source code of kivy apk are not secure

[Degenerate Tech]

i have build some  apps ..but one thing is kivy apk are not secure. Any anyone  can decompile it...and get source code 

[planckp...@gmail.com]

Yes, this is not a surprise, the docs describe how to do it:

https://python-for-android.readthedocs.io/en/latest/troubleshooting/#unpacking-an-apk

Of course this requires a copy of the apk, consider the Google Store as a way to prevent users getting a copy.

[Degenerate Tech]

but how to protect ..them or some important API keys ?

--
You received this message because you are subscribed to a topic in the Google Groups "Kivy users support" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/kivy-users/ZulAi_Nmoxg/unsubscribe.
To unsubscribe from this group and all its topics, send an email to kivy-users+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/kivy-users/a92a524b-830d-4800-8cdf-489f8581a992n%40googlegroups.com.

[Pranav Balaji Pooruli]

But APKPure puts your APK on their website no matter what. And there are lots of APK downloaders for Google Play.

--
You received this message because you are subscribed to the Google Groups "Kivy users support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kivy-users+...@googlegroups.com.

[planckp...@gmail.com]

This question is much more general than an apk, Python, or Kivy.

The short answer is always, you can't keep secure keys in a program.

What ever the language, where ever the software, eventually somebody will find the keys.

The only thing you can do is make it hard, not worth their time.

Keys could be provided externally at runtime, a password is a simple example.

Since crypto keys can be unfriendly to humans, consider keeping the crypto key on a server passed to the user when they login.

Security is a very specialized and complex issue, the above is to start you thinking.......