Android - How to check Proguard obfuscation has worked?

android proguard obfuscation

28,010

Solution 1

In your project directory you will find a Proguard folder, in which you will see four text files:

dump.txt

Describes the internal structure of all the class files in the .apk file

mapping.txt

Lists the mapping between the original and obfuscated class, method, and field names. This file is important when you receive a bug report from a release build, because it translates the obfuscated stack trace back to the original class, method, and member names. See Decoding Obfuscated Stack Traces for more information.

seeds.txt

Lists the classes and members that are not obfuscated

usage.txt

Lists the code that was stripped from the .apk

Source: Proguard

Hope this helps!

Solution 2

Here is probably a more visual way to check. In the newer release of Android Studio, it comes with the APK Analyser that let user explore what is in the APK file and it is handy to check if your class has been obfuscated.

Below image shows that both package and method name have been obfuscated

Solution 3

Proguard workflow:

seeds.txt - list of what Proguard keeps. These are entry points and they nodes. For example for bare java it is a main function and others dependencies
usage.txt - list of what Proguard does not keep
mapping.txt - info about old and new naming in old_name -> new_name format. It can be used for decoding stacktrace by retrace or proguardui
dump.txt - describe everything that Proguard put into the result archive

You can find output

<module_name>/build/outputs/mapping/<buildType>/

You can use Analyze APK tool. Where you can look thought .class files, add a Proguard mapping file, show removed nodes, show deobfuscated names

28,010

ban-geoengineering

Updated on July 09, 2022

Comments

ban-geoengineering almost 2 years

I have obfuscated my apk, but the file size has only been reduced from 12MB to 10.5MB.

The reason it is only a relatively small reduction may be because my app uses a couple of large libraries, but is there any way I can check the level of obfuscation that has been performed?

Just in case, this is my proguard-project.txt file...

# To enable ProGuard in your project, edit project.properties
# to define the proguard.config property as described in that file.
#
# Add project specific ProGuard rules here.
# By default, the flags in this file are appended to flags specified
# in ${sdk.dir}/tools/proguard/proguard-android.txt
# You can edit the include path and order by changing the ProGuard
# include property in project.properties.
#
# For more details, see
#   http://developer.android.com/guide/developing/tools/proguard.html

# Add any project specific keep options here:

# If your project uses WebView with JS, uncomment the following
# and specify the fully qualified class name to the JavaScript interface
# class:
#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
#   public *;
#}

-dontwarn twitter4j.**

...and the libraries I'm using are android-support-v4.jar, acra-4.5.0.jar and twitter4j-core-4.0.2.jar.

basti12354 about 7 years

Thanks for this answear. You can find this tool in Android Studio -> Buld -> Analyze APK...
D B over 6 years

These files are saved at <module-name>/build/outputs/mapping/release/