Problem with stealing code

Trs2988

Not sure if there's a hard and fast solution here, but I'd appreciate it if a couple people could at least brainstorm with me on this problem.

I'm currently developing a web-based game in PHP with 6 other developers. While I currently trust these people, I know the possibility of a falling out or some dispute between us is always a possibility. I have encrypted the central file included by all files throughout the game with phpShield, so that only I have access to all of the functions, constants, etc. This works very well - there's not a chance that someone could duplicate the game somewhere else.

However, many developers (obviously) need to access this core to make changes, fix bugs, etc. So here's where my problem lies. How do I allow access to all/most of the core, but still prevent it from being stolen?

Here are a couple ideas I've come up with, but none of them fully work:

Leave most of the functions unencrypted, with just a few central functions encrypted. This seems like it would be able to fix most of the problems. However, if there's only a few functions missing, how hard would it be for someone to reconstruct them?

Figure out some way for the core to be required. I haven't fully developed this idea, because I can't figure out a way for it to work. What I'd like to do is have it so that if the core file isn't included, then none of the other files will work. Not because of a missing function or something, but because there's something in the core that "activates" something and allows it to run. I can't figure out how to do it, though. It seems like there would need to be something in the files the developers have access to in order to make sure that the script execution is stopped, and therefore they would just be able to delete that section and get around it.

Allow certain functions to be "checked out" and worked on, while the others remain encrypted. This would allow me to monitor who's been looking at what, so I get an idea if someone's accessing more than they should. But it seems like a very complicated solution, both for me to make and for them to deal with.

Unencrypt the whole thing, hope for the best, and get over it. The longer I can't figure out a solution, the better this choice seems.

Any ideas?

bradgrafelman

Encrypt as much as possible, and make them sign contracts? shrug

Trs2988

Actually, you might be onto something. Put the fear of God (and the government) into them, and then I can stop worrying.

Not foolproof, but at least a solution.

MarkR

Have clear copyright statements on the top of the code; make the developers sign NDAs, then open all the code for them to view.

If they subsequently rip you off, they are breaking your copyright AND violating their NDAs, so you can legally get them on both counts. Moreover, if they are creating any application which is obviously or non-obviously based on it, you can probably write a cease-and-desist letter which will put the fear of <del>god</del>litigation into their manager to make them stop.

But most of all, ASK them not to rip you off.

What sort of contract do you currently have with these people? Are they all located in the same country as you (this is pretty important really).

Mark

Trs2988

I have talked to all of them to ask them not to steal anything and stress the importance of it. Beyond that, nothing has really been signed.

Four of them live in the USA, 2 in England. How much of a problem does that create?

Kudose

I would declare that any court battles must happen within your home state.

In example, I use this in all of my agreements.

This Agreement shall be governed by the laws of the State of Kansas. If for any reason a court of competent jurisdiction finds any provision of the Agreement, or portion thereof, to be unenforceable, that provision of the Agreement shall be enforced to the maximum extent permissible so as to affect the intent of the parties, and the remainder of this Agreement shall continue in full force and effect.

Although it doesn't state all battles have to be in Kansas, only Kansas lawyers and Judges would be most competant in the laws.