What is Sentry?
Sentry is a lightweight, real-time crash reporting tool that helps developers track, prioritize, and fix stability issues that diminish app quality. Its integration with Appdome’s security features allows for easier debugging of obfuscated code.
Overview of Sentry Stack Traces with Appdome’s Obfuscate App Logic
Before diving into the de-obfuscation process, it’s important to understand the impact of integrating Appdome’s Obfuscate App Logic with Sentry. This integration results in obfuscated stack traces that are difficult to interpret without the appropriate de-obfuscation keys, thus safeguarding your app’s internal logic by making the stack traces difficult to read without proper de-obfuscation keys. The following sections of this article will guide you through the steps to automatically de-obfuscate these stack traces, starting with a glimpse at how an obfuscated stack trace looks prior to de-obfuscation.
Obfuscate Android Stack Traces using Sentry
Combining Appdome Android Obfuscate App Logic with Sentry will result in obfuscated stack traces in Sentry.
For manual deobfuscation, please follow How to Deobfuscate Crash Stack Traces for Debugging Android Apps when using Obfuscate App Logic
Preparing Your App
To start with the de-obfuscation process, your app needs to first be obfuscated using Appdome’s Obfuscate App Logic security features.
Automatic De-obfuscation of Android Stack Traces Using Sentry
Step 1: Build the feature – Obfuscate App Logic.
1. Upload an app to Appdome’s Mobile App Security Build System
1.1. Upload Method: Appdome Console or DEV-API
1.2. Android Formats:.apk or .aab
1.3. Obfuscate App Logic Compatible withJava, JS, C++, C#, Kotlin, Flutter, React Native, Unity, Xamarin, Cordova, and other Android apps.
2. Build the Obfuscate App Logic feature using Appdome’s DEV-API:
2.1. Create and name the Fusion Set (security template) that will contain the Obfuscate App Logic feature as shown below:
Figure 1: Fusion Set that will contain the Obfuscate App Logic feature
Note:Naming the Fusion Set to correspond to the protection(s) selected is for illustration purposes only (not required).
2.1.2. To add the Obfuscate App Logic feature to this Fusion Set, using the Appdome Console, follow the steps in Sections 2.2.1-2.2.2 of this article, Building the Obfuscate App Logic feature.
2.1.3. Open the Fusion Set Detail Summary by clicking the “…” symbol on the far-right corner of the Fusion Set.
2.1.4. Copy the Fusion Set ID from the Fusion Set Detail Summary (as shown below):
Figure 2: Fusion Set Detail Summary
Note:Annotating the Fusion Set to identify the protection(s) selected is optional only (not mandatory).
2.1.5. Follow the instructions below to use the Fusion Set ID inside any standard mobile DevOps or CI/CD toolkit like Bitrise, App Center, Jenkins, Travis, Team City, Circle CI or another system:
2.1.5.1. Build an API for the app – for instructions, see the tasks under Appdome API Reference Guide
2.1.5.2. Look for sample APIs in Appdome’s GitHub Repository
2.2. To build the Obfuscate App Logic protection using Appdome Console, follow the instructions below.
2.2.1. Where:Inside the Appdome Console, go toBuild>SecurityTab >TOTALCode™ Obfuscationsection.
2.2.2. How:Toggle (turn ON)Obfuscate App Logic, as shown below.
Figure 3: Obfuscate App Logic option
2.2.3. When you select the Obfuscate App Logic, you’ll notice that the Fusion Set you created in step 2.1.1 now bears the icon of the protection category that contains Obfuscate App Logic.
Figure 4: Fusion Set that displays the newly added Obfuscate App Logic protection
2.2.4. Click Build My Appat the bottom of the Build Workflow (shown inFigure 3).
Step 2: Click on Workflow Summary:
Step 3: Download Obfuscation Mapping Files
Step 4: Locate the required files
- mapping.txt
Step 5: Locate your app-UUID from Sentry:
- If Sentry generated a UUID, it can be found in your project settings.
- If you generated a UDID on your own, it can be located in your Android project in ‘manifest.xml’.
For more details on how to generate a UUID, see Sentry documentation: How do I create a GUID / UUID?
Step 6: Run the following CLI command:
sentry-cli upload-proguard --uuid <you project UUID> <path/to/mapping.txt> --org <your organization> --project <project name which attached to the UUID>
From this point forward, every stack trace in Sentry related to this Appdome build will be automatically deobfuscated.
Related Articles:
- How to Obfuscate Java Code in Android Apps
- How to Obfuscate Kotlin Code in Android Apps
How Do I Learn More?
If you have any questions, please send them our way atsupport.appdome.comor via the chat window on the Appdome platform.
Thank you!
Thanks for visitingAppdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.