stackoom
  简体   繁体   中英

Drag & Drop app builder licensing. How do I make sure the source code won't be decompiled and re-used?

 原文  2020-02-08 12:01:25       android/ ios/ node.js/ react-native/ encryption

Question

I'm working on a drag and drop app builder. The concept is simple: users can build their apps visually, then the app's settings get turned into a configuration file which will be used by the app to decide how to construct itself (which views should be shown, how should the navigation look like, etc.)

My main concern is once the users download the apk (or ipa) file, they can decompile it, change things in the configuration file and re-compile/re-sign it to be published as a brand new app.

I was thinking about putting part of the logic on server side but that would introduce me the following problems:

  • If 1000 people built and published an app with my software, and each app sends only 10,000 daily requests to my server, that's already 10,000,000 requests per day, which would be pretty expensive.

  • If my server is down for any reason, I will have a lot of angry users coming at me.

Got any ideas?

2 answers

solution1
 0  2020-02-08 13:00:55

There is no exact way of stopping decompilation/reverse engineering process of android app or apk !

But there Some chances to reduce the scope of code visiblity after decompilation/reverse engineering process !

Here are some habits I am sharing

1) Put important code on a Server : You may rely on remote procedure calls to a well protected server. This reduces the chance of your codes being stolen as the code will always remain on the server and nothing other than the results can be seen.

2) Debugger Detection Techniques : Insted of using the hard coated values or string use some formula or encryption methods which can help to hide the actual values

3) Write important parts of code in C/C++ :You can also write the important parts of your code in C/C++ and add them as a compiled library. While it can be disassembled into assembly code , reverse engineering a large library from assembly is extremely time-consuming. Java is easier to decompile in comparison to C/C++.

These are some key habits which are be taken care by good developer , You should also check out this answer as well !

solution2
 0  2021-12-23 14:57:57

Huh, I knew it wasn't possible to stop the decompilation/reverse engineering process on any android app. But, I thought maybe everything was possible! Like, perhaps something has changed since then, but no. Basically, I use the same steps as Nisarg Jani described. But, you have to pay some special attention to the C++ code. Any mistake will destroy everything that you have built to that moment.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Google Play app copy protection, licensing. can this be added later? Android app licensing. Using Titanium appcelerator instead of eclipse How much code can be re-used from Xamarin Android to Xamarin Windows How do you refer to separate instances of elements of a re-used layout in Android? How do I make sure that Glide won't downsample my image? How do you create a jar file of classes that can be re-used by multiple Android projects? How can I write a single function that can be re-used by multiple fragments to navigate to a singular destination? How can I correctly implement custom back navigation in a re-used, nestable fragment? How to make my Android library source code visible when a user adds the gradle dependency (so code doesn't have to be decompiled in Android Studio) How to make sure bots won't create many users on my app?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM