This is an old thread, but probably it is the correct place to put this...
After all these years I don't mind talking about it. The cartridge contained some very specific logic, which means that writing to some out ports initiated a computation mechanism, which could be tested by reading it. This was detected at various levels in the game code: a random crasher in the interrupt code, an 'after level' check, and one or two (I forgot) in the level 5/level 8 transition code.
Each of these tests was coded completely differently, and involved self-modifying code.
I'm not saying it can't be done, but I am saying getting it out would be a horrific job, and would be error prone because of the repeated checks, and checks at later points in the game.
So again, I'd love to see a cracked version played through to the end 
Regards,
Cas Cremers
Some weeks ago, Hamlet published a picture of ARC's cartridge opened. It was filled with some kind of silicone.
I was curious about how the anti copy protection worked. So I asked him for the game, and he was kind enough to send it to me. Thanks!
The first thing a did was to remove the silicone. But the ICs have their reference erased/scratched. So it was no possible to identify them easily.
I managed to identify them all (I guess ^^!) The cartridge checks write and read operations on I/O port #7F. Each time the value #35 is written, a counter is incremented. If the port is read and the counter bits 0-1 are "11", the value #DA is returned. A simple BASIC program confirms it.
I used openMSX emulator to add breakpoints when the port #7F is accessed. In this way is somehow easy to find the code that checks the protection. The protections has self-modifying code, as Cas said, and obfuscated code that looks like "garbage" or random data.
After patching those routines, I managed to play the game until the end. But I had to disassemble the final boss logic to find out why I could not defeat him (^^!)
Anyway, to be honest, it has no much merit to crack a MSX game using emulators like openMSX.
You realize that the cartridge is emulated by openMSX, right? Including the logic. BiFi reverse engineered it in 2009, after David donated his cartridge. The emulation code confirms what you wrote 
See https://github.com/openMSX/openMSX/blob/master/src/memory/Ro...
I guess no one ever bothered to crack it! But my remark was more meant for the time when the game came out. At that time, no one ever cracked it. And that may explain why some people thought it didn't exist. (Yeah, think about that!)
So, it wasn't cracked before it was reverse engineered by BiFi. But even after that, one one bothered, it seems
It was some kind of challenge, since Cas said he would like to see a cracked version.
The crack itself was somehow easy (using openMSX). It took more time to test the game and fix the subslot select routine. 
Cool! 
