Having the security of a system rely on its design being secret is known as *security through obscurity*. If you want something to be truly secure, you, you should not rely on this. The only things that should be secret are things like passwords and keys for encryption/decryption and authentication. These things work because they are secret, and they can be easily changed if they ever become known.

Consider two ways of protecting valuables in your house. Option A is locking the items in a safe and telling everyone in the neighbourhood that you have safe where your valuables are. Option B is to put your valuables in an unlocked drawer and hoping no one opens that drawer. Option A is way more secure, because just knowing you have a safe doesn’t let you open it. (Yes, technically safes can be cut open, but thats because nothing physical is truly secure). As soon as someone knows you are using Option B, it loses all security.

If your system is actually secure, knowing how it works will not help anyone break it. If it doesn’t need to be secret, then there is no reason to keep it secret. It’s actually better for it not to be a secret, because then others can verify if your system is actually secure and possibly find vulnerabilities and let you know so you can fix it.