How to protect the source of a delphi app?

Question

How could I protect my delphi app from being decompiled? I know there are some software like themida that I think will do that but then the protected exe trigger the antivirus.

Answer 1

It depends what your goal is.
If it's really just protecting the source, it's already done! Provided you don't include debug and symbols information and add some heavy inlining, good luck to reconstruct some usable Pascal code from disassembling the exe.
If it's preventing people from seeing how it functions and hack it, then you have to include some anti-disassemble protection. It's harder but doable. Often done as a collateral to anti-piracy protection.

Answer 2

Everything that a CPU can read, can also be "decompiled", so there is no ultimate security. But usually it is quite hard to decompile compiled Delphi code, and almost all identifiers and all comments are gone, of course.

The published parts of classes, DFM file information and constants (including string constants) are present in the exe file, in an easily readable way. You can reduce this problem by encrypting your strings and not using published and not use DFM files. However, all the information will still be present in your exe file, so often this will just be hard work that gives no real security.

If you just want parts of your source code to be difficult to read, make your algorithms difficult...

In the end, everything can be hacked. The only real way to avoid your app from being decompiled, is to keep the exe file away from those that can do it, like when you deploy it on your own server but not on the customer's server.