Code used for McEliece cryptosystem

The "seed" code is known (via $G$) to everyone including the attacker, but the actual code used is unknown. The seed code coordinates are permuted on the right ($P$) after an invertible transformation $S$ applied on the left, forming a trapdoor. $S,P$ are secret. If the permuted generator matrix is $hat{G}$ we have $$ hat{G}=SGP. $$

If the attacker finds the (unpermuted) generator matrix, then they can just decode as explained in the next paragraph.

If the received ciphertext is $c=c'oplus e,$ where $e$ is the noise vector added for security, and $c'=mhat{G},$ the legitimate recipient can do $$ hat{c}=cP^{-1}, $$ and can decode $hat{c}$ to $hat{m}$ using the standard decoding algorithm for the code. Finally she can compute $$ m=hat{m}S^{-1}. $$ You can check in a routine way this works.

Edit: To clarify where the security comes from, the masking via permutation and matrix multiplication produces an equivalent “pseudorandom” code with similar properties to the original code.

So the equivalent decoding problem looks like a decoding problem for a random code, and since decoding a random code is difficult, the strength resides in the multiplication and permutation, they are trapdoor information available only to the authorized decoder.

Note that the noise added must not be beyond the correction capability of the code. If it was, the legitimate receiver might decode to the wrong codeword even with the trapdoor information or fail to decode to the correct codeword.