Telegram

CALYXOS PROGRESS REPORT - CEREMONY PREPARATION QPR PORTS AND FOSDEM

CalyxOS Progress Report: Ceremony Preparation, QPR Ports, and FOSDEM

As we navigate the intricate landscape of mobile privacy and open-source development, our commitment to transparency and technical excellence remains unwavering. We are thrilled to present this comprehensive progress report detailing the significant strides CalyxOS has made in recent months. This report encompasses three critical pillars of our ongoing development: the finalization of our secure key provisioning infrastructure, the systematic porting of our operating system to the latest Android Quarterly Platform Releases (QPR), and our strategic community engagement initiatives, highlighted by our upcoming presence at FOSDEM 2026.

We understand that for the privacy-conscious user, the integrity of the software supply chain is just as important as the features the operating system offers. Therefore, we are dedicating substantial resources to ensure that every CalyxOS device is built upon a foundation of uncompromising security. This progress report provides a deep dive into the technical specifics of our HSM-based key ceremony preparation, the engineering challenges associated with the Android 16 QPR1 and QPR2 ports, and the vital role our community plays in the ecosystem’s growth.

Securing the Future: The Final Open HSM-Based Key Provisioning Plan

The integrity of any mobile operating system relies heavily on the security of its cryptographic keys. These keys sign the operating system updates, verify the boot chain, and ensure that the software running on a device is authentic and untampered. We have been working tirelessly on an Open Hardware Security Module (HSM) based key provisioning plan that sets a new standard for transparency in the industry.

The Importance of Hardware Security Modules in Mobile Privacy

Unlike proprietary solutions that rely on closed-source hardware and software, our approach leverages open-source firmware and auditable hardware. A Hardware Security Module is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto-processing. By utilizing an open HSM architecture, we eliminate the “black box” vulnerability often associated with traditional secure elements.

We are finalizing the infrastructure that will allow us to generate and store the cryptographic keys used for signing CalyxOS builds in a highly secure, air-gapped environment. This ensures that even we, the developers, do not have direct access to the private keys once the ceremony is complete. This separation of duties is critical for maintaining trust. The private keys will reside within the tamper-resistant boundaries of the HSM, and all signing operations will occur inside the secure enclave.

Preparing for the Key Ceremony: Auditing and Finalization

We are currently in the final stages of the auditing process for our key provisioning plan. This phase is crucial; it involves a meticulous review of our cryptographic protocols, the hardware configuration of our HSM setup, and the procedural workflows involved in the key generation ceremony.

The auditing process is designed to verify several critical components:

Once the audit is complete, we will proceed with the Key Ceremony. This is not merely a technical procedure but a ritual of trust establishment. During the ceremony, a multi-party computation (MPC) approach or multi-signature scheme will likely be employed to ensure that no single individual holds the full capability to compromise the system. We are preparing to document this event comprehensively, providing the community with verifiable proof that the keys securing their devices were generated in a trusted environment.

Impact on Device Trust and Supply Chain Security

The implementation of this HSM-based provisioning plan has profound implications for the security of CalyxOS devices. It establishes a verifiable root of trust. When a user flashes CalyxOS onto their device, the update mechanism verifies the cryptographic signature against the public key derived from our secure ceremony. With the new open HSM infrastructure, we are mitigating risks associated with insider threats and supply chain attacks.

This initiative aligns with our philosophy of Defense in Depth. We are not relying solely on software-based security; we are hardening the hardware layer to protect against sophisticated attacks. This level of security is typically reserved for enterprise-grade solutions, but we believe it is a necessary standard for consumer privacy devices.

Adapting to New Standards: Android 16 QPR1 Ports and QPR2 Planning

Staying current with the upstream Android Open Source Project (AOSP) is a perpetual challenge that requires a dedicated engineering team. With the release of Android 16, we are actively porting CalyxOS to the new platform, ensuring that our users benefit from the latest security patches, performance improvements, and feature sets while maintaining our privacy-centric modifications.

The Technical Challenges of Android 16 QPR1 Porting

Porting an operating system to a new Android version is a massive undertaking. It involves rebasing our custom frameworks—such as the Camera Go implementation, the Auditor app, and our network permission toggles—onto the new AOSP codebase.

For Android 16 QPR1 (Quarterly Platform Release 1), we are focusing on the following technical areas:

Extended Support for Legacy Devices

A key aspect of our porting effort is maintaining extended support for devices that may not be officially supported by Google anymore. We believe in the right to repair and the longevity of hardware. While upstream AOSP support may drop for older devices, we are backporting critical security patches and driver updates to ensure that older generations of supported hardware remain secure and functional on Android 16 QPR1.

This involves significant effort in maintaining our own device trees and kernel branches. We are committed to ensuring that a user who purchased a device three years ago does not feel abandoned. By porting the core features of Android 16 QPR1 to these devices, we extend their useful life and reduce electronic waste, aligning with our environmental and ethical values.

Looking Ahead: The QPR2 Support Plan

While the QPR1 ports are currently underway, we are already developing the support plan for Android 16 QPR2. Early planning is essential to manage the workload and anticipate potential technical hurdles. QPR2 is expected to introduce further refinements to the user interface and under-the-hood optimizations.

Our QPR2 strategy focuses on:

Strengthening Ties: New Community Coordinator and Ecosystem Growth

The strength of CalyxOS lies not just in its code but in its vibrant community of users, contributors, and advocates. We recognize that as the project grows, so does the need for structured community management and support.

Introducing the Community Coordinator Role

We are proud to announce the establishment of a dedicated Community Coordinator position. This role is pivotal in bridging the gap between the development team and the user base. The Community Coordinator is responsible for:

By formalizing this role, we are streamlining communication channels. This ensures that critical feedback from the community reaches the developers and that users feel heard and supported.

Expanding Support Resources

With the new coordinator, we are expanding our support documentation. We are rewriting our installation guides to be more visual and step-by-step, addressing common pain points for users flashing CalyxOS for the first time. We are also creating a comprehensive knowledge base that covers advanced topics, such as verifying build signatures (using the keys generated in our HSM ceremony) and utilizing the different network permission features.

Furthermore, we are increasing our presence on decentralized social media platforms to reach a broader audience concerned with digital rights. Our goal is to educate users about the importance of degoogled Android distributions and how CalyxOS fits into the broader privacy ecosystem.

Meeting the Community: FOSDEM 2026 in Brussels

One of the highlights of the open-source calendar is the Free and Open Source Software Developers’ European Meeting (FOSDEM). We are excited to announce that the CalyxOS team will be attending FOSDEM 2026, taking place in Brussels on January 31 and February 1.

The Significance of FOSDEM for CalyxOS

FOSDEM is the largest gathering of free software developers in Europe, providing an unparalleled opportunity for collaboration, knowledge sharing, and community building. For us, it is a chance to connect face-to-face with the people who use and contribute to CalyxOS.

We will be hosting a booth where team members—including developers, security auditors, and the new Community Coordinator—will be available to answer questions. This is a rare opportunity for users to discuss the technical intricacies of the OS, from the HSM key ceremony to the nuances of the QPR1 porting process.

What We Will Be Showcasing

At our booth, we plan to demonstrate:

Networking and Collaboration

Beyond our booth, we will be attending various talks related to mobile security, open-source licensing, and hardware development. We view FOSDEM as a critical networking event where we can collaborate with other privacy-focused projects (such as GrapheneOS, LineageOS, and the broader Linux mobile ecosystem). These interactions often lead to shared solutions for common upstream challenges, benefiting the entire open-source mobile landscape.

We invite everyone attending FOSDEM 2026 to visit our booth. Whether you are a seasoned developer or a privacy-conscious user looking to switch to a secure mobile OS, we look forward to engaging with you.

Technical Deep Dive: The Intersection of Security and Usability

In this section, we explore how the technical advancements detailed above translate into tangible benefits for the end-user. We believe that security should never come at the expense of usability, and our development philosophy reflects this balance.

Streamlining the Installation Process

Historically, installing a custom ROM has been a technical hurdle for many users. We are leveraging the stability gained from our QPR1 porting efforts to refine the CalyxOS installer. The goal is to create a tool that is as close to “plug and play” as possible while maintaining the necessary security checks.

The installer will verify the device’s bootloader status and guide the user through the unlocking process (where required). Crucially, it will also verify the integrity of the OS image against our public keys—keys that are now secured within our Open HSM infrastructure. This ensures that the software being installed is authentic, even if downloaded from a mirror.

Performance Optimization in Android 16

Android 16 QPR1 introduces significant changes to the Android Runtime (ART) and the scheduler. We are optimizing CalyxOS to take full advantage of these improvements. Our benchmarks indicate that CalyxOS on Android 16 QPR1 not only matches but often exceeds the performance of stock ROMs on the same hardware.

This performance gain is achieved by removing background bloatware and telemetry services that consume CPU cycles and network bandwidth. By stripping away these non-essential processes, we free up system resources for the applications and tasks that matter to the user.

Privacy by Design: Network Permissions and MicroG

Our implementation of Network Permissions is a cornerstone of CalyxOS. In the context of Android 16, we are refining how these permissions are managed. The new OS version offers improved network stack logging, which we are utilizing to provide users with more detailed insights into which apps are attempting to communicate over the network.

Additionally, we continue to support MicroG, a re-implementation of Google Play Services. MicroG allows users to run applications that depend on Google APIs without sending personal data to Google servers. The QPR1 port includes updated MicroG components that ensure compatibility with the latest Android security model, preserving battery life and privacy simultaneously.

Future Outlook and Roadmap

As we look toward the remainder of the year and into 2026, our roadmap is clear. The completion of the Open HSM Key Ceremony will serve as a new gold standard for OS security verification. The successful port to Android 16 QPR1 and QPR2 ensures that our users remain on the cutting edge of Android technology without compromising their privacy.

Simultaneously, the expansion of our community support and our active participation in events like FOSDEM will foster a stronger, more resilient ecosystem. We are not just building an operating system; we are building a movement dedicated to digital autonomy.

We encourage our users to stay engaged with our development process. Visit our repository, participate in discussions, and join us in Brussels. The journey toward a completely transparent, secure, and private mobile experience is ongoing, and with the progress detailed in this report, we are confident in the path ahead.

Contribution and Download

For those looking to explore the technical details of our builds or to download the latest versions of CalyxOS, we invite you to visit our repository. While our primary focus is on the development of CalyxOS, we also acknowledge the broader ecosystem of Android customization. For users interested in enhancing their existing Android setup with Magisk modules, you can find a wide array of tools at the Magisk Module Repository.

We remain dedicated to delivering a secure, private, and high-performance mobile experience. Thank you for your continued support.

You also may like 〣〣
Explore More
Redirecting in 20 seconds...