- Home /
How to protect my project from decompiling?
The Unity3d compile my project into a package which will be later in my platform. Here comes a question. Is it safe? I think there is a possibility to decompile the source from this package. Anyway to protect it? Thanks
Answer by YoungDeveloper · Dec 16, 2013 at 11:40 AM
Unfortunately you can't, the only way to somehow keep your data save is by using online data streaming, but they are still cached, so its really a pain the the arse. You could use code obfuscation tools, some are even in asset store, they will make the code physically unreadable, but im not sure if it will stay that way after decompression.
I know this one:
Also, i forgot to mention that you can .dll files, but they still can be crackable.
If the obfuscation tool does a good job a rena$$anonymous$$g methods and variables etc, it should render decompiled code unreadable(not unbuildable), so while they may get something from the code, this may take a long time to figure out everything. Having methods called A, B, AB, BC, etc, makes thing difficult.
Yes, but certain things can't be changed that easily, for example class names since Unity uses the class name in the serialization data. As well as all the callback function names have to stay the same (Update/Awake/Start/OnCollisionEnter/...)
You can of course duplicate the project when finished and run an editor script that renames all script files in Unity (to keep asset links) and refactor all classnames in all scripts.
Also using Coroutines a lot can be frustrating for an attacker since most decompiler can't decompile unitys IEnumerator blocks. However i'm pretty sure there are some that can manage this as well.
I actually created a question related to security question some time ago. $$anonymous$$ost likely, considering codeguard price, it does not really obfuscates it on lower level, which would prevent it from real hacking. I did quite a research, it turns out, to really obfuscate a code dynamically you need to code a custom compiler which will take your code and then recompile it changing all the data, variables, etc, by implementing complex high end math equations, plus changing stuff to unreadable.
For example, if the hacker will get to your unity build assembler code (even if it will be totally obfuscated), the hacker could still understand something from it because of the function declarations and if else checks, because of them you can see where and what starts and overall script structure. One of the ways to deal with this problem is to get rid of if else and small functions, and ins$$anonymous$$d use single long switch case. From cases run code which is called from other cases, and so on. When the code will be compiled and obfuscated, it will be one big pile of mess, you wont be able to tell where is the start, what is called from where or what is the order.
Of course this is a lot of work, serious game creating companys use recompiler what i mentioned, which can take any script and turn it into complete mess and changing it on lowest level.
So this sure is a very interested topic to talk about.
I'm most interested at the dll method. But how to do that in os like iOS ? The shared library is not allowed.