source protection is the topic of making deployed code inscrutable to users
It is possible to combine the various forms of deployment with some form of encryption. Encryption will, of course, incur a performance penalty.
The compiling solutions in Tcl Dev Kit/TclPro and the GE ICE Tcl compiler offer decent protection because they actually obfuscate in such a way that not even runtime introspection would reveal your code. The latter is arguably the best, as it translates to compilable C code, but it only works for Tcl 8.0.
It is practical to deliver encrypted Tcl-coded applications. Steve Blinkhorn, for example, has written, "Various of my Tclkit-based projects are delivered using blowfish encryption, with some extra attention given to the security of keys. There's nothing especially difficult about doing this with single-file Starpacks, and the actual encryption code is miniscule - I routinely build starkits with multiple versions of a mini-extension for various platforms, with little impact on the overall size. For instance, a version of tclhttpd with some custom code (including encryption) packaged up as a single-file executable with tclkit has 300Kbytes or so to spare for a document tree and still fits on a 3.5" floppy, is in live use now, doesn't crash and supports some quite complex client-server transactions with a Metakit database (the code for which, of course, comes as part of the Tclkit executable).
With a two-file (Starkit) solution, it is possible to update client software on remote sites transparently, so far as the user is concerned, and on a user-by-user basis, because the .kit file looks to the executable like a file system."
JBR: It doesn't seem possible to deliver a script that can be executed by the Tcl interpreter that cannot be viewed by a determined individual. If the boot strap application code can find and use a decryption key so can the attacker. This is the underlying and inescapable flaw in all encrypted content delivery schemes (DRM).
Kroc - It doesn't really matter because Tcl interpreter can runs strings human beings can't understand.
The Tcl interpreter runs byte code. Last I checked it can be formatted and understood.