I'd go with solution #3, using an unencrypted comment that indicates the code has been encrypted. Yes, the user might remove or change it, but the user could just as easily fiddle with the encrypted form of the code itself. So, I don't think it's worth worrying especially about the integrity of the comment.