Securely #

Securely is a Flutter plugin that provides a lightweight runtime security framework for applications running on Android, iOS, macOS, Linux, Windows and web. Its goal is to help developers detect common hostile environments such as attached debuggers, rooted or elevated processes, emulators/virtual machines and instrumentation tools like Frida.

All checks are performed on the host platform via native code and exposed to Dart through a single MethodChannel API. The library is intentionally simple and extensible; it raises the cost of dynamic analysis but is not intended to be a panacea for determined attackers.

🔍 Project Overview #

1. Runtime threat detection – no build‑time obfuscation, only live checks.
2. Cross‑platform support – consistent API across mobile and desktop.
3. Modular platform-specific implementations – each platform (including a minimal web stub) implements its own heuristics.
4. Tests and example app – demonstrating usage and verifying channel behavior.

🧩 Planned Enhancements #

The current release provides individual boolean checks; the next phase will add higher‑level features:

1. Unified Security Result #

A single method that aggregates all detectors and returns a JSON‑like map:

{
  "debugger": false,
  "rooted": false,
  "emulator": true,
  "frida": false
}

This simplifies usage in applications that need to evaluate multiple signals at once.

2. Simple Runtime Response #

A lightweight rule engine that can execute predefined actions when threats are observed, for example:

• Terminate the application
• Disable sensitive SDKs or UI components
• Emit telemetry/log entries for later analysis

The engine will be configurable from Dart and able to run automatically on startup.

3. Secure Storage #

Integrate an encrypted storage facility to protect secret keys or configuration data. Features will include:

• AES‑GCM encrypted file store
• Key derivation and rotation APIs
• Platform‑specific secure key storage (Keychain, Keystore, DPAPI, etc.)

Other long‑term ideas include advanced Frida/hook detection, memory tampering sensors, and a full policy engine with developer‑facing configuration.

🏗 Architecture #

Flutter App (Dart)
│
├── Securely API (securely.dart)
├── MethodChannel ("securely")
│
└── Native Plugins
    ├─ Android (Kotlin)
    │   ├─ debugger
    │   ├─ root
    │   ├─ emulator
    │   └─ frida
    ├─ iOS / macOS (Swift)
    ├─ Linux (C++)
    └─ Windows (C++)

Each native implementation exports the same four methods and may add more helpers internally for future features.

📦 Project Structure #

securely/
├── android/             # Android plugin code & tests
├── ios/                 # iOS plugin code
├── macos/               # macOS plugin code
├── linux/               # Linux plugin code
├── windows/             # Windows plugin code
├── lib/securely_web.dart # Web plugin implementation
├── lib/                 # Dart API (securely.dart)
├── example/             # Example Flutter application
├── test/                # Dart unit tests
├── README.md            # (this file)
├── pubspec.yaml
└── ...                 # build tooling, docs, etc.

🔧 Usage #

Call the exposed static methods from Dart:

bool debug = await Securely.isDebuggerDetected();
bool root  = await Securely.isRootDetected();
bool emu   = await Securely.isEmulatorDetected();
bool frida = await Securely.isFridaDetected();

Wrap these in your own security logic or wait for the unified result API when it lands.

🎯 Goals & Philosophy #

• Provide runtime protection for Flutter apps.
• Increase the attack cost for reverse engineers and dynamic analysts.
• Serve as a research/educational project in mobile and desktop application security.

⚠️ Limitations #

No detection is bulletproof; motivated adversaries may bypass checks. Securely is meant to be part of a broader defense‑in‑depth strategy.

🚀 Future Work #

• Unified security result & response engine (see above).
• Secure encrypted storage with key management.
• Native C/C++ detectors for lower‑level access.
• Risk scoring and policy configuration.
• Integration with CI/CD to alert when new threats are discovered.

For detailed platform implementation and contribution guidelines, consult the source directories and existing code comments.