2 Replies
      Latest reply on May 14, 2020 3:57 AM by wy226
      016 Level 1 Level 1 (0 points)

        hi,

         

        Xcode runs a compiler on the mlmodel file to create a .mlmodelc folder — and that is what goes into your app bundle.

        After the compilation, the model file is not encrypted or in other way secured.

        Does this mean that anyone can use the .mlmodelc file?

        How to safely use .mlmodelc in an application?

        encryption?

         

        Thank you for any help!

        • Re: Safe use of mlmodelc files
          kerfuffle Level 3 Level 3 (120 points)

          It is trivial for another developer to download your app's IPA, copy the mlmodelc bundle into their own app, and start using your model.

           

          Of course, this is not legal (copyright infringement) but technically speaking it's really easy to do.

           

          Encryption is possible but you have to implement this yourself. Out of necessity, the decryption key needs to be part of your app, which still makes it possible for someone to decrypt the model. Or the app needs to download the decryption key based on a login or a license code or whatever and only keep it around for the current session -- but even then can a dedicated enough attacker decrypt your model.

           

          So it just depends on how difficult you want to make it.

           

          An easy way to obfuscate the model is to pretend it's a different kind of file. You could zip up the mlmodelc folder and rename it to "SomeImage.jpg". Then at runtime, unzip this file and load your model from that folder. It won't stop a dedicated attacker but it will fool at least some people. ;-)

          • Re: Safe use of mlmodelc files
            wy226 Level 1 Level 1 (0 points)

            Qo