ProGuard manual > Examples > Producing useful obfuscated stack traces
The SourceFile attribute is required, because Oracle/Sun’s Java virtual machine otherwise does not include line numbers in stack traces, which is what you really want (and which is quite harmless on its own). I haven’t checked if this is true for Android’s Dalvik virtual machine.
As for a solution, ProGuard can keep the SourceFile attribute but replace its contents by a meaningless string of your choice, e.g.
-renamesourcefileattribute SourceFile
The value of the string is not important for interpreting the stack traces. Picking a string like “SourceFile” avoids increasing the class file sizes, because this string is already present by definition.