Android Minifyenabled Obfuscation and Shrink

Hello there,
One of the issues we should be aware of when developing an Android application is code security as well as the size of the project we create. By decompiling our project with 3rd party applications, intruders can clone it or, seizing the rest ser-vices, listen to and manipulate the outgoing requests. In today’s topic, we will learn how to ensure code reliability as well as delete unused resources in our project re-ducing its size as much as possible.

For starters we can use Proguard. ProGuard is a tool that helps us minimize, hide and optimize our code. It can be enabled by using the minifyEnabled option for re-lease or debug types. If we want to define Proguard as default, we can add the fol-lowing lines of code to the app gradle.

    android {
        buildTypes {
            dev {
                minifyEnabled true // enables ProGuard
                proguardFiles getDefaultProguardFile('proguard-android.txt'), ''
** The minifyEnabled property does not work when Instant Run is on

By default, if you run proguard this way, the source code gets compressed, but the ob-fuscation process is still incomplete, meaning our code is not yet fully secure. The Android SDK comes with Proguard built in and the default settings are specifiedin proguard-android.txt. The file is the file you need to configure.


Reduces application size by removing unused alternative sources (images, xml, and so on) and combining duplicate resources.

    android {
        buildTypes {
            release {
                shrinkResources true
                minifyEnabled true
                proguardFiles getDefaultProguardFile('proguard-android.txt'),'

Obfuscation options


The various -keep options for shrinking and obfuscation may seem a bit confusing at first, but there’s actually a pattern behind them. The following table summarizes how they are related:


Specifies not to obfuscate the input class files. By default, ProGuard obfuscates the code: it assigns new short random names to classes and class members. It removes internal attributes that are only useful for debugging, such as source files names, variable names, and line numbers.


Specifies not to shrink the input. By default, ProGuard shrinks the code: it removes all unused classes and class members. It only keeps the ones listed by the various -keep options, and the ones on which they depend, directly or indirectly. It also applies a shrinking step after each optimization step, since some optimizations may open up the possibility to remove more classes and class members.

Common Proguard Usages

These options shrink, optimize, and obfuscate the single Android activity com.example.MyActivity:

-keep public class com.example.MyActivity

If you’re using Google’s optional License Verification Library, you can obfuscate its code along with your own code. You do have to preserve itsILicensingService interface for the library to work:

-keep public interface

If you’re using the Android Compatibility library, you should add the following line, to let ProGuard know it’s ok that the library references some classes that are not available in all versions of the API:


These options shrink, optimize, and obfuscate a serialization code.

        -keepclassmembers class * implements {
            static final long serialVersionUID;
            private static final[] serialPersistentFields;
            private void writeObject(;
            private void readObject(;
            java.lang.Object writeReplace();
            java.lang.Object readResolve();

Auxiliary resources