Securing Your Code Using ProGuard In Android

Hello Developers have you ever given a thought about securing your code so that no one could look at it by reverse engineering your apk. If yes then this blog will help you learning about ProGuard. Proguard is a tool which shrinks,optimize and obfuscate your code. It removes unused code and changes classes, variables name to unreadable form so that it is hard to reverse engineer your .apk. The other advantage of  ProGuard tool is it reduces the size of your .apk file. Important points about ProGuard tool in android are:

• Android build system already comes integrated with ProGuard tool so you do not have to do anything extra.
• ProGuard tool only runs in release mode so that in debug mode you don’t have to deal with obfuscate code.
• ProGuard is completely optional but it is highly recommended that you use this in release mode.

Now for using ProGuard in your project perform the following steps:

• Go to project-properties file which is present in the root folder of your project.
• Edit this file and uncomment the “proguard.config” line and assign the path of your sdk like this “proguard.config=/home/ankitkhare/Android/Sdk/tools/proguard/proguard-android.txt:proguard-project.txt“(as i am using ubuntu so i have given this path in windows it would be like “E:/android/sdk/tools/proguard/proguard-android.txt:proguard-project.txt” or where ever your sdk is installed).
• If you are using Android Studio then in your project  you must have file named proguard – rules.pro and the build.gradle. Inside build.gradle add android { buildTypes { release { // Following lines to run progaurd in android. minifyEnabled true proguardFiles getDefaultProguardFile(‘proguard-android.txt’), ‘proguard-rules.pro’ } }
• Then export your project in release mode.
• Once you are done with this there would be a ProGuard folder added to your project(If not then there must be some error).

Now navigate to your .apk file(the path of apk you mentioned while exporting application) and unzip it. Open any file and you will see that the file is in unreadable form to be more precise it is Obfuscated. I have created a demo project https://github.com/ankitkhare0804/ProguardDemo In next part would cover the important points to remember  while using ProGuard, how to use retrace and also debugging considerations for published applications. Hope you found this helpful. Thanks for reading :).