I need my existing Android APK hardened with SSL pinning so that every outgoing and incoming connection—both GET and POST—remains immune to any man-in-the-middle snooping or packet capture attempts. The source already relies on HTTPS, but that alone is proving insufficient for the security posture I’m after. Your task is to integrate certificate or public-key pinning directly into the networking layer (the build currently uses OkHttp with Retrofit; if you prefer another robust approach such as Volley or native HttpsURLConnection, that is fine as long as the result is rock-solid). Once complete, any request routed through the app must fail gracefully when the pinned certificate or key is absent or tampered with, while continuing to operate normally under legitimate conditions. Deliverable checklist: • Updated code or patch with the pinning logic in place • Clear build/run instructions so I can reproduce the signed APK locally • A brief verification guide showing how a MITM attempt is blocked in both GET and POST scenarios If you have prior examples of shipped apps or open-source contributions where you handled SSL pinning, please mention them—seeing that experience will move things along faster.