Hi,
i’ve got a question about permission and encryption.
Is there any chance for a user with " root permission device " ( ex Android ) or and unblocked device ( ex Iphone jailbroken ) to see source file of the app?
Using Dex2Jar and JD-GUI, one can easily obtain the source code to your Android application. Dex2Jar will convert the APK into a Jar file and JD-GUI will read any classes and files in it.
My best recommendation to you is obfuscate wherever possible. Feed your JavaScript through a minifier and make it more trouble than it’s worth for a malicious user to decipher your code.
No matter how you choose to protect your code, if someone wants in bad enough they’re going to get in. The best you can do is make it difficult for them.