We’ve managed to de-compile and data mine the latest Android build of Pokemon GO – 0.37.0. We are really happy to announce that Pokemon GO support is coming to Android Wear.

The tools we used are regular reverse engineering utilities for Android developer: 7zip for initial probing, dex2jar to de-compile and jd-gui to inspect the code.

Here’s what we found out:

  • Android app contains a whole new pokemongoplus project referencing Pokemon GO implementation on Android Wear
  • The code implementation is marked as complete and release ready
  • Android Watch will also use Bluetooth to communicate with your Android Smartphone
  • The communication between the smartphone app and your Android watch is encrypted (AES)
  • Pokemon GO Plus works in the background – it is not required to keep the smartphone app opened while playing on the watch
  • A variety of Android Wear devices smart watches are supported – the code scans for watch characteristics and adapts accordingly
  • Some Android Wear devices work with iOS also. The data mined implementation suggest you’ll be able to use an Android smartwatch and pair it with iOS

Here’s the code and data mining report, in lay mans terms!

Android Wear Support

The first hint that Pokemon GO is coming to Android Wear came in the form of a newly added project inside the 0.37.0 APK file. The project is named pokemongoplus and contains the entire Android and Android Wear implementation of GO Plus platform.

GO Plus referenced in the Android version of Pokemon GO
GO Plus referenced in the Android version of Pokemon GO

The final confirmation was discovered inside a file called R.class. The class contains constants that are used elsewhere in the code. We found references to Android Wear, related Google and Android Wear utility services.

[...]
    public static final int common_android_wear_notification_needs_update_text = 2131165188;
    public static final int common_android_wear_update_text = 2131165201;
    public static final int common_android_wear_update_title = 2131165199;
[...]

We went deeper to explore the contents of the project and we found that this build contains the 1.0 version of GO Plus support. In other words, the release ready version.

public final class BuildConfig
{
  public static final String APPLICATION_ID = "com.nianticlabs.pokemongoplus";
  public static final String BUILD_TYPE = "release";
  public static final boolean DEBUG = false;
  public static final String FLAVOR = "";
  public static final int VERSION_CODE = 1;
  public static final String VERSION_NAME = "1.0";
}

Background operation

We were also able to confirm that GO Plus works in the background. The BackgroundService.class file revealed the entire implementation and actions that will operate in the background. In layman terms, GO Plus can do the following while running in the background:

  • Track and Capture Pokemon
  • Retrieve one or multiple items
  • Notify the Android app on various errors: out of Pokeballs, inventory full, etc

Here’s the entire class signature we data mined:

GO PLUS background operations
GO PLUS background operations

There is a multitude of other interesting classes and methods in the new APK. We were surprised to see that the smartphone app will detect connected device’s capabilities and adjust accordingly.

The app uses a “bridge” to verify the capabilities of the connected Android Wear device. Afterwards, it configures the Characteristics using the getCharacteristicCount() method:

package com.nianticlabs.pokemongoplus.ble;
import com.nianticlabs.pokemongoplus.ble.callback.CompletionCallback;

public abstract class Service
{
  public abstract void discoverCharacteristics(CompletionCallback paramCompletionCallback);
  ...omitting code for article brevity
}

And yes, you read the code correctly – Niantic’s Pokemon GO Plus framework is called ble!

Encryption

We also discovered that the Bluetooth communication between the smartphone and watch is encrypted. The code is completely transparent and shows that Niantic uses AES to encrypt the communication. AES stands for Advanced Encryption Standard and it is considered safe from real time decryption. It’s widely used, secure and easy to implement. Kudos to Niantic for keeping our data safe! 🙂

public class Crypt
{
  private static final String ALGORITHM = "AES/CTR/NoPadding";
  private static final SecureRandom secureRandom = new SecureRandom();  
  public static byte[] encryptNonce(byte[] paramArrayOfByte1, byte[] paramArrayOfByte2)
  {
      ...omitting code implementation for article brevity
  }
}