如注释中所述，在本地运行模型时，没有真正安全的方法可以保持模型安全.话虽如此，您可以隐藏模型并使事情变得有些困难，而不是使用 .pb .

As mentioned in the comments, there is no real safe way to keep your model safe when you run it locally. That being said, you can hide your model and make things a tad more difficult than having a .pb around.

除了名称混淆，由 freeze_graph ，一个很好的解决方案是编译为模型使用 tfcompile 使用XLA AOT编译二进制文件.它会生成一个二进制库，其中包含您的模型以及要使用的模型的头文件.这样一来，想要窥视您的网络的人就必须经过编译后的代码，对于大多数人来说，这是比阅读 .pb 文件更高的标准.

Apart from name obfuscation provided by freeze_graph, a good solution is to compile to model to a binary using XLA AOT compilation using tfcompile. It generates a binary library containing your model as well as a header file to use it. Somebody who want to peek at your network would then have to go through compiled code, which is a higher bar to clear than reading a .pb file for most people.