How to integrate ByteHide Shield with .NET projects?

Install the ByteHide.Shield.Integration NuGet package, configure your project token, and build your project. Protection applies automatically during MSBuild compilation.

Which .NET frameworks are supported by Shield?

Shield supports .NET Framework 4.0+, .NET Core 2.0+, .NET 5-8+, .NET Standard, Xamarin, MAUI, Unity, Blazor, ASP.NET, WPF, and WinRT.

How to configure Shield protection settings?

Configure Shield through MSBuild properties, environment variables, or the bytehide.json configuration file. Set protection levels, exclusions, and runtime options.

How to troubleshoot Shield integration issues?

Enable verbose logging, check build output for error messages, verify project token configuration, and ensure compatible .NET version and MSBuild tools.

How to exclude specific assemblies from protection?

Use the ExcludeAssemblies MSBuild property or add exclusion rules in bytehide.json configuration file to skip protection for specific assemblies or namespaces.

How to verify Shield protection was applied?

Check MSBuild output for Shield processing messages, examine protected assembly metadata, or use reflection tools to verify obfuscation was applied.

How to configure Shield for Unity projects?

Install Shield Unity package, configure project token in Unity settings, enable IL2CPP backend, and ensure compatible Unity version (2019.4+).

How to set up Shield in CI/CD pipelines?

Set project token as environment variable, ensure NuGet package restore, configure MSBuild parameters, and handle licensing for build agents.

Configuration Reference

Shield for iOS uses a JSON configuration file to control all aspects of the protection process. This page documents every available option.

Configuration File

Shield reads its configuration from a shield-ios.json file. Generate a default configuration with:

Bash

shield-ios init

shield-ios init

Complete Structure

JSON

{
  "projectToken": "bh_YOUR_TOKEN",

  "protections": {
    "symbol_renaming": true,
    "string_encryption": true,
    "swift_stripping": true,
    "control_flow": "medium",
    "dead_code_injection": "medium",
    "opaque_predicates": "medium",
    "arithmetic_obfuscation": "medium",
    "instruction_substitution": "medium",
    "register_shuffling": "medium",
    "api_hiding": "medium",
    "class_encryption": true,
    "resource_encryption": true,
    "anti_debug": true,
    "anti_jailbreak": true,
    "rasp": true,
    "polymorphic": true
  },

  "code_signing": {
    "identity": "iPhone Distribution: Your Team",
    "provisioning_profile": "path/to/profile.mobileprovision",
    "skip_if_not_macos": true
  },

  "build_integration": {
    "skip_debug": true,
    "skip_simulator": true,
    "verbose": false
  },

  "output": {
    "suffix": "_protected"
  },

  "mapping": {
    "output_file": "mapping.txt",
    "format": "proguard"
  },

  "logging": {
    "level": "info",
    "file": "shield.log",
    "console": true
  }
}

{
  "projectToken": "bh_YOUR_TOKEN",

  "protections": {
    "symbol_renaming": true,
    "string_encryption": true,
    "swift_stripping": true,
    "control_flow": "medium",
    "dead_code_injection": "medium",
    "opaque_predicates": "medium",
    "arithmetic_obfuscation": "medium",
    "instruction_substitution": "medium",
    "register_shuffling": "medium",
    "api_hiding": "medium",
    "class_encryption": true,
    "resource_encryption": true,
    "anti_debug": true,
    "anti_jailbreak": true,
    "rasp": true,
    "polymorphic": true
  },

  "code_signing": {
    "identity": "iPhone Distribution: Your Team",
    "provisioning_profile": "path/to/profile.mobileprovision",
    "skip_if_not_macos": true
  },

  "build_integration": {
    "skip_debug": true,
    "skip_simulator": true,
    "verbose": false
  },

  "output": {
    "suffix": "_protected"
  },

  "mapping": {
    "output_file": "mapping.txt",
    "format": "proguard"
  },

  "logging": {
    "level": "info",
    "file": "shield.log",
    "console": true
  }
}

Project Token

Property	Type	Description
`projectToken`	`string`	Your ByteHide project token (starts with `bh_`). Required for license validation and cloud features. Can also be set via the `SHIELD_PROJECT_TOKEN` environment variable (takes priority over the config file value).

Protections

Each protection can be enabled with true (default settings) or configured with a specific level or options object. See Protections Overview for details on each protection.

Boolean Protections

These protections accept true or false:

Protection	Description
`symbol_renaming`	Rename classes, methods, and properties
`string_encryption`	Encrypt string literals in the binary
`swift_stripping`	Remove Swift metadata and debug symbols
`class_encryption`	Encrypt Objective-C class metadata
`resource_encryption`	Encrypt bundled resources and assets (AES-256)
`anti_debug`	Detect and block debugger attachment
`anti_jailbreak`	Detect jailbroken devices
`rasp`	Runtime Application Self-Protection (hook, trace, and tamper detection)
`polymorphic`	Generate unique binary on each build

Level-Based Protections

These protections accept an intensity level as a string:

Protection	Levels	Description
`control_flow`	`"light"`, `"medium"`, `"aggressive"`	Control flow obfuscation
`dead_code_injection`	`"light"`, `"medium"`, `"heavy"`	Insert unreachable code paths
`opaque_predicates`	`"simple"`, `"medium"`, `"complex"`	Add always-true/false conditions
`arithmetic_obfuscation`	`"simple"`, `"medium"`, `"complex"`	Transform arithmetic operations
`instruction_substitution`	`"simple"`, `"medium"`, `"complex"`	Replace instructions with equivalents
`register_shuffling`	`"simple"`, `"medium"`, `"complex"`	Randomize register allocation
`api_hiding`	`"simple"`, `"medium"`, `"complex"`	Hide system API calls

Set to false to disable any level-based protection.

Protection-Specific Options

Some protections accept an options object for fine-grained control instead of a simple true or level string.

Symbol Renaming Options

JSON

{
  "symbol_renaming": {
    "enabled": true,
    "prefix": "a",
    "rename_classes": true,
    "rename_methods": true,
    "rename_properties": true,
    "rename_protocols": false,
    "exclude": ["AppDelegate", "SceneDelegate", "*Delegate"]
  }
}

{
  "symbol_renaming": {
    "enabled": true,
    "prefix": "a",
    "rename_classes": true,
    "rename_methods": true,
    "rename_properties": true,
    "rename_protocols": false,
    "exclude": ["AppDelegate", "SceneDelegate", "*Delegate"]
  }
}

String Encryption Options

JSON

{
  "string_encryption": {
    "enabled": true,
    "algorithm": "xor",
    "exclude": ["http://*", "https://*"]
  }
}

{
  "string_encryption": {
    "enabled": true,
    "algorithm": "xor",
    "exclude": ["http://*", "https://*"]
  }
}

Anti-Debug Options

JSON

{
  "anti_debug": {
    "enabled": true,
    "ptrace": true,
    "sysctl": true
  }
}

{
  "anti_debug": {
    "enabled": true,
    "ptrace": true,
    "sysctl": true
  }
}

Anti-Jailbreak Options

JSON

{
  "anti_jailbreak": {
    "enabled": true,
    "sensitivity": 1,
    "exit_on_detect": true
  }
}

{
  "anti_jailbreak": {
    "enabled": true,
    "sensitivity": 1,
    "exit_on_detect": true
  }
}

Option	Type	Description
`sensitivity`	`integer`	`0` (Basic), `1` (Standard), `2` (Paranoid)
`exit_on_detect`	`boolean`	Exit the app when jailbreak is detected

RASP Options

JSON

{
  "rasp": {
    "enabled": true,
    "hook_detection": true,
    "trace_detection": true,
    "tamper_detection": true,
    "action": "exit"
  }
}

{
  "rasp": {
    "enabled": true,
    "hook_detection": true,
    "trace_detection": true,
    "tamper_detection": true,
    "action": "exit"
  }
}

Option	Type	Description
`hook_detection`	`boolean`	Detect Frida, Cycript, Substrate hooks
`trace_detection`	`boolean`	Detect dynamic tracing
`tamper_detection`	`boolean`	Detect binary modification
`action`	`string`	`"exit"`, `"alert"`, `"log"`

Code Signing

Property	Type	Description
`code_signing.identity`	`string`	Code signing identity name (e.g., "Apple Development", "iPhone Distribution")
`code_signing.provisioning_profile`	`string`	Path to .mobileprovision file (optional)
`code_signing.skip_if_not_macos`	`boolean`	Skip signing if not on macOS — useful for CI/CD on Linux runners

When to use --no-sign

When using the Xcode post-archive integration, use --no-sign on the command line and let Xcode handle signing during distribution. The code_signing config section is for standalone CLI usage where you want Shield to re-sign the IPA.

Build Integration

Property	Type	Default	Description
`build_integration.skip_debug`	`boolean`	`true`	Skip protection for Debug builds
`build_integration.skip_simulator`	`boolean`	`true`	Skip protection for Simulator targets
`build_integration.verbose`	`boolean`	`false`	Show detailed output during protection

Output

Property	Type	Description
`output.path`	`string`	Full path for the protected output file
`output.suffix`	`string`	Suffix added to the input filename (default: `_protected`)

Mapping

Property	Type	Description
`mapping.output_file`	`string`	Mapping file output path (default: `mapping.txt`)
`mapping.format`	`string`	Mapping file format: `"proguard"`

Logging

Property	Type	Default	Description
`logging.level`	`string`	`"info"`	Log level: `"debug"`, `"info"`, `"warning"`, `"error"`
`logging.file`	`string`	`"shield.log"`	Log file path
`logging.console`	`boolean`	`true`	Enable console output

Configuration Examples

Development (minimal)

JSON

{
  "projectToken": "bh_YOUR_TOKEN",
  "protections": {
    "anti_debug": true,
    "string_encryption": true
  }
}

{
  "projectToken": "bh_YOUR_TOKEN",
  "protections": {
    "anti_debug": true,
    "string_encryption": true
  }
}

Production (recommended)

JSON

{
  "projectToken": "bh_YOUR_TOKEN",
  "protections": {
    "anti_debug": true,
    "anti_jailbreak": true,
    "string_encryption": true,
    "symbol_renaming": true,
    "control_flow": "medium",
    "opaque_predicates": "medium"
  }
}

{
  "projectToken": "bh_YOUR_TOKEN",
  "protections": {
    "anti_debug": true,
    "anti_jailbreak": true,
    "string_encryption": true,
    "symbol_renaming": true,
    "control_flow": "medium",
    "opaque_predicates": "medium"
  }
}

High-Security (maximum)

JSON

{
  "projectToken": "bh_YOUR_TOKEN",
  "protections": {
    "anti_debug": true,
    "anti_jailbreak": {
      "enabled": true,
      "sensitivity": 2,
      "exit_on_detect": true
    },
    "string_encryption": true,
    "symbol_renaming": true,
    "swift_stripping": true,
    "control_flow": "aggressive",
    "dead_code_injection": "heavy",
    "opaque_predicates": "complex",
    "class_encryption": true,
    "resource_encryption": true,
    "rasp": {
      "enabled": true,
      "hook_detection": true,
      "trace_detection": true,
      "tamper_detection": true,
      "action": "exit"
    }
  }
}

{
  "projectToken": "bh_YOUR_TOKEN",
  "protections": {
    "anti_debug": true,
    "anti_jailbreak": {
      "enabled": true,
      "sensitivity": 2,
      "exit_on_detect": true
    },
    "string_encryption": true,
    "symbol_renaming": true,
    "swift_stripping": true,
    "control_flow": "aggressive",
    "dead_code_injection": "heavy",
    "opaque_predicates": "complex",
    "class_encryption": true,
    "resource_encryption": true,
    "rasp": {
      "enabled": true,
      "hook_detection": true,
      "trace_detection": true,
      "tamper_detection": true,
      "action": "exit"
    }
  }
}

Protections Overview - Details on each protection
Build Profiles - Configure different profiles per environment
Exclusions - Exclude specific symbols from protection

Configuration File

Complete Structure

Project Token

Protections

Boolean Protections

Level-Based Protections

Protection-Specific Options

Symbol Renaming Options

String Encryption Options

Anti-Debug Options

Anti-Jailbreak Options

RASP Options

Code Signing

Build Integration

Output

Mapping

Logging

Configuration Examples

Development (minimal)

Production (recommended)

High-Security (maximum)

Related