top of page
This site was designed with the
.com
website builder. Create your website today.Start Now
Search

IL2CPP: Is it broken?

IL2CPP is suppose to convert your code from intermediate language to instructions for your target platform. This would provide some form of security where others are unable to read your source code.


There are some developments since last year, that the instructions can be reversed back to limited IL, to show variable names and function names.


There seems to be a way to prevent the reverse engineering of instructions to the limited IL, which I have yet to try out. Will be interesting if it works, but there is a slight downside to my method.


In terms of protecting your source code, seems better to obfuscate your code and build with IL2CPP.

Reverse Engineering of Intermediate Language

Intermediate languages like C# can be easily reverse engineered using decompilers. The decompiler will show ALL OF YOUR ORIGINAL SOURCE CODE. This can be damaging to you, as the following might happen:


1. Competitors are able to steal your source codes.

2. Anyone can mod your application (includes code inject) and recompile them.


These are undesirable actions that we as developers do not want. Hence build your application to native binary using tools like IL2CPP when you are using Unity.


For more details on how IL2CPP works and its benefits, click here.

Protecting Data Files

Data Files. One of the easiest files to modify if not handled well. Data files could include save files or data of game elements. They could including things like enemies data (health, attack), item cost, weapon damage. If not handled well, the player could modify these values to the extreme eg. enemy health = 1..


So it is important that we protect our files by encryption or checking the "correctness" of the file through integrity check.


Developers are often confused over hashing and encryption.


Hashing is a one way function, which means that with just the resultant message, it is impossible to get back the original message. Hashing is good for checking integrity of the original message, without needing to know the contents of the message (eg. password, file binary). SHA256 is often used for hashing.


Encryption the message is processed through a certain algorithm using a key and can be reversed as long as you have the key. Encryption is useful when you want to hide the original message from prying eyes, for example game data or game assets. Advanced Encryption Standard(AES) is often used for symmetrical encryption.


bottom of page