Issues with AOT compilation

AOT compilation is about encoding Java code into native code, which not only greatly improves the running speed of Java programs, but also indirectly achieves the goal of protecting Java code by converting it into machine code.

For Java programs, especially for Java programs based on various frameworks, AOT compilation is a huge challenge due to the inclusion of many dynamic features. Meanwhile, to compromise with the dynamism, the compiled binary file may still contain a large amount of class file information. The following article introduces a project that scans the compiled binary file to obtain class information. https://protector4j.com/articles/extract-java-classes-information-from-aot/

Even if the binary program does not contain class file information, its execution logic is still the same, but the representation has changed from bytecode representation to machine code representation, without any special protection. If one can understand its own compilation and execution mechanism, it is still possible to reverse-engineer readable code. The following article introduces such a project.

https://protector4j.com/articles/graalvm-nativeimage-reverse-engineering/

Conclusion

The AOT compilation configuration is difficult, with a high probability of compilation failure. Even if the compilation is successful, the code logic is only converted from bytecode representation to machine code representation, and its own running logic still exists without any special protection. If one can understand its compilation and running mechanism, readable code can still be reverse-engineered.