# 06. Root Detection & Obfuscation (R8/ProGuard)

meta:
  id: android-production-06
  feature: android-production
  priority: P1
  depends_on: []
  tags: [security, hardening, production]

objective:
- Enable code obfuscation with R8/ProGuard and implement root detection to protect the app on compromised devices

deliverables:
- R8/ProGuard enabled in release builds
- Root detection implementation
- Anti-tampering measures
- Code obfuscation rules

steps:
1. Enable R8/ProGuard:
   - Set isMinifyEnabled = true in app/build.gradle.kts (currently false)
   - Set isShrinkResources = true
   - Add proguard-rules.pro with keep rules:
     - Keep tRPC model classes (for serialization)
     - Keep Retrofit interfaces
     - Keep Compose navigation routes
     - Keep Dagger/Hilt modules
2. Configure ProGuard rules:
   - Keep all data model classes (User, Alert, Exposure, etc.)
   - Keep Retrofit service interfaces
   - Keep Hilt/Dagger components
   - Keep Compose preview functions
   - Keep enum values used in serialization
3. Implement root detection:
   - Use RootBeer or similar library
   - Check for common root indicators:
     - su binary presence
     - Busybox installation
     - Test keys build
     - Dangerous props
   - Add custom checks for Magisk
4. Define root response:
   - Degrade functionality (no biometric, no payments)
   - Alert backend of root detection
   - Allow basic monitoring features
5. Add anti-tampering:
   - Verify app signature at runtime
   - Check installer source (Google Play)
   - Detect debug mode in release builds
   - Detect emulator usage
6. Test obfuscation:
   - Build release APK/AAB
   - Verify classes obfuscated
   - Test app functionality after obfuscation
   - Verify no crashes from missing classes

tests:
- Build: Release build succeeds with R8 enabled
- Security: Root detection works on rooted device
- Functionality: App works correctly after obfuscation

acceptance_criteria:
- R8/ProGuard enabled (isMinifyEnabled = true)
- Resource shrinking enabled (isShrinkResources = true)
- ProGuard rules preserving all necessary classes
- Root detection active with multiple methods
- App degrades gracefully on rooted devices
- Backend alerted when root detected
- Code obfuscated in release builds
- Anti-tampering verifying app signature
- No crashes from obfuscation
- Release APK/AAB size reduced by >30%

validation:
- Build release → succeeds, no ProGuard warnings
- Decompile release APK → classes obfuscated
- Run on rooted device → degraded mode activated
- Run on non-rooted device → full functionality
- Check size → release build smaller than debug

notes:
- R8 is the modern replacement for ProGuard in Android
- isMinifyEnabled = false currently — this is a critical security gap
- Root detection can be bypassed — use as defense in depth
- Keep rules are critical — missing keeps cause runtime crashes
- Test thoroughly after enabling R8 — many issues only appear in release