Is There A Way To Use Proguard With Monodroid?

Our development team just (mostly) finished an Android app using MonoDroid in Visual Studio. Because it has to do with banking, we wanted to try to obfuscate it in order to add so

Solution 1:

The Mono for Android toolchain doesn't have any support for running proguard at the moment.

However, with one broad exception, the lack of proguard support is largely moot. Proguard only runs on Java bytecode. The Mono for Android architecture has the Mono runtime running in the process; .NET CIL is not "compiled" into Java bytecode, the CIL is JITed by Mono. The only Java code running around is for Android Callable Wrappers, which allow Java/Android to call into managed code.

Thus the only thing proguard will protect in a Mono for Android app is the generated Android Callable Wrappers, which largely consists of a bunch of native method declarations. There won't be any business logic to decompile in the Android Callable Wrappers.

Instead, the CIL assemblies are stored uncompressed in the .apk file. The assemblies in turn can be decompiled to obtain all your business logic. The solution here is to obfuscate the assemblies before embedding them into the .apk. There are reports that Xenocode's Postbuild 2010 can be used, though I don't know any of the details on how to hook this up.

The exception mentioned above relates to any custom Java code included in the build proces via the AndroidJavaSource and AndroidJavaLibrary Build actions, which would be used to include such things as the AdMob library. For this scenario we should add proguard support to the build process, though I have no ETA on when proguard support will be added.