anticlone-sdk
v2.0.1
Published
SDK for generating app fingerprints and protecting against clone/fake apps
Downloads
5
Maintainers
gauravbirarisReadme
AntiClone SDK
A comprehensive SDK for generating app fingerprints and protecting against clone/fake apps. Works with mobile app projects, APK files, and IPA files.
Features
- 🔍 Fingerprint Generation: Create unique fingerprints from project directories or compiled apps
- 🛡️ Clone Detection: Protect your apps against unauthorized clones
- 📱 Multi-Platform: Support for Android (APK) and iOS (IPA) apps
- 🔐 Developer Authentication: Secure credential-based uploads
- 📊 Detailed Analysis: Extract app characteristics and metadata
- 🚀 Easy Integration: Simple API and CLI interface
Installation
npm install anticlone-sdkQuick Start
1. Register as Developer
# Using CLI
npx anticlone register
# Or programmatically
const AntiCloneSDK = require('anticlone-sdk');
const sdk = new AntiCloneSDK();
await sdk.registerDeveloper({
developerName: 'Ranjeet Singh',
companyName: 'MyCompany Pvt. Ltd.',
email: '[email protected]',
contactInfo: {
phone: '+1234567890',
website: 'https://mycompany.com'
}
});2. Configure SDK
# Using CLI
npx anticlone config
# Or programmatically
sdk.setCredentials('your-developer-id', 'your-api-key');3. Generate Fingerprint
# From project directory
npx anticlone fingerprint ./my-app-project
# From APK/IPA file
npx anticlone fingerprint ./myapp.apk fingerprint.json4. Upload to Database
npx anticlone upload fingerprint.jsonProgrammatic Usage
Basic Setup
const AntiCloneSDK = require("anticlone-sdk");
const sdk = new AntiCloneSDK({
apiBaseUrl: "https://sentinel-api-aryc.onrender.com", // Optional
timeout: 30000, // Optional
});
// Set your credentials
sdk.setCredentials("your-developer-id", "your-api-key");Generate Fingerprint from Project
const appInfo = {
appId: "com.mycompany.myapp",
appName: "My Awesome App",
version: "1.0.0",
packageName: "com.mycompany.myapp",
};
const fingerprint = await sdk.generateFingerprintFromProject(
"./my-app-project",
appInfo
);
console.log("Generated fingerprint:", fingerprint.overallHash);Generate Fingerprint from APK/IPA
const fingerprint = await sdk.generateFingerprintFromFile(
"./myapp.apk",
appInfo
);
console.log("File fingerprint:", fingerprint.overallHash);Upload Fingerprint
const result = await sdk.uploadFingerprint(fingerprint);
console.log("Upload successful:", result.id);Get Developer Profile
const profile = await sdk.getDeveloperProfile();
console.log("Profile:", profile.profile);CLI Commands
| Command | Description | Example |
| -------------------- | ------------------------- | ----------------------------------- |
| register | Register as new developer | anticlone register |
| config | Configure SDK credentials | anticlone config |
| fingerprint <path> | Generate fingerprint | anticlone fingerprint ./app |
| upload [file] | Upload fingerprint | anticlone upload fingerprint.json |
| profile | Show developer profile | anticlone profile |
| help | Show help | anticlone help |
Fingerprint Structure
The SDK generates comprehensive fingerprints containing:
For Project Analysis
- Project Structure: Directory tree and file organization
- Source Code: Hashed analysis of all source files
- Dependencies: Package.json, build.gradle, Podfile analysis
- Assets: Images, resources, and media files
- Developer Credentials: Hashed authentication data
For Binary Analysis (APK)
- Manifest: AndroidManifest.xml analysis
- Certificates: Code signing certificates
- DEX Files: Compiled Dalvik bytecode
- Resources: Android resources and assets
- Native Libraries: Architecture-specific libraries
For Binary Analysis (IPA)
- Info.plist: iOS app configuration
- Executable: Main binary analysis
- Frameworks: Embedded frameworks
- Resources: iOS resources and assets
- Certificates: Code signing information
Sample Fingerprint Structure
The SDK generates comprehensive fingerprints containing the extracted features, mostly hashed. For example:
{
"appId": "com.example.app",
"appName": "Example App",
"version": "1.0.0",
"fileType": "project",
"overallHash": "sha256_hash_of_entire_fingerprint",
"fingerprints": {
"javascript": {
"main.js": {
"hash": "file_hash",
"size": 1024,
"imports": ["react", "lodash"],
"functions": ["handleClick", "validateInput"]
}
},
"android": {
"MainActivity.java": {
"hash": "file_hash",
"packages": ["com.example.app"],
"classes": ["MainActivity"]
}
},
"config": {
"package.json": {
"hash": "file_hash",
"size": 512
}
}
},
"developerCredentials": {
"developerId": "dev-xxx",
"timestamp": "2024-01-01T00:00:00Z",
"credentialHash": "developer_auth_hash"
},
"metadata": {
"totalFiles": 42,
"projectSize": 1048576,
"analysisTimestamp": "2024-01-01T00:00:00Z"
}
}Developer Registration Process
For use of the SDK, developers must be registered in the anticlone system:
1. Contact anticlone Team
- Email: [email protected] (for Beta testing)
- Subject: Developer registration for Anticlone SDK
- Provide company details, app portfolio, and relevant verification documents
- Alternatively, the registration can be done through CLI: 'npx anticlone register'.
- Details can be entered through CLI and later the email communication should be done for verification.
2. Verification Process
- Identity verification
- Company/individual developer verification
- App portfolio review
- Security assessment
3. Receive Credentials
Once verified, you'll receive:
- Developer ID: Unique identifier for your account
- Passkey: Secure authentication key
- API Key: For database access
4. Credential Security
- Store credentials securely (environment variables recommended)
- Never commit credentials to version control
- Rotate passkey periodically
- Report any security incidents immediately
API Reference
Constructor
const sdk = new AntiCloneSDK(options);Options:
apiBaseUrl(string): API server URL (default: Sentinel API)timeout(number): Request timeout in ms (default: 30000)
Methods
setCredentials(developerId, apiKey)
Configure developer authentication credentials.
registerDeveloper(developerInfo)
Register new developer account.
Parameters:
developerName(string): Developer namecompanyName(string): Company nameemail(string): Email addresscontactInfo(object): Contact information
generateFingerprintFromProject(projectPath, appInfo)
Generate fingerprint from project directory.
generateFingerprintFromFile(filePath, appInfo)
Generate fingerprint from APK/IPA file.
uploadFingerprint(fingerprint)
Upload fingerprint to database.
getDeveloperProfile()
Get developer profile information.
Security Features
- Hash-based Fingerprints: All content hashed with SHA-256
- Developer Authentication: Secure credential verification
- Version Control: Each app version has unique fingerprint
- Tamper Detection: Detects unauthorized modifications
- Clone Prevention: Identifies fake/clone apps
File Support
Project Directories
- JavaScript/TypeScript projects
- React Native apps
- Android projects (Java/Kotlin)
- iOS projects (Swift/Objective-C)
- Hybrid apps (Cordova/PhoneGap)
Compiled Apps
- Android: APK files
- iOS: IPA files
Error Handling
The SDK provides detailed error messages:
try {
await sdk.uploadFingerprint(fingerprint);
} catch (error) {
console.error("Upload failed:", error.message);
// Handle specific error cases
}Common errors:
Missing authentication headers: Credentials not setDeveloper account is not verified: Account pending verificationFingerprint for this app version already exists: Duplicate uploadInvalid file type: Unsupported file format
Configuration File
The CLI creates .anticlone.json in your project:
{
"developerId": "dev-xxx",
"apiKey": "your-api-key"
}Best Practices
- Version Control: Generate new fingerprints for each app version
- Secure Storage: Keep API keys secure and never commit to version control
- Regular Updates: Update fingerprints when releasing new versions
- Verification: Verify developer account before uploading fingerprints
- Testing: Test fingerprint generation in development environment
Support
- API Documentation: Sentinel API Docs
- Issues: Report bugs on GitHub
- Email: Contact support team
License
MIT License - see LICENSE file for details.