What is considered best practice in protecting an EA from pirates?

Feb 06, 2010 at 19:50
3,688 Views
28 Replies
Member Since Feb 06, 2010   24 posts
Feb 06, 2010 at 19:50
Your suggestions would be appreciated.

Thank you
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 06, 2010 at 22:13
Don't ever let it leave your hands.

Member Since Aug 31, 2009   131 posts
Feb 07, 2010 at 02:41
Dont share it - Dont show it and only allow others the trade it with a managed account.
It ain't easy being Cheesy!
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 07, 2010 at 03:23 (edited Feb 07, 2010 at 03:29)
FT

Even then it could not be safe. I once got a heads up from a computer dude that reckoned Metatrader can probably see the EA's if they want to. There's a lot of two ways comm's and we wouldn't know if it's copying and sending the EA's back to some server.

I don't want to start rumors, but it for total security you have to write and control all the software running on the computer you're using.

Personally I think MT is ok for learning and experimenting, but C++ and API's are the way to go if one ever gets beyond a few thousand bucks in the account.

Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 07, 2010 at 03:33
And then of course if you get real rich you'll always get some hacker trying to steal your stuff.
Member Since Aug 31, 2009   131 posts
Feb 07, 2010 at 03:39 (edited Feb 07, 2010 at 03:42)
I've heard about custom MT4's that allow EA peeking, I think it was FXPro (dont quote me on this) that modified their MT4 to do that. Most Market Maker brokers wont go to the trouble since 95% of people lose and if you're not scalping they can hedge the risk anyway. (and if you're scalping they'll kick you off) - They way the MM's get to see code is by holding contests that why I never submit. They're ran by brokers and you submit cleanly written source code!!
It ain't easy being Cheesy!
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 07, 2010 at 06:25 (edited Feb 07, 2010 at 06:29)
Friend of mine has a brokerage. I'll ask him. See what they can do....wouldn't like to have my stuff peeked...

I know for a fact they can mess with your feed. Just another reason not to scalp, you work for years too get it right, go live, they press a button and you see your arse...

Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 07, 2010 at 06:52 (edited Feb 07, 2010 at 06:52)
In my case my systems are actually several different Ea's and they all call external files. So not much of a chance anyone could get them to work...
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 07, 2010 at 07:37 (edited Feb 07, 2010 at 08:08)
What I would do if I was in the EA selling business is write an EA that calculates the trade levels and directions on server A, and write the information to server B.

Then release a small EA to the clients to go and read those levels on server B. It should be possible. Myfxbook has an Ea that sends information to a server, so if it can send it must be able to fetch.

Member Since Jan 14, 2010   556 posts
Feb 07, 2010 at 10:00
There are several possible layers of protection, I will sort it from the worst to the best:

1. Compiled EA - useless, the EA can be easily decomplied with a 3rd party service for a minimal fee.

2. EA cobined with a dll - this is a better solution since all of the EA's logic is in the dll which is much harder to decompile, although not impossible (Take for example Microsoft or Apple who can't prevent their operating systems protections' from being cracked).

3. Remote hosting of the logic as Elkart suggested - this is one of the better protections possible, since there is nothing to decompile - the EA only receives buy/sell orders from a remote machine. This comes with a price though - latency. For scalping systems this would be a huge disatvantage since it's all about perfect timing.

4. Standalone execution - this would be the best solution, however it will cost accordingly. For each managed account you would need local access to the platform - either by having a MetaTrader open for each client on your own private machine, or access to the API of the broker used. This method of course also has some latency, but it's reduced to the minimum since lower latency can be achieved only if your machine is located in the same datacenter of the broker's.

Since the 4th soultion is not viable for most of the average EA creators, I would recommend using the 3rd solution if the EA is not sensitive to latency.
Member Since Aug 31, 2009   131 posts
Feb 07, 2010 at 10:08
5. Have the EA trade a PAMM account. Your clients accounts will get the same trades scaled by their deposit size as the Master account. EZ - You trade 1 account and keep the EA secret on your VPS and can support any number of clients.
It ain't easy being Cheesy!
Member Since Jan 14, 2010   556 posts
Feb 07, 2010 at 10:17

Fulltime247 posted:
    5. Have the EA trade a PAMM account. Your clients accounts will get the same trades scaled by their deposit size as the Master account. EZ - You trade 1 account and keep the EA secret on your VPS and can support any number of clients.

Indeed this is another solution, however in this case you're limited to one broker with each PAMM account, so working with many clients from multiple brokers would be an impossible task.

It's really a shame MetaTrader do not make a solution for this issue - that's also another source of revenue for them if they were to build a professional platform for managers which aggregates all of their brokers; a lot of managers would defenitely use it.
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 07, 2010 at 14:01 (edited Feb 07, 2010 at 14:02)
W,

Won't be practical. The different broker are to different. For example if Varengold won't take a trade with levels like a SL or a TP - you have to modify afterwards, where IBFX will. IBFX allows daily hedges until rollover, where Varengold allows hedges.

For each broker I have to adjust my strategy. And each needs their own EA.

If it ever gets to that level, better to write an EA for that broker and use the MM software. Hire someone to handle the clients.

I take each broker on their own. But ultimately the goal is not to have clients. Each client is like a boss. One thousand bosses. The idea makes me shiver in fear...
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 07, 2010 at 14:12
Mt4 brokerage isn't that expensive. If the client acquisition is that fast be better to just buy one.
Member Since Dec 22, 2009   8 posts
Feb 07, 2010 at 16:40
6. If your EA is TRULY good (and I don't know how much probable it is, considering that at this time there are something like less than 10 EAs that 'truly' work against hundred of scams), then the money will still come (and then, if your EA truly worked, perhaps you wouldn't need to sell it). If we look at three of the most successfull EA, Megadroid, FapTurbo and DP, the first two have a DLL with part of the engine and the third (if I remember correctly) doesn't have anything (simple .ex4 file).

If you 'use' a dll, there are some dll encryptors to make it more difficult to unscramble/crack it.
Member Since Aug 31, 2009   131 posts
Feb 07, 2010 at 18:33
Here's the protect tools - https://eaprotector.com/
They're not impossible to crack but they will stop all but the most determined hackers.
It ain't easy being Cheesy!
Member Since Dec 23, 2009   2 posts
Feb 08, 2010 at 19:04
Fulltime247 posted: Dont share it - Dont show it and only allow others the trade it with a managed account.

but i think this idea still the best way to protect your EA.. 😉
keep consistent, keep rational..
madmatz
forex_trader_5077
Member Since Dec 30, 2009   23 posts
Feb 09, 2010 at 07:08
I know of an option where you can have your EA provide signals to client accounts at many different brokers. The client accounts receive your signals at their brokerage account and the trades are automatically placed. You can charge clients a subscription fee, or per trade fee, etc.

This is the best way to protect your EA since you never give any code to anyone. The worst that could happen is they study your trades and reverse engineer a similar EA but, someone could do that anyway and, that's a lot of trouble to go to.

I'm not familiar with myfxbook's policy on posting links so, I'm not going to post it right now.

If this sounds like it might be a good option, message me and I'll send you the info.
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 09, 2010 at 07:32
Not something I would do. Need to have direct control of what's happing in the clients account. Ultimately I'm responsible for that account and liable in many cases.

Not an option for a real pro.
Elkart
forex_trader_7
Member Since Aug 01, 2009   941 posts
Feb 09, 2010 at 08:05 (edited Feb 09, 2010 at 08:23)
Basically me experience is that if you can really do this, money arrives and it arrives fast. People can tell if you know what you're doing or not. No need to sell EA's.

You can not trust a client not to fiddle with EA's. You'll always get a genius that wants double the money and goes double the trade sizes, then when he wipes out it's all over the forums and internet. You can't even trust them to always have internet or electricty so they're online at least. Or even understand what they have to do.

And you definitely cannot trust a third party tool to be reliable. Not when someone trusts you to do the best you can not to lose their money. What happens if that tool starts doing doubles trades? What if it's offline? And how would you monitor it?
Sign In / Sign Up to comment
You must be connected to Myfxbook in order to leave a comment
*Commercial use and spam will not be tolerated, and may result in account termination.
Tip: Posting an image/youtube url will automatically embed it in your post!
Tip: Type the @ sign to auto complete a username participating in this discussion.