Skip to content

Releases: GrapheneOS/Auditor

80

11 May 23:18
@thestinger thestinger
80
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
c1461c9
Compare
Choose a tag to compare
80 Latest
Latest

Notable changes in version 80:

  • add support for Pixel 8a with either the stock OS or GrapheneOS
  • update Kotlin to 1.9.24
  • update Android Gradle plugin to 8.4.0
  • update Guava library to 33.2.0
  • update AndroidX Core library to 1.13.1
  • update Material Components library to 1.12.0
  • remove redundant style configuration found by lint

A full list of changes from the previous release (version 79) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

79

19 Apr 21:00
@thestinger thestinger
79
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
8f9384d
Compare
Choose a tag to compare
79

Notable changes in version 79:

  • modern Material 3 UI overhaul
  • use edge-to-edge layout
  • update CameraX library to 1.3.3
  • update AndroidX Core library to 1.13.0
  • update Bouncy Castle library to 1.78
  • update Guava library to 33.1.0
  • update ZXing library to 3.5.3
  • update Gradle to 8.7
  • update Android Gradle plugin to 8.3.2
  • update Kotlin to 1.9.23

A full list of changes from the previous release (version 78) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

78

19 Dec 15:29
@thestinger thestinger
78
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
6887c46
Compare
Choose a tag to compare
78

Notable changes in version 78:

  • update CameraX library to 1.3.1
  • update Bouncy Castle library to 1.77
  • update Guava library to 33.0.0
  • update Material Components library to 1.11.0
  • update Gradle to 8.5
  • replace deprecated Gradle functionality

A full list of changes from the previous release (version 77) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

77

13 Nov 01:03
@thestinger thestinger
77
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
1a22849
Compare
Choose a tag to compare
77

Notable changes in version 77:

  • update CameraX library to 1.3.0
  • update Gradle to 8.4
  • update Kotlin to 1.9.20
  • update NDK version to 26.1.10909125 instead of using the older default set by the Android Gradle plugin

A full list of changes from the previous release (version 76) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

76

12 Oct 16:39
@thestinger thestinger
76
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
63e98d0
Compare
Choose a tag to compare
76

Notable changes in version 76:

  • add support for Pixel 8 and Pixel 8 Pro
  • update Guava library to 32.1.3

A full list of changes from the previous release (version 75) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

75

08 Oct 13:24
@thestinger thestinger
75
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
033fc19
Compare
Choose a tag to compare
75

Notable changes in version 75:

  • reschedule remote verification after OS updates to get the updated information submitted as soon as possible
  • update SDK to 34 (Android 14)
  • update target API level to 34 (Android 14)
  • add low-level ACCESS_NETWORK_STATE permission required by API 34 to schedule jobs depending on network availability
  • reduce network timeouts to 30s from 60s
  • update CameraX library to 1.3.0-rc02
  • update AndroidX Preference library to 1.2.1
  • update Material library to 1.10.0
  • update Guava library to 32.1.2
  • update Bouncy Castle library to 1.76
  • update ZXing library to 3.5.2
  • update Kotlin to 1.9.10
  • update Gradle to 8.3
  • update Android Gradle plugin to 8.1.1
  • update Android build tools to 34.0.0
  • replace deprecated onBackPressed() callback
  • remove workarounds for fixed SDK and library issues

A full list of changes from the previous release (version 74) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

74

24 Jul 05:07
@thestinger thestinger
74
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
1822a72
Compare
Choose a tag to compare
74

Notable changes in version 74:

  • move to official Android key attestation library
  • update CameraX library to 1.3.0-beta01
  • update Bouncy Castle library to 1.75
  • update Gradle to 8.2.1
  • update Android Gradle plugin to 8.0.2
  • update Kotlin to 1.8.22
  • simplify certificate validation error handling

A full list of changes from the previous release (version 73) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

73

28 Jun 16:32
@thestinger thestinger
73
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
9a6ca45
Compare
Choose a tag to compare
73

Notable changes in version 73:

  • add Pixel Fold support
  • add new attestation protocol version 5 with updated DEFLATE dictionary to make QR codes easier to scan from current generation devices using remote key provisioning (protocol version 4 is still supported)

A full list of changes from the previous release (version 72) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

GrapheneOS users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 4

72

20 Jun 22:05
@thestinger thestinger
72
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
40ee574
Compare
Choose a tag to compare
72

Notable changes in version 72:

  • add Pixel Tablet support
  • update Bouncy Castle library to 1.74
  • update Guava library to 32.0.1
  • improve code style

A full list of changes from the previous release (version 71) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

GrapheneOS users must obtain GrapheneOS app updates through our app repository since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 3

71

05 Jun 18:23
@thestinger thestinger
71
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
SSH Key Fingerprint: AhgHif0mei+9aNyKLfMZBh2yptHdw/aN7Tlh/j2eFwM Learn about vigilant mode.
f7537cc
Compare
Choose a tag to compare
71

Notable changes in version 71:

  • simplify error message for enforced StrongBox
  • enforce StrongBox for new 7th generation Pixel pairings (was previously not enforced since we weren't able to use StrongBox for the first few months after the launch of the Pixel 7 and Pixel 7 Pro due to a remote key provisioning bug fixed after we reported it)
  • enforce attest key for new pairings when supported
  • drop already disabled attest key downgrade support (existed to work around a bug in the 6th generation Pixel implementation of attest keys which was fixed after we reported it)
  • add new key attestation root certificate
  • drop support for builds not using pairing-specific attest keys
  • drop legacy per-user encryption enforcement (per-user encryption is the only supported mode on Android 13 and above, which is our focus)
  • drop legacy developer preview detection
  • simplify multiple aspects of the implementation
  • update CameraX library to 1.3.0-alpha07

A full list of changes from the previous release (version 70) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

GrapheneOS users must obtain GrapheneOS app updates through our app repository since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

Assets 3