Invalid Code
Protection ID: invalid_code
This protection adds invalid code to the methods so that decompilers cannot interpret them.
This protection is available in the editions:
Team Scale Enterprise
How It Works
Invalid code protection inserts syntactically correct but semantically invalid IL (Intermediate Language) instructions into your methods. These instructions are strategically placed so they are never executed at runtime, but they confuse and break most decompilers.
When a decompiler attempts to process these invalid IL sequences, it typically fails and cannot generate proper C# or VB.NET code. Since the invalid instructions are never executed, there's no impact on your application's functionality or performance.
Invalid code added in the methods is not executed, for this reason it does not affect the operation or performance of the applications in a negative way.
Parameters
This protection has no parameters or settings.
Rules configuration
shield.config.json
{
"protections": {
"invalid_code": {}
}
}
Modes
- Default: Add invalid instructions to prevent the method code from being decompiled.
Code example
- Before:
var key = "https://www.bytehide.com";
string password = "admin";
- After:
/* An exception occurred when decompiling this method (06000001) ICSharpCode.Decompiler.DecompilerException:
Error decompiling System.Void Testnetcoreapp30.Program::Main(System.String[]) ---> System.Exception:
Inconsistent stack size at IL_1A en ICSharpCode.Decompiler.ILAst.ILAstBuilder.StackAnalysis(MethodDef methodDef)
en C:\projects\dnspy\Extensions\ILSpy.Decompiler\ICSharpCode.Decompiler\ICSharpCode.Decompiler\ILAst\ILAstBuilder.cs:line 443
en ICSharpCode.Decompiler.ILAst.ILAstBuilder.Build(MethodDef methodDef, Boolean optimize, DecompilerContext context)
en C:\projects\dnspy\Extensions\ILSpy.Decompiler\ICSharpCode.Decompiler\ICSharpCode.Decompiler\ILAst\ILAstBuilder.cs:line 269
en ICSharpCode.Decompiler.Ast.AstMethodBodyBuilder.CreateMethodBody(IEnumerable`1 parameters, MethodDebugInfoBuilder& builder)
en C:\projects\dnspy\Extensions\ILSpy.Decompiler\ICSharpCode.Decompiler\ICSharpCode.Decompiler\Ast\AstMethodBodyBuilder.cs:line 112 en
ICSharpCode.Decompiler.Ast.AstMethodBodyBuilder.CreateMethodBody(MethodDef methodDef, DecompilerContext context, AutoPropertyProvider
autoPropertyProvider, IEnumerable`1 parameters, Boolean valueParameterIsKeyword, StringBuilder sb, MethodDebugInfoBuilder& stmtsBuilder)
en C:\projects\dnspy\Extensions\ILSpy.Decompiler\ICSharpCode.Decompiler\ICSharpCode.Decompiler\Ast\AstMethodBodyBuilder.cs:line 88 ---
End of internal exception stack tracking --- en ICSharpCode.Decompiler.Ast.AstMethodBodyBuilder.CreateMethodBody (MethodDef methodDef,
DecompilerContext context, AutoPropertyProvider autoPropertyProvider, IEnumerable`1 parameters, Boolean valueParameterIsKeyword, StringBuilder sb,
MethodDebugInfoBuilder& stmtsBuilder) en C:\projects\dnspy\Extensions\ILSpy.Decompiler\ICSharpCode.Decompiler\ICSharpCode.Decompiler\Ast\AstMethodBodyBuilder.cs:line
92 en ICSharpCode.Decompiler.Ast.AstBuilder.<>c__DisplayClass89_1.<AddMethodBody>b__0()
en C:\projects\dnspy\Extensions\ILSpy.Decompiler\ICSharpCode.Decompiler\ICSharpCode.Decompiler\Ast\AstBuilder.cs:line 1531 */"
Exclusions
- Exclude with attribute
Include this attribute in your source code:
[Obfuscation(Exclude = false, Feature = "-invalid_code")]
- Exclude from the interface
You can exclude this protection from methods or classes you want using the Shield configuration interface.
When to Use
Invalid code protection is most effective when:
- Protecting sensitive logic: Code containing proprietary algorithms or business rules
- Licensing mechanisms: Methods responsible for license validation
- Security checks: Authentication or authorization logic that shouldn't be analyzed
- Intellectual property: Any code you specifically want to prevent others from viewing
Use caution or avoid invalid code protection when:
- Reflection-based loading: If your methods are loaded or invoked via reflection, this protection might cause issues
- Plugin architectures: Applications that serve as plugins to other systems may experience problems
- Mobile applications: Some mobile platforms have stricter verification that might reject invalid code
- AOT compilation: Applications using Ahead-of-Time compilation may have issues with invalid code
Invalid code protection is not recommended for libraries or components that are loaded via reflection or used as plugins in other applications. It works best in standalone applications where you control the entire execution environment.
Compatibility
| Framework | Compatibility | Comments |
|---|---|---|
| .NET Core | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| .NET Framework | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| .NET (up to 8 version) | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| .NET Standard | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| Xamarin IOS | ❌ | It is pre-checked, but is automatically disabled in most cases. |
| Xamarin Android | ❌ | It is pre-checked, but is automatically disabled in most cases. |
| Xamarin MacOs | ❌ | It is pre-checked, but is automatically disabled in most cases. |
| WPF | ✔ | |
| Blazor | ✔ | |
| .NET Maui | ✔ | |
| Unity | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| ASP | ✔ | |
| Silverlight | ✔ | |
| VBa (Visual Basic) or C# (CSharp) | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| WinRT | ✔ |
Shield is compatible with all versions of .NET. It automatically adapts to your specific framework, whether you're using .NET 2.0, .NET 4.7, .NET Core 2.1, or Xamarin.Forms 5.0.