How does Firebase prevent attackers from accessing a Firebase Database when app credentials are stored inside the APK?

Question

Because according to several sources;

How to avoid reverse engineering of an APK file?

it\'s impossible to prevent an app from being reverse engineered, and Fir

Answer 1

You should not distribute the secret at all in the apps. It should not be needed there.

However, you should setup the Firebase Security rules so that any client is only allowed to do the "safe" stuff.