I have an Android APK whose login routine I need to understand in detail. The original source code is no longer available, so the only way forward is to reverse-engineer the package, trace the user-authentication flow, and document exactly how it works—from input handling all the way to any server-side calls, token generation, or encryption that might be in play. Speed matters: I would like an initial pass as soon as possible, with clear, readable output that lets me see the control flow and security measures at a glance. Deliverables I expect: • Decompiled code (Java or smali) focused on the authentication classes • A concise technical report explaining each step in the login process, external endpoint details, and any crypto routines discovered • Recommendations on potential vulnerabilities or areas for improvement, if they surface during analysis Feel free to use whatever tooling you prefer—JADX, apktool, Ghidra, or other favorite reverse-engineering utilities—as long as the final material is well organized and easy to follow.