but how does it work? is it just protecting it from being hex edited or is it just to make the code look weird?
both
it's an easy / fast / low-security encryption
its just protecting the code from reverse engineer doing static analysis
but its kinda useless because in runtime it will load to memory and everything will be visible