GrapheneOS

Security and privacy focused mobile OS with Android app compatibility. We focus on developing substantial privacy and security improvements.

Toronto, Ontario, Canada

Pinned Repositories

AttestationServer
attestation.app remote attestation server. Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remote attestation implementation with email alerts to go along with the local implementation based on QR code scanning in the app.
Language:Java129 11 7146
Auditor
Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
Language:Java565 28 11186
Camera
Modern camera app focused on privacy and security with QR & barcode scanning.
Language:Java1.1k 23 306100
grapheneos.org
Main website servers
Language:HTML540 31 158161
hardened_malloc
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
Language:C1.5k 48 140103
os-issue-tracker
Issue tracker for GrapheneOS Android Open Source Project hardening work. Standalone projects like Auditor, AttestationServer and hardened_malloc have their own dedicated trackers.
443 45 4.8k23
PdfViewer
Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. CSP is used to enforce that the JavaScript and styling properties within the WebView are entirely static.
Language:Java795 27 110111
platform_bionic
Hardened Android standard C library. Some of the past hardening has not yet been ported from Marshmallow, Nougat and Oreo to this Android Pie repository. Most is available via archived tags in https://github.com/AndroidHardeningArchive/platform_bionic (check both the most recent Oreo and Nougat tags).
Language:Assembly123 13 039
platform_manifest
Repo manifest for the GrapheneOS mobile privacy and security hardening project.
391 32 0110
Vanadium
Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS repositories and doesn't include patches not relevant to the build targets used on GrapheneOS.
Language:Shell1.3k 36 45780

GrapheneOS's Repositories

GrapheneOS/Vanadium
Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS repositories and doesn't include patches not relevant to the build targets used on GrapheneOS.
Language:Shell1.3k 36 45780
GrapheneOS/PdfViewer
Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. CSP is used to enforce that the JavaScript and styling properties within the WebView are entirely static.
Language:Java795 27 110111
GrapheneOS/Auditor
Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
Language:Java565 28 11186
GrapheneOS/grapheneos.org
Main website servers
Language:HTML540 31 158161
GrapheneOS/platform_manifest
Repo manifest for the GrapheneOS mobile privacy and security hardening project.
391 32 0110
GrapheneOS/AttestationServer
attestation.app remote attestation server. Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remote attestation implementation with email alerts to go along with the local implementation based on QR code scanning in the app.
Language:Java129 11 7146
GrapheneOS/apps.grapheneos.org
Application repository
Language:Python59 8 1916
GrapheneOS/platform_packages_apps_GmsCompat
Language:Kotlin54 8 026
GrapheneOS/platform_packages_apps_Updater
Automatic background updater for modern Android. See https://github.com/GrapheneOS/script/blob/15/generate_metadata.py for the server metadata generation tool.
Language:Java42 8 4745
GrapheneOS/script
Scripting for generating signed production releases of AOSP and metadata for the Updater app along with partially automated maintenance of out-of-tree patch sets.
Language:Shell40 6 044
GrapheneOS/platform_packages_apps_Seedvault
Language:Kotlin31 2 013
GrapheneOS/platform_external_Camera
Camera app prebuilt using the latest official release of the Camera app.
Language:Makefile29 8 018
GrapheneOS/grapheneos.network
Servers for HTTP/HTTPS connectivity checks, HTTPS network time, NTP (for Qualcomm XTRA), Broadcom PSDS cache, Samsung PSDS cache, Qualcomm PSDS (XTRA) cache, SUPL proxy, attestation key provisioning proxy and Vanadium component update check/download proxy. It also has a network location proxy and geocoding proxy for future use.
Language:Shell19 2 37
GrapheneOS/platform_packages_apps_NetworkLocation
Language:Kotlin18 4 03
GrapheneOS/vendor_state
GrapheneOS adevtool state for all supported devices.
18 5 013
GrapheneOS/platform_external_PdfViewer
PdfViewer app prebuilt using the latest official release of the PdfViewer app.
Language:Makefile13 3 012
GrapheneOS/discuss.grapheneos.org
Discussion forum server
Language:Shell12 5 54
GrapheneOS/platform_external_GmsCompatConfig
Built from https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/tree/15/config-holder
Language:Makefile12 4 08
GrapheneOS/platform_external_talkback
Language:Makefile11 4 010
GrapheneOS/platform_external_Auditor
Auditor app prebuilt using the latest official release of the Auditor app.
Language:Makefile10 5 08
GrapheneOS/platform_external_AppStore
9 4 010
GrapheneOS/platform_packages_apps_AppCompatConfig
Language:Kotlin8 4 02
GrapheneOS/kernel_manifest-pixel
Kernel manifest for the Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL and Pixel 9 Pro Fold.
7 1 02
GrapheneOS/platform_packages_apps_DeskClock
Language:Java7 3 017
GrapheneOS/platform_packages_apps_ExactCalculator
Language:Java7 3 019
GrapheneOS/platform_packages_apps_LogViewer
Language:Java7 3 34
GrapheneOS/platform_packages_apps_CarrierConfig2
Language:Java6 2 02
GrapheneOS/platform_packages_apps_SetupWizard2
Language:Kotlin6 4 2110
GrapheneOS/kernel_manifest-6.6
Kernel manifest for the Generic Linux 6.6 kernel.
5 1 01
GrapheneOS/platform_frameworks_base
Language:Java3 1 021