[Feature Request]: Add `generate-integration-package` command to create test-friendly versions of closed-source packages

[mshakeg]

🚀 Feature Request

Add a new Aptos CLI command that generates "integration packages" - versions of Move packages that preserve test-only code and helpers while obfuscating production implementation details to match decompiled bytecode output.

Motivation

Is your feature request related to a problem? Please describe.
When building DeFi integrations for Aptos Move DApps, developers often need to write local tests (aptos move test) that interact with closed-source protocols. Currently, this creates a dilemma:

• Protocol teams want to protect their IP by keeping source code private
• Integration developers need access to test helpers and #[test_only] functions to properly test integration

For example, as a developer at a yield aggregator integrating with a closed-source money market protocol, I can:

• See the public ABI (functions, structs) on-chain
• Decompile bytecode to get functional but illegible code
• But I cannot access the #[test_only] helpers that would make testing straightforward

This forces integration developers to either:

1. Reimplement test utilities from scratch (error-prone, time-consuming)
2. Test only on devnet/testnet (slower iteration, limited coverage)
3. Pressure teams to fully open-source (not always feasible for business reasons)

Pitch

Describe the solution you'd like

A new CLI command:

aptos move generate-integration-package --package-dir <source> --output-dir <output> --preserve-tests

This command would:

1. Take a source package as input
2. Obfuscate all production code to match aptos move decompile output (removing comments, renaming internal variables, etc.)
3. Preserve in original form:
   • All #[test_only] functions, structs, and constants
   • Optionally include all #[test] functions; which would be useful to understand how #[test_only] can be used as well as understanding the behaviour of the system
   • Test-related comments and documentation
   • Original directory structure
4. Generate a Move package that:
   • Can be shared with integration partners
   • Compiles and passes tests
   • Reveals no more production logic than what's already obtainable via decompilation
   • Provides full access to test infrastructure

Optional features:

• --preserve-comments: Keep comments on public function signatures, constants, and structs

The existing aptos move verify-package command can already verify if local packages match on-chain bytecode. This could be used after generating an integration package to ensure correctness. If verify-package doesn't already clearly distinguish between exact bytecode matches vs matches-except-for-addresses, it could be enhanced to report:

• Exact match (100% identical including addresses)
• Structural match (identical code, different addresses) with clear listing of address substitutions
• No match (actual code differences)

This would make it clear when integration packages are valid representations of on-chain code despite using different addresses for local testing environments.

Describe alternatives you've considered

1. Manual obfuscation: Teams can currently achieve this manually through a tedious process:

   • aptos move download --account <addr> --package <name> --bytecode to fetch on-chain bytecode
   • aptos move decompile --package-path <downloaded-dir> to get decompiled source
   • Manually copy over all #[test_only] code from original source
   • Manually copy the entire tests/ directory
   • Manually recreate the original directory structure (sources/, scripts/, tests/)
   • Fix any import paths and dependencies

   This process is error-prone, time-consuming, and needs to be repeated for every update.

2. Full open-source: Not viable for many teams with IP concerns

Are you willing to open a pull request? No at this time.

Additional context

This feature could establish a best practice for closed-source DeFi protocols on Aptos, promoting both:

• IP protection for protocol teams
• Developer-friendly integration experiences

As DeFi composability grows, this middle-ground approach could become the standard for how closed-source protocols share code with integration partners.