hiding python code on the board

[torwag]

I wrote this in a similar context already.

It is always about how "secure" something should be. This is a typical 80%-20% problem
You have to invest 20% of your resources (time, work, clever ideas and hacks) to make it secure against 80% of all possible attackers.
From there you have to spend 80% of your resources to fullish the last 20% and this on a highly nonlinear term.

Thus, I would ask myself, does my IP be worth the large amount of extra work? Will my customers belong solely to the first 80% (like selling something to a group of totally non-tech people, like a pyboard based watering systems to my local gardeners club) or will they be happy to hack it just out of passion (like selling a totally overpriced and overhyped but featured crippled security device to cryptograph experts). Do I plan to sell it world wide and would it become such a mass product that people will look into it, to copy it. Or do I plan to sell a few local versions to neighbours and friends?

After that, I would judge how much time I spend into "security".

Albeit, a very hard and stony route (as some people here might confirm) ... offer the device complete open, encourage people to play with it, offer competing prices for the "full service including batteries"-kit and hope for the best that many just go the easier route instead of building their own.

[Ttxman]

There are cortex-M4 cpus with memory protection unit. For example on tm4c129, if you can get uPython to run in unpriviledged mode (I assume there will be problems with interrupts which run only in priviledged mode) you can block access to parts of RAM with your secret function. So if you can get the code to "secured" part of ram (customized bootloader?) from location you cannot read with uPython it should be doable and as secure as any other MCU firmware without "scripting" language.