How to integrate ByteHide Shield with .NET projects?

Install the ByteHide.Shield.Integration NuGet package, configure your project token, and build your project. Protection applies automatically during MSBuild compilation.

Which .NET frameworks are supported by Shield?

Shield supports .NET Framework 4.0+, .NET Core 2.0+, .NET 5-8+, .NET Standard, Xamarin, MAUI, Unity, Blazor, ASP.NET, WPF, and WinRT.

How to configure Shield protection settings?

Configure Shield through MSBuild properties, environment variables, or the bytehide.json configuration file. Set protection levels, exclusions, and runtime options.

How to troubleshoot Shield integration issues?

Enable verbose logging, check build output for error messages, verify project token configuration, and ensure compatible .NET version and MSBuild tools.

How to exclude specific assemblies from protection?

Use the ExcludeAssemblies MSBuild property or add exclusion rules in bytehide.json configuration file to skip protection for specific assemblies or namespaces.

How to verify Shield protection was applied?

Check MSBuild output for Shield processing messages, examine protected assembly metadata, or use reflection tools to verify obfuscation was applied.

How to configure Shield for Unity projects?

Install Shield Unity package, configure project token in Unity settings, enable IL2CPP backend, and ensure compatible Unity version (2019.4+).

How to set up Shield in CI/CD pipelines?

Set project token as environment variable, ensure NuGet package restore, configure MSBuild parameters, and handle licensing for build agents.

Protections Overview

Shield provides 9 protections plus class repackaging that work individually or together to create layered security for your Android application. 7 protections are available via the Gradle DSL; 2 additional protections (Reference Proxy and Resource Protection) are available exclusively through the CLI/JSON config.

Protection Categories

Code Obfuscation

These protections make your code harder to understand when decompiled:

Protection	CLI/JSON Name	DSL Property	Effect
Name Obfuscation	`NameObfuscation`	`nameObfuscation`	Renames classes, methods, and fields to short meaningless identifiers
Control Flow Obfuscation	`ControlFlowMatrix`	`controlFlowObfuscation`	Restructures method logic with opaque predicates and dead code paths
Reference Proxy	`ReferenceProxy`	CLI/JSON only	Redirects method and field calls through generated proxy methods

Data Protection

These protections hide sensitive data embedded in bytecode:

Protection	CLI/JSON Name	DSL Property	Effect
String Encryption	`StringEncryption`	`stringEncryption`	Encrypts string literals, decrypted at runtime
Constant Mutation	`ConstantMutation`	`constantMutation`	Replaces numeric constants with arithmetic expressions
Resource Protection	`ResourceProtection`	CLI/JSON only	Encrypts embedded resources within the JAR/APK

Runtime Protections

These protections detect and respond to attacks at runtime:

Protection	CLI/JSON Name	DSL Property	Effect
Anti-Debug	`AntiDebug`	`antiDebug`	Detects debuggers, Frida, Xposed, and instrumentation tools
Anti-Tamper	`AntiTamper`	`antiTamper`	Verifies application integrity, detects package modifications
Debug Removal	`DebugInfoRemoval`	`debugRemoval`	Strips debug metadata from bytecode

Repackaging

Option	CLI/JSON Name	DSL Property	Effect
Repackage Classes	`repackageClasses`	`repackageClasses`	Moves all classes into a single flat package, eliminating the original package structure
Repackage Target	`repackageClassesTargetPackage`	`repackageClassesTargetPackage`	Target package name (default `"a"`)

Recommended Configurations

Baseline — `mobile` preset

For most Android applications. Safe and effective:

Kotlin

shield {
    preset("mobile")
    // Enables: stringEncryption, constantMutation, debugRemoval, antiDebug
}

shield {
    preset("mobile")
    // Enables: stringEncryption, constantMutation, debugRemoval, antiDebug
}

Standard — `server` preset

For backend JVM apps or Android apps that need name obfuscation:

Kotlin

shield {
    preset("server")
    // Enables: stringEncryption, constantMutation, debugRemoval, nameObfuscation
}

shield {
    preset("server")
    // Enables: stringEncryption, constantMutation, debugRemoval, nameObfuscation
}

Maximum — `aggressive` preset

For financial, healthcare, or other security-critical applications:

Kotlin

shield {
    preset("aggressive")
    // Enables: ALL protections + repackageClasses
}

shield {
    preset("aggressive")
    // Enables: ALL protections + repackageClasses
}

If R8 is enabled (minifyEnabled true), override nameObfuscation = false after the preset and let R8 handle renaming.

Protection Compatibility

All 9 protections can be enabled simultaneously. They are applied in a specific order to avoid conflicts:

Debug Removal (strips metadata)
String Encryption (encrypts literals)
Constant Mutation (transforms constants)
Reference Proxy (redirects calls through proxies)
Resource Protection (encrypts embedded resources)
Name Obfuscation (renames identifiers)
Control Flow Obfuscation (restructures logic)
Anti-Debug (injects runtime checks)
Anti-Tamper (injects integrity verification)

Excluding Elements from Protection

Use annotations to exclude individual classes, methods, or fields from protection:

Java

@Keep                      // Exclude from ALL protections
@DoNotObfuscate            // Exclude from name obfuscation only
@Exclude(protections = {"StringEncryption"})    // Exclude from specific protections

@Keep                      // Exclude from ALL protections
@DoNotObfuscate            // Exclude from name obfuscation only
@Exclude(protections = {"StringEncryption"})    // Exclude from specific protections

Protection names for annotations and per-protection exclusions: StringEncryption, ConstantMutation, DebugInfoRemoval, NameObfuscation, ControlFlowMatrix, AntiDebug, AntiTamper, ReferenceProxy, ResourceProtection.

Use excluded packages to skip entire package trees.

Annotations — Fine-grained protection control
Excluded Packages — Skip entire packages
Best Practices — Recommendations for production deployments

Protection Categories

Code Obfuscation

Data Protection

Runtime Protections

Repackaging

Recommended Configurations

Baseline — mobile preset

Standard — server preset

Maximum — aggressive preset

Protection Compatibility

Excluding Elements from Protection

Related

Baseline — `mobile` preset

Standard — `server` preset

Maximum — `aggressive` preset