this post is under construction – I have the approaches here but need some time to also share the experience…

How to obscure some Python code from anyone running the code? I am no expert here but I have tried a few things and will give my steps and recommendations here.

Have a with a simple helloworld FastAPI in this case. There is also an /error endpoint to see how much source code is returned in the logs.

from fastapi import FastAPI

app = FastAPI()

async def root():
    return {"message": "Hello World"}

async def root():
    raise ValueError('all is wrong now')

if __name__ == "__main__":
    import uvicorn, host="", port=3000)

Install fastapi and uvicorn with pip and run the code with:


And find the API on

Option 1: Compile with CPython

Compile to CPython:

python -m compileall .

Now run with:

python __pycache__/main.cpython-310.pyc

These files .pyc can be decompiled, so a developer with some (or little?) effort can read the source code.

Option 2: Obfuscate with PyArmor

There are some obfuscate projects to make it hard to read the source code, such as PyArmor:

pip install pyarmor

and obfiscate the code base:

pyarmor gen
python dist/

It works great, but some info from the files can still be retrieved from memory.

Option 3: Cythonizing

Here cythonizing is just compiling to Cython.

pip install cython

Have a with the compile options:

from distutils.core import setup

from Cython.Build import cythonize


And compile:

python build_ext

You can import and run app from the so file, or you can run directly with uvicorn:

uvicorn main:app


Give me some time to bring this to a conclusion.