Administered by:
CalyxOS posted an announcement about the departure of both the founder of the organization (Nicolas Merrill) and lead developer of CalyxOS (Chirayu Desai):
https://calyxos.org/news/2025/08/01/a-letter-to-our-community/
According to their post, it will likely be around 4 to 6 months before they resume updates with new signing keys.
CalyxOS is stuck on the 2025-06-01 patch level. The missing patches include 2 remotely exploitable Exynos cellular radio vulnerabilities fixed for Pixels in June along with many High severity issues for other components. There are a huge number of AOSP patches scheduled for disclosure in September.
Android has quarterly major releases. Android 16 QPR1 is coming in September and changes more overall than Android 16. Providing full AOSP patches requires the latest release since only High/Critical severity AOSP patches are backported. It's also needed for the Pixel driver and firmware updates.
Verified boot signing keys can't be rotated. Their plan to change all of the signing keys will require reinstalling the OS to continue receiving updates. Nicolas Merrill was the sole person with access to CalyxOS signing keys. Either he isn't handing over the signing keys or they don't trust him.
GrapheneOS was founded as an open source project in 2014. In 2018, there was a takeover attempt on the project by Copperhead which was a for-profit company founded in late 2015. Copperhead was meant to be sponsoring the project and making it sustainable. Both Nick and Chirayu were involved in this.
Chirayu Desai was a full time employee of Copperhead. The CEO intended for him to be lead developer of a new closed source OS forked from our project. Nicolas Merrill was in active contact with Copperhead and wanted an OS made for Calyx. When the takeover failed, he hired Chiyaru to make CalyxOS.
CalyxOS never incorporated privacy or security features comparable to GrapheneOS. It was always a non-hardened OS far more similar to LineageOS and /e/. Despite being in a different space, Nick and Chirayu worked hard to undermine the continuation of our open source project alongside Copperhead.
Calyx should publish information on why Nicolas Merrill was previously demoted and what's happening with the signing keys and other infrastructure he controls. CalyxOS users deserve to know whether he's refusing to hand over keys, domains, IPs, ASN, etc. and if Calyx considers the keys compromised.
https://www.sec.gov/Archives/edgar/data/2009536/000200953624000001/xslFormDX01/primary_doc.xml is the SEC filing for shares issued in February 2024 by a for-profit telecommunications company founded in 2019. The owners of the company are Nicolas Merrill, Louis Rossmann and Steve Gelmis. This raises a lot of questions, as does other publicly available information.
For CalyxOS users considering moving to GrapheneOS, you should know it's not only much more private and secure but also has broader app compatibility and is very easy to install. https://eylenburg.github.io/android_comparison.htm is a high quality third party comparison. You'll likely be more than happy with it.
Many CalyxOS users have been exposed to a lot of inaccurate information about GrapheneOS and fabricated stories about our team. Our team is heavily targeted with harassment. We're open to forgiving and unbanning people who participated in this in the past if they're going to stop and do better.
@GrapheneOS
Many calyxOS user with Pixel devices will changing the OS to graphene.....
@andree4live Users without Pixel devices still need to move to something else and the only secure option would be getting a new device
Most of the other devices they support are nearing end-of-life and using an alternate OS won't solve the lack of driver and firmware patches.
Even the Fairphone 5 which is supposed to have many years of support head has the 5.4 Linux kernel branch end-of-life in December 2025 with no plan to migrate it forward. Fairphone 4 is on the end-of-life Linux 4.19.
@GrapheneOS jepp, agree....
@andree4live @GrapheneOS Well, I'm not sure. Graphene seems to be a great choice for Pixel users, but it comes with a whiny / toxic social media account manager.
Personally, I guess my next phone will be an Apple again.
I'm sick of all this drama. "Next Android release coming soon ... By the way: Everyone but us sucks...."
@GrapheneOS well that puts an entirely different light on Rossmann's "Why I deleted GrapheneOS" video.
@GrapheneOS
The sec filing mentions Steve Gelmis not Steve Gerber.
Who is he?
@ejim It was an error when writing the post and has been corrected via an edit now. See here:
@GrapheneOS guy was demoted at his own non profit that he founded? lol i'm sorry but that's absolutey hilarious.. imagine you're the founder and owner of a company and you just get demoted...who knew there was someone higher than founder for whatever reason
Heartshadows 
@adisonverlice @GrapheneOS Steve jobs ? that was demoted from his own company ?
Make some research before saying false information.
@GrapheneOS hm, how are signing keys handled in GOS? who has access to them? is that even public?
@multisn8 There's currently 1 person with access to the official build instructions with the signing keys. The succession plan is for the person who is currently the lead developer to take that over if necessary. This is being implemented through them having a copy of the signing keys encrypted in a way that multiple other people need to sign off on the transfer of signing key control. This was disrupted through what happened with Ukraine conscripting our lead developer but will still be set up.
@GrapheneOS @multisn8 to quote from the CalyxOS open letter:
"First, we want to assure you that we have no reason to believe the security of CalyxOS and its signing keys have been compromised."
"When senior personnel have access to signing keys and leave a team, it is security best practice to update signing keys and conduct audits."
Assuming they aren't lying, which I don't see any reason to believe. They are just trying to follow best practices.
> Assuming they aren't lying, which I don't see any reason to believe. They are just trying to follow best practices.
They're currently missing around half of the June 2025 security patches but have announced it will likely be 4 to 6 months from their August announcement before they provide any form of releases.
Going so long without privacy/security updates and requiring people to reinstall the OS to continue getting further apps is not following best practices at all.
It's highly unusual to require signing key rotations after people leave the company. Nicolas Merrill was previously demoted due to something he did at Calyx despite having friends on the board and was clearly doing stuff for-profit stuff on the side in a way that's inappropriate.
> First, we want to assure you that we have no reason to believe the security of CalyxOS and its signing keys have been compromised.
This doesn't mean that they're in control of the signing keys.
@joshix @multisn8 In their announcement, Calyx doesn't acknowledge the fact that Nicolas Merrill is known to have been the only one with access to the signing keys. They do not say whether they've been given the signing keys. They could rotate everything but the verified boot keys in an orderly transition not blocking releasing updates if they have access to the keys. The keys for OS and app updates can be rotated without users reinstalling the OS. They do not appear to have the signing keys.
@joshix @multisn8 Based on an analysis of their domains, ASN, etc. we believe Nicolas Merrill likely still controls most of it and has not turned it over to them. There's clearly a power struggle and legal conflict. They're not being at all transparent about what's happening and are downplaying the severity of the situation. Requiring everyone to reinstall the OS and being unable to provide updates for an estimate of 4 to 6 months is not at all explained by 2 people leaving the organization.
@joshix @multisn8 They're taking a corporate PR crisis management approach to the situation rather than being at all transparent. Their own community and users have been asking many questions and their responses have not addressed it. They also put the releases back up for use despite lacking privacy/security patches. Many people are continuing to use it or even installing it on a device without realizing it lacks privacy and security updates. There's no communication about it via the OS itself.
Sure does make the pixel devices on sale before the new ones launch seem tempting
@jonossaseuraava @GrapheneOS the 9a (one i own) work well and is hella cheap