Is here ANY way to protect a plugin SourceCode?

Hi! It’s me again! I’m having a problem right now:

I want to create a plugin:
Or rather, a light version and as soon as the PluginMarketPlace is available for everyone, the whole version (spoiler, you will have to pay for this, if the PluginMarketPlace will be available for everyone in the future). But right now I have one thing in mind:
That people will steal the source code of my plugin. I was thinking about making the Lite version free and open source, but keeping it secret. However, I have no idea how to protect my plugin. I thought I would do something like this:

--Plugin
local Plugin = require(id)
Plugin.LoadPlugin(UserID_of_current_developer)

--SourceCode
local SourceCode = {}

function SourceCode.LoadPlugin(ID:number)
    if UserPurchasedPlugin(ID) then
        --RunMyCode
    end
end

return SourceCode

But I’m not sure that this will protect my plugin. It would allow Roblox to look at my source code (on the subject, if no one sees my source code, then a bad person could do bad things, Roblox can look at my stuff, and it wouldn’t hurt, right? Since Roblox can theoretically ispezionieren my stuff) if there would be a problem and I could check if the person has bought my plugin or not, if he is allowed to use it or not. But is this the right and only way? And can I protect my plugin from bad developers (so they can’t steal my source code in any other way)?

I’m very new to source code protection, so I definitely have no idea. You can correct me very well if I said something wrong. Because really, I want to keep my source code secret from the whole plugin, but in a legal way (that Roblox can control my source code too, so if someone thinks I did something wrong, Roblox can control it himself and this is all legal. And yes, I have read this: Best way to protect a module?)

You could possibly use the require function to call a more protected and private script.

You could also just try to obfuscate it using something like Ironbrew to make it harder for people to steal your source code.

I can’t guarantee that your code will be 100% Secured as there will always be someone who will be able to deobfuscate your code or find some sort of way to steal it.

require wouldn’t help since you can’t require private modules anymore. That would just take an extra step to view the source. Even with paid plugins, there’s nothing stopping you from cracking it open and taking a look. This is actually a really important thing, since there’s already so many backdoor plugins on the market even when the source is openly available. If people couldn’t even check if a plugin was a backdoor, that’d lead to some bad places.

3 Likes

As @rogchamp mentioned, if you want people to be able to use your plugin, it’s code will be open for all. The best way to protect your plugin is to make it unique & worth it, so that people would rather support it than the free version.