How to protect CODE TAMPERING in Flutter?

Avon Mobility Solutions

unread,

Apr 12, 2021, 12:10:46 AM4/12/21

to Flutter Development (flutter-dev)

I'm new to Flutter and I'm creating an app in Flutter. Currently I'm going through some of the security points. One of which is "Code Tampering".

How to protect the app from code tampering & code injection? In Native Android, we use to check verify the Release key Signature so that we can avoid code tampering. Is there any plugin or any way to do the same in Flutter? Thanks in advance.

Suzuki Tomohiro

unread,

Apr 12, 2021, 12:40:10 AM4/12/21

to Flutter Development (flutter-dev)

Let’s say your app is responsible to detect code tampering. How can you ensure that your tampering detection logic itself is not tampered? A tampered logic would always say “This app is not tampered”.

On Mon, Apr 12, 2021 at 00:10 Avon Mobility Solutions <avon.and...@gmail.com> wrote:

I'm new to Flutter and I'm creating an app in Flutter. Currently I'm going through some of the security points. One of which is "Code Tampering".
How to protect the app from code tampering & code injection? In Native Android, we use to check verify the Release key Signature so that we can avoid code tampering. Is there any plugin or any way to do the same in Flutter? Thanks in advance.

--
You received this message because you are subscribed to the Google Groups "Flutter Development (flutter-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to flutter-dev...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/flutter-dev/eee2270f-e733-4c0b-b8ac-9282ec3e03a3n%40googlegroups.com.

Avon Mobility Solutions

unread,

Apr 12, 2021, 2:50:45 AM4/12/21

to Flutter Development (flutter-dev)

Thanks for your respnse.

Agreed. But we can prevent the distribution of the modified app using signed key verification.

"In Native Android, we use to verify the Release key Signature so that we can avoid code tampering."

So I'm asking the solution for release key signature verification so that we can avoid the modified app to be distributed.

Is there any plugin available for this or any other way to do it?

Suzuki Tomohiro

unread,

Apr 12, 2021, 7:38:21 AM4/12/21

to Avon Mobility Solutions, Flutter Development (flutter-dev)

> In Native Android, we use to verify the Release key Signature so that we can avoid code tampering.

Who is “we”? Android or you?

Android as a OS can detect tampering. But I don’t think you can do that with a plugin.

To view this discussion on the web visit https://groups.google.com/d/msgid/flutter-dev/8266bf75-cd5a-4bd1-a5a5-baaeab7880a9n%40googlegroups.com.

Reply all

Reply to author

Forward