I hope this message finds you well. I am currently working with a RN project that involves compiling JavaScript into bytecode using Hermes. Given that Hermes inherently converts JS into bytecode, which is already challenging to reverse-engineer, I have a question regarding the additional use of a code obfuscator for the resulting bundle.js file.
Is there any practical benefit or added security in applying a code obfuscator to bundle.js in this context? My understanding is that the bytecode conversion by Hermes already provides a level of obfuscation.
Thank you for your time and assistance
Taking into account existing solutions designed specifically to decompile Hermes bytcode, it's "obfuscation" is as good as non existent. It took me 5 minutes to decompile
index.android.bundleinto somewhat readable js, including the time to find a tool.So yes, if you're worried about source code security, additional js obfuscation is a must.