We can now create 'tamper-proof' software by bringing back the 'forbidden' art of self-modifying code.
April 16, 2026
Original Paper
Tamper-Proofing with Self-Modifying Code
arXiv · 2604.12407
The Takeaway
Self-modifying code has long been considered a security risk, but this paper uses it to create a 'physical seal' for software. By combining self-mutation with precise timing predicates, the researchers made code that is detectably expensive to clone or tamper with on standard hardware. If you try to change the code, the timing of the execution shifts, revealing the breach. This provides a new way to ensure software integrity without needing special secure hardware (like TPMs). It’s a radical 'Practical Magic' approach that uses the complexity of the CPU itself to protect the application. It turns an old 'bug' into a new 'shield' for software distribution.
From the abstract
Classical computability theory tells us that self-modifying code (SMC) on a deterministic universal Turing machine can be simulated by non-SMC code on the same model. That abstraction, however, omits the external timing inputs, concurrency, and microarchitectural state that dominate practical execution on modern processors. We argue that once timing, ordering, and self-introspective effects are treated as observables, a practically faithful non-SMC reproduction of timed SMC becomes detectably ex