Peer Review of a Strategy Without Disclosure

Discussion in 'Automated Trading' started by Norm, Feb 6, 2006.

  1. Norm


    I would like to let others review the performance of my strategy without disclosing the strategy itself. I think that I may be able to accomplish this by wrapping the key decision making elements of the strategy up in a DLL (as suggested by Cash Coyne of Bright Trading in an earlier thread) and by making the DLL go ineffective at some point in the future (such as by making it only provide an output for 30 days).

    That way, it could be tested thoroughly, but not used live indefinitely.

    Any comments on this or any other way to allow peer review without disclosure (yes, I know this is a bit contradictory)?

  2. A really good programmer is not going to have a hard time cracking your DLL to disable the lockout mechanism.

  3. Or worse, it is entirely possible to reverse engineer your DLL to extract out your strategy, it is not all that hard, really.
  4. Why don't you just send them performance reports and tell them whatever information you wish to share?
  5. First of all, very few things would stop a very determined technologist from reverse engineer the strategy if you provide any executable to them. But never the less, there are some approachs for the paranoid.

    1) Write your software that require the presence of a physical key (i.e., a secure USB dongle), and then *take* the dongle back after 30 days. This can still be spoofed via virtual device drivers that just records the challenges, and play it back. And it is a huge pain to code to any GSS-API based token library. I have something like this for my own system, but I don't even distribute any part of the object code.

    2) Write your software that require the user to be online, so that the software need to contact your "mothership" server everyday upon startup for "challenge", if it does not challenge successfully, then intentionally corrupt the executable (!). Similarly, this can be defeated via properly analyzed spoofing.

    3) Probably simpler, just load up your software onto a laptop, lock down the laptop (no CD access, no usb access, all network ports except the permitted ones), give them the laptop, and then only give them a low acces level login (password set to expire). Again, this can be defeated via just a standard O/S attack, possibly via network scanning and stack breaking.

    Basically, this just makes the effort of breaking your system harder, it doesn't make it impossible.
  6. Buy this book and read it. Now that you know what's possible, decide whether or not you want to invest the money and time to implement it.
  7. Provide a DLL that acts as a proxy to your real logic implemented on a secure server somewhere. Use a secure protocol between the proxy DLL and the server to prevent casual sniffing. The DLL should do nothing more than forward the requests to the server and retrieve the responses. After 30 days, take the server down.
  8. Choad


    In addition to the other comments, I submit it would not take too long to get *close* to your strategy even if you just gave all of your trades (and exact time of execution). At least, a very experienced trader and system designer/programmer could come up with something very similar IMHO.

    This is of course only if the trades are based on standard stuff like price/volume/time, other stocks/indices, put/call, etc. If the trades are based on moon phases or the color of the bird outside your window, probably not.

    Not saying I could do it, but someone who has been banging away on this stuff fulltime for 5-10 years probably could.

    If the system looked very good, I'd just trade it in the smallest size possible and see how she flies. JMHO, I'm often wrong. :cool:
  9. Peer Review of a Strategy Without Disclosure
    Post these days seem to become more and more lunatic.
    If you were a winner, why would you want 'peers' to poke their noses in your little secrets?

  10. Sanjuro


    If it works, trade it.

    If it doesn't work, sell it.
    #10     Feb 7, 2006