First of all, look at the problem objectively.
The context of consideration of a specific security case is not clear to me, to protect the application from listening to traffic by the user himself? Or protect the user from possible MiTM attacks? Or, bet on a feature, and "save" on protecting your infrastructure / backend.
Using popular libraries, you can make life easier for the developer, and proportionally easier for the attacker. You can use custom methods for wrapping sources, complicating the task of reversing, but not excluding its success.
Actually, if it is categorically important to preserve the format of communication with the server, tunneling can be used. Telegram as an example. But the sorts will still give exit points. Well, it will take more effort, time and knowledge to solve the problem, but in general there are no unsolvable problems. It's only a matter of time.. If not today, then tomorrow the update will be skipped, published on 0day, and everything will go to hell.
You can dig deeper, you can spend a lot of money and time on developing at least a non-standard system (I met it in experience, it was a decent amount of time to kill, but adding complexity only interest). Absolutely ideally protected architecture unfortunately does not exist.
Actually the decision - on the first line.