Is there a well known accepted method to safeguard the priva kotlinlang #android

Channels

fluid-libraries

jhipster-kotlin

effectivekotlin

effective-kotlin

android-architecture

algolialibraries

stayhungrystayfoolish

pattern-matching

kotlin-data-storage

skia-wasm-interop-temp

squarelibraries

beepiz-libraries

cscenter-course-2016

kotlin-foundation

compose-android

lambdaworld_cadiz

kotlin-pakistan

java-to-kotlin-refactoring

event21-community-content

fb-internal-demo

kotlinprogrammers

kotlinx-datetime

framework-elide

github-workflows-kt

library-development

arrow-contributors

spring-security

pocketgitclient

domain-driven-design

swiss-user-group

refactoring-to-kotlin

ohio-kotlin-users

introduce-yourself

kotlin-by-example

kotlin-multiplatform-contest

graviton-browser

tricity-kotlin-user-group

kotlin-in-action

android-databinding

kotlintest-devs

cincinnati-user-group

codemash-precompiler

kotlingforbeginners

prozis-android-backup

realworldkotlin

connect-audit-events

russian-kotlinasfirst

androidgithubprojects

intellij-tricks

machinelearningbawas

swagger-gradle-codegen

100daysofkotlin

competitive-programming

compose-ui-showcase

androidx-xprocessing

navigation-architecture-component

strife-discord-lib

embedded-kotlin

image-processing

myndocs-oauth2-server

leedskotlinusergroup

kotest-contributors

practical-functional-programming

kotlinultimatechallenge

k2-early-adopters

kotlinforbeginners

compose-desktop

competitivecoding

100daysofkotlin-2021

refreshversions

language-evolution

jvm-ir-backend-feedback

python-contributors

codingconventions

sofl-user-group

getting-started

language-proposals

intellij-plugins

Title

# android

y

Yashwant Gowla

09/29/2023, 8:38 AM

Is there a well-known, accepted method to safeguard the private keys (such those for AWS or Stripe) in the project so they won't leak without permission?

not kotlin but kotlin colored 2

f

Filip Wiesner

09/29/2023, 9:21 AM

Never store private keyes in your app. There are ways to hide/obfuscate the keys but there is always a way for attacker to access them. Also not kotlin but kotlin colored

y

Yashwant Gowla

09/29/2023, 10:02 AM

can you suggest any tool or something?

f

Filip Wiesner

09/29/2023, 10:06 AM

Try hidden-secrets-gradle-plugin but again, nothing is secure when present in installation APK

y

Yashwant Gowla

09/29/2023, 10:07 AM

can we use secret manager or vault such as Google secret manager or Hashicorp vault?