Is there really no way to fetch the module code at runtime if you control the VM? That sounds weird to me for an interpreted language.
Not directly, via the VM. Beam bytecode looks dramatically different from beam assembly, and is optimized for different usecase bytecode is (roughly speaking) optimized for in-memory access and fast cpu instruction selection and switching, and assembly is (roughly speaking) optimized to have universally understandable data layout on persistent media.
If you have access to the memory of the machine, you could in theory reverse engineer much of the code from the in-memory contents, but I think that would be very difficult.
Maybe an enterprising person who cares about IP and DRM (not I) could figure out how to run enough of a BEAM process inside of an SGX enclave to do “interesting things” but… Haha probably not worth the effort, and besides SGX is a terrible idea IMO. Already we see exploits where someone can run malicious code inside the SGX enclave and therefore hide it from the hypervisor lololol
Is it possible to distribute intermediate compilation results, like core erlang or textual erlang AST? I would prefer that to a stripped BEAM code.
Yes. All the tools are there in modules that ship with the beam.