Announcement

Collapse

Looking for a User App or Add-On built by the NinjaTrader community?

Visit NinjaTrader EcoSystem and our free User App Share!

Have a question for the NinjaScript developer community? Open a new thread in our NinjaScript File Sharing Discussion Forum!
See more
See less

Partner 728x90

Collapse

Need help with protecting my bot.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Need help with protecting my bot.

    Hi
    i made a strategies that I would like to lease it out to 20 of my friends. But I dont want to know what in the code or I dont want to share it with other people. I have been emailing with ninja trader ecosystem but it been a nightmare getting thing done. 2 week and all I got was we ll call you but never get any.

    Any suggestion
    Thank you

    #2
    You only need to become involved in the ecosystem if you want to use
    NinjaTrader's vendor licensing (which is free) -- but in return, they want you
    to (I think) have a website and have (to some extent, I think) a business.

    But you don't necessarily need to follow that route. I mean, there are other
    methods of licensing your code.

    In this thread I'll outline my suggestion for the cheapest and simplest solution.

    These can be taken as baby steps while you get started. Use this method for a
    couple dozen friends & family (paying or not, that's up to you), and for as many
    NT8 plugins as you wish. Consider this technique as part of a super early beta
    period, where 20 of your biggest fans get to follow you even before you decide
    to become an authorized vendor in the ecosystem.

    1. Hardcode a list of MachineIds of authorized users directly into your code.

    Gather everyone's MachineId from their NinjaTrader installation. Then you
    hardcode a list of strings, directly in your code, which is just a pre-initialized
    list of MachineIds of every authorized user. Somewhere in OnStateChange,
    perhaps for State.Configure, you inspect the hardcoded list to see if the current
    MachineId is contained in the list (and thus, authorized). You'll set a bool to keep
    track of this 'authorization check' (such as, IsAuthorized) and if this bool is false,
    you'll just immediately return from OnBarUpdate, effectively refusing to run if an
    unknown MachineId is trying to run your code.

    However, since this is a strategy, you have the option of allowing anyone to run
    it for backtesting purposes; only allowing authorized users to run with real-time
    data. This means you and your friends and family can share your DLL with other
    interested people without hesitation -- all these unauthorized users can do is
    backtest your strategy -- meaning, they'll need to contact you to run your strategy
    with real-time data -- only then do you add their MachineId to your hardcoded
    list (after they pay you, if necessary) and you send them a new release that
    includes (er, I mean, authorizes) their MachineId.

    How to do this? Easy, don't lookup the MachineId in your hardcoded list until
    State.Realtime. Remember, the Strategy Analyzer only uses historical data, so
    it should never reach State.Realtime, allowing any unauthorized user a chance to
    see and study the backtest results of your Strategy before committing to using it.

    Obviously, if this kind of freedom for unauthorized users is not desired, then
    confirm the current MachineId well before State.Realtime.

    2. Protect/encrypt your code.

    Study this page. You'll want to pay the $100/year in order to create a protected
    assembly, which is contained in the .zip file that your users will import. Whereas
    this step was free in NT7, the equivalent NT8 offering is not free.

    Both #1 and #2 are critical to protect your intellectually property. If you distribute
    your code using one without the other, you, the code author, can lose an immense
    amount of revenue and control over your work. Always do both.

    Just remember that licensing and encryption are two separate things, and although
    NinjaTrader offers viable solutions for both, theirs is not the only solution available.

    Good luck!
    Last edited by bltdavid; 09-19-2021, 12:43 PM.

    Comment


      #3
      Dang, you sound alien to me but I ll look it up. Thank you

      Comment


        #4

        Click image for larger version  Name:	2021-09-19_19-27-59.png Views:	0 Size:	52.9 KB ID:	1171653

        I think you just go to Tools > export > export ninja script add on.
        choose your strategy. Choose "Export it as a COMPILED ASSEMBLY"
        take out the DLL file and send it to all your friends.
        They can add that DLL file and (I THINK) start the strategy without being able to see the code since the DLL is encrypted.
        Your friends arent smart enough to hack an encrypted DLL
        Last edited by ezrollin; 09-19-2021, 07:01 PM.

        Comment


          #5
          Hello SuperDude123,

          bltdavid is correct here.

          Below is a link to a forum post with this information.
          https://ninjatrader.com/support/foru...50#post1109850
          Chelsea B.NinjaTrader Customer Service

          Comment


            #6
            Originally posted by ezrollin View Post
            I think you just go to Tools > export > export ninja script add on.
            choose your strategy. Choose "Export it as a COMPILED ASSEMBLY"
            take out the DLL file and send it to all your friends.
            They can add that DLL file and (I THINK) start the strategy without being able to see the code since the DLL is encrypted.
            Your friends arent smart enough to hack an encrypted DLL
            Compiled Assembly != Encrypted Assembly.

            Unless you take extra steps to specifically encrypt your assembly, I guarantee
            you, compiling your assembly does not automatically encrypt your assembly.

            A compiled assembly that is not encrypted can be easily dis-assembled, practically
            recreating the original C# code. Your friends may not be smart enough to do this,
            but their computer savvy kid probably is. Free tools to do this are plentiful.

            So, what are the specific extra steps you need to do?
            Pay $100/year for Agile.NET for NT8.

            Comment


              #7
              But with me paying $100 agile, whoever got the code, will they be able to share it with someone else?

              Comment


                #8
                Originally posted by SuperDude123 View Post
                But with me paying $100 agile, whoever got the code, will they be able to share it with someone else?
                Yes, absolutely.
                Anybody can share your assembly with anybody else.

                You can't stop this, nor should you care about this.

                What you can stop is the ability for the unauthorized recipients to
                run or decompile your code.

                Let's talk about this in more detail.

                Sure, someone can share your assembly, and the recipient can
                certainly install that assembly into their own NT8 setup.

                But, the point is: it won't do them any good. Because the new user is
                not authorized, your code will refuse to run. Why? Because your code
                is protected from execution by licensing.

                Second, because your code is encrypted by Agile.Net, (which, yes,
                you'll have to pay $100/year to use), no one will be able to recreate
                your C# code via the standard well known .NET disassembly tools.

                That's right -- when .NET code is dis-assembled, the result is not
                x86 assembly code but the full (and very close to original) C# code.

                This is because the .NET world is a lot like Java. How so? Java
                and C# compilers do not produce 'machine' code like traditional
                compilers -- they produce files that contain intermediate byte code,
                in the case of .NET it is called MSIL -- this byte code is then translated
                to machine code by a JIT (just-in-time) compiler, and then executed.
                The whole process is controlled by a Java JVM or a .NET VM.

                NinjaTrader users can usually ignore all that fancy .NET stuff under the
                hood. But if you're gonna enter the world of .NET code distribution as
                a developer
                and not understand these things (at least on a high level),
                then it's just like selling the milk but inviting your prize cow to be stolen
                because you can't be bothered to lock the gates or build a fence.

                Licensing allows your code to refuse execution if the user is not authorized.
                Encryption allows your code to remain protected from .NET discovery tools.

                You will never be able to stop file-sharing.

                But you can,
                ... stop your code from executing by using licensing techniques.
                ... protect your code from de-compiling by using encryption.


                PS: Remember back when I suggested that you allow your strategy to run
                in backtesting, but not with real-time data? That was an admission that you
                can't prevent file-sharing, so why not take advantage of it as a marketing
                feature -- by allowing unauthorized recipients to see the great results from
                back testing means they might someday be inclined to contact you and pay
                you money for a license, so that they can run your strategy with real-time data.
                Last edited by bltdavid; 09-20-2021, 07:03 AM.

                Comment


                  #9
                  Thank you, I ll look in to that. It seem like the way to go. Thanks for your time

                  Comment

                  Latest Posts

                  Collapse

                  Topics Statistics Last Post
                  Started by SydniBuck, Today, 12:54 AM
                  0 responses
                  4 views
                  0 likes
                  Last Post SydniBuck  
                  Started by ketostrongbuyno, Yesterday, 11:50 PM
                  0 responses
                  7 views
                  0 likes
                  Last Post ketostrongbuyno  
                  Started by ReinaKutch, Yesterday, 11:08 PM
                  0 responses
                  8 views
                  0 likes
                  Last Post ReinaKutch  
                  Started by JackyThur, Yesterday, 10:51 PM
                  0 responses
                  9 views
                  0 likes
                  Last Post JackyThur  
                  Started by sjeffblack, Yesterday, 01:22 PM
                  2 responses
                  30 views
                  0 likes
                  Last Post sjeffblack  
                  Working...
                  X