiler, one can generate byte code in the form of .mpy files
2. The .mpy files one can compile into the firmware
3. One can write the code in C, and compile that.
The security of the first option depends on the (non-)existence of a disassembler, therefore, it is not particularly safe. I am not sure about the second option (if it is possible to pull the .mpy out of the compiled firmware, then we are back to option 1.) With the third option, the main appeal of micropython is lost. 2 and 3 would also render in-the-field updates impossible.
So, I would like to ask if a different approach could, perhaps, work. This would go like follows.
One could do the development in python, when the code is ready for release scramble it with a key on the computer, and then give the scrambled stuff to whoever needs it. One would then write a very simple module in C that would do nothing but unscramble the python code. This C module would have to be compiled only once, and it would then be part of the micropython firmware. Something like this (pseudo-code)
Code: Select all
key = read_key_from_disc()
code = read_scrambled_code_from_disc()
ucode = unscramble(key, code)
(I would read the key from disc, so that it would not have to be compiled into the firmware.) The question is, whether it is possible to somehow dump ucode, once it is in RAM. If not, then I believe this would be a relatively secure approach to obfuscating the python code, and one would not lose flexibility/extendability. I would really appreciate any comments on the issue.