How can a software code be made modifiable without being visible to the end user?

Question

I wish to supply a software product with GUI, etc. for operating it. And the software utility is research so the users will want to tweak it to some extent and implement their own preferred algorithms instead of the ones we're shipping. Therefore, we want to make the code partly modifiable but not visible.

A possible solution here would be to provide a library with certain functions that are overridable and a documentation is provided to define their input/output.

Is this the best solution to the problem or are there better well known alternatives to the same.

The reason I want to achieve this is because the original code would lose value if exposed totally.

So basically I want to not reveal my code in the best possible way. I don't want to obfuscate it as it may not be a good practice for a research based software.

Answer 1

What you are trying to do is make an extensible application: one that has pluggable functionality, perhaps with sensible defaults.

Ideally, you would have a framework such as Spring to allow plugging in functionality: however, with C++, this is a bit more work that typing in some XML.

The general way to accomplish this in C++ is through dynamic libraries that override functionality in the base application.

For example, perhaps you have an algorithm to frobnicate widgets. You provide an interface Frobnicator with pure virtual methods that must be implemented. Your application supplies a DefaultFrobnicator which has a typical implementation. During startup, your initialization logic tells your FrobnicatorFactory that you want to use DefaultFrobnicator. Now whenever you want to frobnicate widgets, you ask the factory for the frobnicator and it returns the default instance.

But wait! One of your customers wants a different implementation of Frobnicator. They implement a class that inherits Frobnicator, supplying their custom implementation. Their DLL initialization logic tells FrobnicatorFactory to use their own implementation. Now your code that the customer has no access to will call into the customer code and the customer does not need access to your full source: only the portions relevant to frobnicating widgets.

The final piece is that during startup, your application will perform its own initialization, then load arbitrary dynamic libraries in predefined locations.

The details about a dynamic library entry point and how it works are platform-specific. On Windows, there is a DllMain, while Linux has different mechanisms. Alternatively, you could have a static global object in your library that performs initialization logic: this is guaranteed to run when your library is loaded regardless of platform.

---

class Frobnicator {
  public:
    virtual void frobnicate(Widget&) const = 0;
};

class FrobnicatorFactory {
  public:
    static void setFrobnicator(Frobnicator) { .. }
    static Frobnicator& getFrobnicator() { ... }
};

// Some code...
Widget w(...);
FrobnicatorFactory::getFrobnicator().frobnicate(w);

// Application init
FrobnicatorFactory::setFrobnicator(DefaultFrobnicator());

// Library init, define once.
class DllInitializer {
  public:
    DllInitializer() {
      FrobnicatorFactory::setFrobnicator(CustomerFrobnicator());
    }
} x; // Note the creation here

---

Note that this is a basic overview of how plugins work in C++. That is essentially what you are trying to do: expose a plugin mechanism to your customers without providing full source code.

Also note that your customers will need to use the same compiler as you due to name mangling.

Answer 2

You're searching for software called "obfuscator". It cannot prevent everything but it can help against decompilers. Obfuscators make rje decompiled result very hard to read or even make the decompiler throw an error. The expensice obfuscators support virtualization where the sourcecode is stored encrypted intermedia language which will be loaded in in virtual machine on runtime and executed. Because this code will be executed slower you can sometimes cirtualize single methods such as auth methods which will validate product keys.

Please keep in mind that every software can be cracked. Also you can be blackboxed: Someone will analise the bahiviour of the software and will develop software that does the same/similar

Dont forget to purchase an commercial license of OpenCV because otherwise you would violate their License