A little bit of theory
DLL protection MQL scure
Expert advisors, indicators and scripts for the
Metatrader system are created using the built-in MQL
language. Then, the source text code MQ4 is compiled
into executable binary code EX4. File with the EX4
extension contains program logic understandable to the
Metatrader interpreter only. We will not see anything
using ordinary text editor. This is convenient in case
if a programmer or trader provide their program for
usage but doesn’t want the user to know the details of
the sales strategy.
A problem.
Unfortunately, there are methods of decompiling the EX4
files back to MQ4 which allow seeing the program logic.
This is a big problem for those who want to keep the
details of their trading strategy confidential.
Decompiling makes it pointless to create a business that
is based on sales of expert advisors or providing them
for usage. The existing companies suffer great losses.
Solution methods.
There is an opinion that a good MQL programmer can write
program in a way that would make it impossible to
decompile. For example, by using licensing system. Well,
unfortunately this is not the case. The strategy cannot
be protected by means of MQL only.
Let us see several methods of protecting sales
strategies. We will compare them and find out their pros
and cons.
1. Pure MQL
As we have already said, this method does not provide
protection because an EX4 file can be easily decompiled.
However, along with the cons, MQL programming has its
pros which will be examined in comparison with the other
methods.
Pros: simple structured language that is comprehensible
by traders and not only by specialists. Lowest cost
level as compared to other methods.
Cons: easily decompiled.
Special features: applicable for personal use or for
refinement of the strategies logic.
2. DLL
MQL language has a very useful special feature. It
allows the programs to link with the libraries (DLL)
written in other programming languages. First of all, it
essentially expands the possibilities and secondly, it
allows moving MQL logic into the library which makes
decompiling of an EX4 file useless.
DLL can also be decompiled however it is by no means
easy and requires specific knowledge. When decompiled,
the DLL code is translated into the Assembler (ASM)
machine language. This procedure is called disassembly.
Pay level of ASM specialists is very high, thus such
expenses are unreasonable for hacking most projects.
Moreover, a project consists of two parts minimum:
MQL+DLL, which makes the hacking job even more
complicated, since it requires teamwork of two
specialists.
Pros: quite a high protection level, unlimited capacity
to expand possibilities of the MQL language.
Cons: higher development cost as compared to an MQL
project. Library installation required.
Special features: applicable for projects of average
cost and popularity.
3. Online WEB
This method implies moving of the trade logic to WEB
server. The user’s computer will have executive
interface only, without the decision-making module.
MQL, DLL and WEB are used in this architecture. MQL
generates a request, DLL sends it to WEB server, and the
server generates and sends a reply that gets into MQL
through DLL. MQL manages the orders based on the reply.
There are simpler variants, when MQL only listens to /
monitors the replies from WEB server.
Pros: The highest protection. Possibility of remote
updates. Possibility of remote control over access to
the project.
Cons: Delays can occur during data synchronization. High
development cost.
Special features: Applicable for major or popular
projects.
Comparison.
The comparison was made by specialists of Meta-Trader.co.uk
company. Explanation of the results and comparison
criteria are given below each diagram.
By protection level
Minimum is 0, Maximum is 10. The more, the better.
MQL – 1
DLL – 6
WEB – 9
MQL has minimal protection against hacking, but 1 point
is scored considering that it is not every user who
knows about decompiling and not everyone knowing it
would be ready to use this method.
DLL has average protection level.
WEB has almost maximum protection level. One point is
not scored because there is a probability to hack WEB
server that stores the strategy logic. Such probability
is very low and even if it happens, then a specialist is
needed to decompile binary code and then synchronize the
logic with the MQL.
The following factors were considered when estimating
the protection level:
Statistics of users’ awareness of the decompiling
possibility;
Complexity of decompiling process for each of the
methods;
Cost of hacking job specialists.
By development cost
Minimum is 0, Maximum is 10. The less, the better.
MQL – 1
DLL – 4
WEB – 10
The results can be explained as follows. If we take any
task and fulfill it using all methods, then MQL will be
the most low-cost one, WEB is the most expensive, and
DLL will have the cost a little less than average as per
the maximum level.
The following factors were considered when estimating
the development cost:
Cost of work done by specialists in each area;
Complexity and time for testing a ready project.
By speed of decision-making
Minimum is 0, Maximum is 10. The more, the better.
MQL – 10
DLL – 9-6
WEB – 6-1
Speed of decision-making is like the other side of a
coin while the first side is protection. The more
components the system has, the more problems will be
there with data synchronization. Accordingly, WEB method
will be the slowest. DLL will be average, and MQL – the
fastest.
For DLL, a range of speed values is given. If DLL is
used as a library for computations, then the processing
speed will be practically comparable with the MQL and
will have an index of 9 points. And if synchronization
with the external data sources is used within DLL, then
the speed index may fall to 6 points.
Same for WEB. If the logic is simple and it is executed
fast, then the speed index will be not lower than 6
points. And if, for example, WEB server is connected
with Back Office for computation of expert advisor
values, then the speed index may fall to the minimal
value.
The following factors were considered when estimating
the speed of decision-making:
Project architecture;
Connection with external data sources.
Conclusion
When selecting a method of protection, you have to
consider all the parameters described above. Then the
facilities committed for the development will pay off
over and above and the ill-wishers will be left with
nothing!
If you
have any questions or want to make your EA secure please
contact us at
info@meta-trader.co.uk
Here you can download a
30-Day-Trial-Version.
All the information about automated trading: Subscibe
our Newsletter:
Click here
