Friday, February 17, 2012

Decompiling MQL ex4

Decompiling a file means to break open the compiled source code to view the contents. The goal of decompiling is to access the original source in order to modify it in some manner.

MQ4 and EX4 differences


When you install an expert advisor, you may have noticed two different types of files listed in the experts or indicators folder. .mq4 files hold the original programming code in the MQL language. Programmers can access this file type in order to make changes to the EA or indicator.

The computer does not save ex4 file information in human readable format. Instead, it compiles the code into a series of zeros and ones, called bits, that the computer reads in real time. If you open an ex4 file in the MetaEditor or in NotePad, all that comes up are wiggly characters and gibberish.

The best analogy is to consider the idea of a game plan. If you know that the opposing team's defense moves slowly, you might try passing more frequently. You don't know all of the specifics of how the game will play out. The purpose is to develop a general response to a set of circumstances. That's the mq4 file.

The ex4 file is the series of decisions made in the game that implement the plan to pass more often. The idea is ready to go, even though the individual plays could not have been known because they were in the future. When the plays develop, the players take the generic game plan and implement it in real time.

Reasons to decompile


Most requests to decompile an ex4 file come from traders that purchased a commercial expert advisor and are not happy with the product. Breaking the compiled ex4 file yields an mq4 file. An expert advisor programmer can then take the MQL contents and make the desired changes.

Many would be decompilers want to make harmless changes to a file. A successful indicator may predict the direction of the market, yet it may not generate alerts when it's a good time to trade. New trading setup signals might save the user from staring at charts too long. Traders mistakenly assume that they need access to the source code to program an MQL indicator. It's easier to ask a programmer to use the iCustom function rather than breaking into someone else's code. It's a legitimate use of the code without requiring unauthorized access to the code.

Some frustrated traders approach me with expert advisors that lose money hand over fist. They want to modify the file contents in the hopes of salvaging a potentially useful concept from the strategy. I've also spoken to forex traders that bought "life time licenses" to expert advisors, only to have the vendor go out of business. They want to decompile the ex4 to remove the licensing restriction on a product they rightfully own but that they can no longer access.

I sympathize with the situations as both are common and ethical responses, in my opinion. I suspect, however, that the legal issues with modifying a commercial EA, are not in favor of the customer.

Then, there are the thieves that like someone else's work but don't want to pay for it. I unfortunately get this request all the time. OneStepRemoved.com does not offer decompiling services. Too many of the requests revolve around stealing other people's work.

If you sell expert advisors or sell custom indicators, the most appropriate approach is to program the MetaTrader file in a DLL. It's even better to encrypt the DLL.

The MQL language was not written with anything in mind other than trading. Code security and the risk of decompiling were not concerns of the MetaQuotes development team. That lead to a preponderance of MetaTrader programmers from Eastern Europe to develop MQL decompiling software and to release it on the internet. Going back and forth between the ex4 and mq4 formats is very, very easy.

Information loss after decompiling


Decompiling ex4 files does yield an mq4 file. That is not, however, the same thing as the original mq4 file. The decompiled ex4 file strips the variable names and replaces them with new machine names.

Good programming practices require naming variables after their purpose. When a variable maintains the distance of a stealth stop, the MQL programmer might name it stealthStop or stealthStopDistance. The decompiled version renames it to something hideous like i_594 or g_12. The decompiling process completely destroys the logical flow of the original mq4 file.

Now imagine a program with 30-50 variables. The name of every single one of those variables changes. The first overview of the code makes no sense. The variable names do not reflect their functionality in any way.

Function names and inputs, also called externs or external variables, are preserved. They do not make the structure of the code clear on their own. Together, they usually form enough information for the programmer to recreate the variable names.

The process of marking decompiled ex4 code and renaming the ugly variables takes at least 1.5 hours. It can many hours if the code is longer than a few hundred lines or the number of variables is unusually high. The review process is necessary if you intend to make any changes to the mq4 file. There's no way to go about modifying existing MQL code unless its current functionality is clear.

Changes to the mq4 file are exactly like any other MT4 programming project once the review process ends. The coder must program the changes and debug the file to ensure that it works properly.

Find an ex4 decompiler


You can run a basic search for "mql decompiler", "ex4 mq4 decompile" or any similar combination. The results pages usually show stiff competition among the vendors. It's not uncommon to get files decompiled for $8-15 per file.

The file delivery times vary between individual vendors. I've heard reports that it can take anywhere from a few hours to a week to receive decompiled files. Assuming that you're decompiling a file for a legitimate reason, it's hard to know who to trust. The industry, after all, largely targets customers that are stealing. Asking for a trustworthy decompiling service is akin to asking for a trustworthy thief.