FindEncryptionMethod

In this file, we will attempt to figure out which encryption method is used.

In the actual SS application, the content is decrypted once the application is running, and rendering on the phone/tablet screen.
This likely means that the program has to have the decryption key on disk, and is also available even if the device is offline (i.e. no Internet connection).

In Line 4, I meant to say that the decryption key is loaded from storage into memory, and readily decrypts the relevant *.json files when the user makes a call to that file e.g. user buys a bundle for 20 keys, and the wallet.json is updated to reduce the keys value by 20. When the app is closed, the jsons seem to be encrypted again.

It is imperative that the encryption method is identified and can be reliably proven to decrypt the relevant jsons.

List of possible locations (v3.1.1 on an unrooted Samsung Galaxy S9):
Chili
Auth

Other plans:
Create debuggable version of app
Run in emulator
Find memory dumper app
Export to find key.
Build and release decryption software.

Analysis so far:
Looking at supplied Unity documentation on encryption of game data strings, there are a few hard-to-crack-in-reasonable-time methods used.

The most common is Base64(closer to obfuscation, but is trivial to decode), XOR (not used here, it is easy to crack), AES-128/192/256 bit, Blowfish, or RSA.

Encryption methods we can ignore:
- Base64 (cipher text was not decoded into human-readable)
- XOR (ciphertext would have been in binary)
- RSA (a public key and private key makes no sense for this simple data)
- AES (AES performance decreases exponentially as data size gets bigger)

It is most likely symmetric encryption.
Blowfish is the fastest decryption method out there, yet AES is hardware-accelerated, and most modern mobile CPUs do support AES encryption.

Most likely: AES encryption.
Based on previous discussions, we've found that the key is, "C38FB23A402222A0C17D34A92F971D1F", however, the IV has not been found.