Update: August 5 2025
We appreciate your valid concerns and questions around the security and safety of CalyxOS.
First, we want to assure you that we have no reason to believe the security of CalyxOS and its signing keys have been compromised.
As you know, we announced a recent leadership transition. When senior personnel have access to signing keys and leave a team, it is security best practice to update signing keys and conduct audits. So in accordance with that, we are using this transition period to update our security protocols, including updating the signing keys and taking other steps to further protect our users.
In the past, security audits have been conducted for parts of CalyxOS, such as the
Seedvault project, but not for the entire project. As more and more people across the globe started using this tool, we intend to conduct a broader security audit and publish the reports for the public to review.
As mentioned in our community letter below, we estimate that this audit and the implementation of new security protocols and signing keys will take four to six months, but we will endeavor to complete this process as soon as possible. However, for the time being, current CalyxOS users will not be able to receive further security software updates until our new security protocols are in place.
Without security updates, we can only be honest that this does not guarantee the level of security we strive for, especially when global threats to privacy and human rights are at a critical moment. That is why in the meantime we have posted the recommendation that people who are running CalyxOS should uninstall the OS and follow our
community channels for updates, including when the latest version of CalyxOS becomes available again.
In case you wish to migrate to another custom ROM in the meantime, we’ve now published updated guides on how to back up and restore your device using
Seedvault and how to
restore your device to stock.
We also understand that many community members have expressed interest in having an installation option/images for CalyxOS available again. Due to the overwhelming feedback from our community, we’ve decided to
make the images publicly available once more.
Please be aware that this decision is not a recommendation to migrate to CalyxOS now.
Please note that, just as current users will not receive further software updates without reinstalling CalyxOS when future updates are released, any device installing CalyxOS in the near future will also need to reinstall it. We want to ensure that all users are well informed before deciding to install CalyxOS at this time.
Again, we are very sorry for this development and we thank you for giving us—the project and more importantly the team—tremendous trust and support. We are doing our very best on our end, and are committed to keeping CalyxOS secure and this decision is a result of that commitment.
