Invalid Metadata
Protection ID: invalid_metadata
This protection adds invalid metadata to the modules to prevent the decompiler from rebuilding them.
This protection is available in the editions:
Team Scale Enterprise
How It Works
Invalid metadata protection modifies the .NET assembly metadata in ways that confuse and break decompilers while still allowing the CLR (Common Language Runtime) to execute the code correctly. This protection injects specially crafted metadata structures that are technically valid for runtime execution but cause decompilers to generate errors or invalid code.
The CLR is more forgiving of certain metadata anomalies than decompilers, which typically expect well-formed, standard metadata structures. This protection exploits that difference to create assemblies that run normally but resist decompilation.
Parameters
This protection has no parameters or settings.
Rules configuration
shield.config.json
{
"protections": {
"invalid_metadata": {}
}
}
Modes
- Default: Add invalid metadata to prevent the code from being decompiled.
Code Example
This protection works at the assembly metadata level and doesn't require or show changes in your source code. Its effects are most noticeable when someone attempts to decompile your protected assembly and encounters errors like:
Error: Could not resolve type with token 01000321 from typeref (expected class 'System.Object' in assembly 'mscorlib, Version=4.0.0.0')
Error: Failed to resolve assembly 'AssemblyRef:0x2' at token 0x23000002
Unable to load metadata for module 'YourAssembly.dll'
Exclusions
- Exclude with attribute
Include this attribute in your source code:
[Obfuscation(Exclude = false, Feature = "-invalid_metadata")]
- Exclude from the interface
You can exclude this protection from methods or classes you want using the Shield configuration interface.
When to Use
Invalid metadata protection is most effective when:
- Standalone applications: Applications that are not loaded via reflection by other applications
- Final application builds: End-user applications where the assembly is directly executed
- Desktop applications: Windows applications where the assembly is loaded directly by the OS
- Anti-decompilation strategy: As part of a comprehensive strategy to prevent reverse engineering
Use caution or avoid invalid metadata protection when:
- Plugin systems: Assemblies loaded dynamically as plugins for other applications
- Libraries referenced by reflection: If your code is loaded via reflection by another application
- AOT compilation: Applications using Ahead-of-Time compilation may have issues
- Mobile platforms: Some mobile frameworks perform stricter metadata validation
Invalid metadata can break applications that use reflection to load or inspect your assembly. Do not use this protection on libraries that are dynamically loaded or when your code will be invoked through reflection. This protection is best suited for standalone applications rather than shared libraries or plugins.
Compatibility
| Framework | Compatibility | Comments |
|---|---|---|
| .NET Core | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| .NET Framework | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| .NET (up to 8 version) | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| .NET Standard | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| Xamarin IOS | ❌ | It is pre-checked, but is automatically disabled in most cases. |
| Xamarin Android | ❌ | It is pre-checked, but is automatically disabled in most cases. |
| Xamarin MacOs | ❌ | It is pre-checked, but is automatically disabled in most cases. |
| WPF | ✔ | |
| Blazor | ✔ | |
| .NET Maui | ✔ | |
| Unity | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| ASP | ✔ | |
| Silverlight | ✔ | |
| VBa (Visual Basic) or C# (CSharp) | ✔ | Not recommended if reflection is used or your application is an externally loaded plugin. |
| WinRT | ✔ |
Shield is compatible with all versions of .NET. It automatically adapts to your specific framework, whether you're using .NET 2.0, .NET 4.7, .NET Core 2.1, or Xamarin.Forms 5.0.