Creating a Patch
Configure the Patch
The app developer configures a patch in Rollout’s dashboard.
Sign the Patch
The patch file is signed with a private key, using 2048 bit RSA encryption.
Signed Patch is Stored in the Cloud
The signed patch is stored on secure servers in Amazon’s data centers.
The Patch is Deployed
When the app is started or when the app enters foreground, the SDK fetches the patch over a secure connection.
The SDK then validates the signature and only applies a patch if the signature is valid. If the patch is not signed correctly, the SDK will reject it.
Frequently Asked Questions
- Does Rollout comply to Apple’s Guidelines?
With over 50 million devices already running our SDK, it is safe to say that Rollout is completely aligned with Apple’s development and App Store guidelines.
- Will Rollout impact my app’s performance?
- No. We built Rollout with performance in mind. We took extra precautions to make sure there are no performance penalties for using our SDK. Our SDK is asynchronous, so there is no impact to startup performance. Furthermore, when you apply a patch to a certain function, we only change the runtime (Swizzle) of that function. With regards to file size, the overall app size increase shouldn’t be more than 1-2M. Having said that, we still are constantly working to reduce the footprint of our SDK.
- Will Rollout compromise my app’s security?
- No. From day one, Rollout has been designed and built following strict security guidelines. All communication is encrypted (SSL) and app updates are signed using 2048 bit RSA keys (private and public). In addition, Rollout allows you to remotely disable the SDK from your own code. The SDK does not change your app’s runtime unless you have added a patch to a method; and even then, only the specific method runtime is changed. We already have a few more security features in the pipeline:
- Two-Factor authentication
- Audit logs
- Will Rollout affect my app’s normal networking requests?
- No. While your app is in production, Rollout only makes one request every time your application is launched or goes into foreground. The data that is retrieved is small – about 1KB.