Securing .gh Files

Hello everyone!

I have a scenario where I need to send encrypted .gh files from a remote web server to clients. Currently, I’m encrypting these files to ensure they remain secure event after transit. Upon receiving the encrypted file, the client needs to decrypt and run it using GRASSHOPPERPLAYER via the command GRASSHOPPERPLAYER /tmp/path/of/the/decrypted/file.

Here’s my challenge: I’d like to streamline this process. Instead of decrypting the file, saving it to a temporary location, and then running it with GRASSHOPPERPLAYER, I’m exploring more efficient methods.

Is there a built-in functionality in GRASSHOPPERPLAYER or another method that allows for reading from an encrypted file directly without prior decryption? Alternatively, is there a way to decrypt the file and pass it as a buffer directly to GRASSHOPPERPLAYER, rather than providing a file path?

Any insights or suggestions would be greatly appreciated!

Hi,

how do you encrypt in the first place? And against whom do you try to secure it?

The problem is you need to always decrypt binaries before using them. An encryption algorithm modifies the binary data, which means the client needs to have direct or indirect access to the decryption key. The process is okay, if it follows the purpose of protecting against a 3rd party, but you are not protecting against a client. Usually when using SSL/TLS certificates on your web-service, all your data should be encrypted and decrypted by default. A user who authenticates against a protected route should be able to get the files securely without any additional encryption/decryption.

If you already have a web-service, you could also write a plugin/middleware, which intercepts the de-serialisation and decrypts the file before reading the data, by requesting the private key over the web-api.
Otherwise, if you store the private key inside the plugin, the key could be extracted quite easily.

If you want to protect against the customer to read your file, than I believe this is almost impossible, because you would need to rewrite Grasshopper entirely to make it much harder…

Thank you for your quick reply and insightful suggestions.

I employ symmetric encryption, specifically AES, to encrypt the .gh files right before transmitting them to clients. As you pointed out, clients do have indirect access to their unique decryption keys. Unfortunately, my intention is to safeguard the file against the clients themselves.

I understand that protecting the file against the client poses a considerable challenge. Nonetheless, I appreciate your suggestions.

Thank you again for your assistance!

If you want to protect the contents of a .GH file from its intended users, the only reliable way is to never share the .GH file in the first place (encrypted or not). This means running in on your own server.

These days it is not as complicated to achieve with Rhino.Compute, RestHopper, Hops and all.

Recently I made little Python notebook documenting how you can send a request to compute a Hops definition from your own application. That application could be a simple WebAPI serving as a interface between users and your Rhino.Compute server, handling the user authentication and making sure you never have to expose the Hops / .GH definitions themselves.

hops_outside_of_GH.zip (50.9 KB)

2 Likes

I don’t know if this creating more problems than solving it. First of all, if clients pay you for producing code, then you are the author, but not the owner of that code. You need to deliver the code, because you sold it. Making things transparent is even sign of professionalism.
You rather endanger your existence as a service contractor if you do the opposite.

If you sell the usage of a public api instead, you really need to make sure that your client can access this at any time. Apart from all costs and complexity in professionally hosting code, why and how much should the client pay you for this?

What if there is a security incident on your side and you leak confidential data from your client? You are taking a lot of responsibility. You are selling a product not a service anymore! There is a lot of overhead involved with this.

Other than that, I have not seen many native definitions which are complex enough to be worth to protect at all. if there is really a lack of trust, than obfuscation might be enough. And if the client is capable in reversing obfuscated code, than I guess your existence isn’t secure either.

1 Like

Hello Ondrej,

Thank you for your detailed response!

I completely agree with your suggestion. Running the .gh files on my own server using Rhino.Compute seems like the most secure and efficient approach to protect the contents from clients. I’ve been exploring the capabilities of Rhino.Compute and RestHopper, and I’m impressed with the potential they offer.

I’ve also come across apps like `ShapeDiver’, which seem to offer similar functionality and could be another viable option for my scenario.

Your Python notebook documenting how to send requests to compute a Hops definition sounds very informative. I’ll definitely look into that to better understand the process and potentially implement it for my application.

Thanks again for pointing me in the right direction!

Hello Tom,

Thank you for sharing your perspective on this matter.

To clarify, the nature of my work involves delivering the output or results to clients rather than selling the code itself. Clients pay for the end result, and the .gh file serves as a means to achieve that result. Therefore, my intent is not to withhold the code but rather to protect the intellectual property and the proprietary algorithms used to generate the output.

Securing the .gh file ensures that the proprietary methods and designs remain confidential, while still allowing clients to benefit from the results they’ve commissioned. This approach aligns with maintaining a professional level of service and safeguarding the trust and confidentiality between me and my clients.

I appreciate your concerns regarding the complexities and responsibilities involved in hosting such services. Rest assured, I am committed to implementing robust security measures to mitigate any risks of data breaches or security incidents.

Thank you again for your insights and for highlighting the importance of transparency and professionalism in client relationships.