• Announcements

  • Departure of Calyx / CalyxOS leadership and discontinuation of CalyxOS updates

CalyxOS posted an announcement about the departure of both the founder of the organization (Nicolas Merrill) and lead developer of CalyxOS (Chirayu Desai):

https://calyxos.org/news/2025/08/01/a-letter-to-our-community/

According to their post, it will likely be around 4 to 6 months before they resume updates with new signing keys.

CalyxOS is stuck on the 2025-06-01 patch level. The missing patches include 2 remotely exploitable Exynos cellular radio vulnerabilities fixed for Pixels in June along with many High severity issues for other components. There are a huge number of AOSP patches scheduled for disclosure in September.

Android has quarterly major releases. Android 16 QPR1 is coming in September and changes more overall than Android 16. Providing full AOSP patches requires the latest release since only High/Critical severity AOSP patches are backported. It's also needed for the Pixel driver and firmware updates.

Verified boot signing keys can't be rotated. Their plan to change all of the signing keys will require reinstalling the OS to continue receiving updates. Nicolas Merrill was the sole person with access to CalyxOS signing keys. Either he isn't handing over the signing keys or they don't trust him.

GrapheneOS was founded as an open source project in 2014. In 2018, there was a takeover attempt on the project by Copperhead which was a for-profit company founded in late 2015. Copperhead was meant to be sponsoring the project and making it sustainable. Both Nick and Chirayu were involved in this.

Chirayu Desai was a full time employee of Copperhead. The CEO intended for him to be lead developer of a new closed source OS forked from our project. Nicolas Merrill was in active contact with Copperhead and wanted an OS made for Calyx. When the takeover failed, he hired Chiyaru to make CalyxOS.

CalyxOS never incorporated privacy or security features comparable to GrapheneOS. It was always a non-hardened OS far more similar to LineageOS and /e/. Despite being in a different space, Nick and Chirayu worked hard to undermine the continuation of our open source project alongside Copperhead.

Calyx should publish information on why Nicolas Merrill was previously demoted and what's happening with the signing keys and other infrastructure he controls. CalyxOS users deserve to know whether he's refusing to hand over keys, domains, IPs, ASN, etc. and if Calyx considers the keys compromised.

https://sec.gov/Archives/edgar/data/2009536/000200953624000001/xslFormDX01/primary_doc.xml is the SEC filing for shares issued in February 2024 by a for-profit telecommunications company founded in 2019. The owners of the company are Nicolas Merrill, Louis Rossmann and Steve Gelmis. This raises a lot of questions, as does other publicly available information.

For CalyxOS users considering moving to GrapheneOS, you should know it's not only much more private and secure but also has broader app compatibility and is very easy to install. https://eylenburg.github.io/android_comparison.htm is a high quality third party comparison. You'll likely be more than happy with it.

Many CalyxOS users have been exposed to a lot of inaccurate information about GrapheneOS and fabricated stories about our team. Our team is heavily targeted with harassment. We're open to forgiving and unbanning people who participated in this in the past if they're going to stop and do better.

Same thread on other platforms:

Bluesky: https://bsky.app/profile/grapheneos.org/post/3lvviuo5les2h
Mastodon: https://grapheneos.social/@GrapheneOS/114994075965827640
X: https://x.com/GrapheneOS/status/1953856218931376421

    Damn is that the same Louis Rossmann who started a whole campaign against GrapheneOS on his youtube channel?

      That is some crazy news! I started out on Calyx back in the day, it's wild to see them fall apart suddenly.

      At least they have the chance to correct their mistakes now, with new leadership in place. Although I am unsure if we will ever see them return to the scene. Especially with the recent changes regarding device tree releases.

      I wish them the best of luck, despite all their differences with the GOS project.

      Hathaway_Noa the same Louis Rossmann

      yup, there aren't too many Rossmanns out there.

          GrapheneOS Thank you for keeping us updated, and stating so clearly what the facts are, completely unlike the announcement from Calyx: two key people out begs the question who's left and in charge. That and the bit about changing the signing keys and starting an audit without any further explanation why that is necessary, just as if it were SOP, does not instil confidence. The day before these guys had full control and access to everything yet just a moment later they can't be trusted to the point a very cumbersome process is being initiated despite there being "no reason" for it? It feels there's more to it, which will probably come out to light eventually.

          The call to mend fences is a really nice gesture on your part. Let us hope it is reciprocated. Regardless, it should be clear to any unbiased observer that not just the GrapheneOS project itself but also the communications for it are consistently being run extremely well. We as users should really appreciate your professionalism with regard to that because, as illustrated, it's so uncommon.

          Now that independent network location has been fully implemented in GrapheneOS, I really don't see why anyone would want to run anything else on a GrapheneOS-compatible device. I think this was the last remaining relative shortcoming: closing that gap has been a major accomplishment and milestone for the project in my view.

          I've been wondering though, as for the insecure devices that will never be suitable for a full GrapheneOS release, has there ever been an attempt to consider "GrapheneOS Lite" builds for them using the device-independent portion of GrapheneOS's hardened codebase?

          While this of course wouldn't make them secure, and such releases (if any) would probably have to be named differently so as not to erode GrapheneOS's reputation for uncompromising security, it'd still be way better than running outdated Calyx or LineageOS on them, and could potentially serve as a stopgap encouraging more people to switch to proper GrapheneOS – especially when a new, non-Google and potentially self-developed device is added (really hope this works out).

          [Minor off-topic]

          n3t_admin there aren't too many Rossmanns out there

          Funnily, Rossmann is a huge drugstore chain in Germany and some other countries, so to this European the above sounds a bit like "there aren't many Walgreens out there" – although, on the other hand, "Walgreen" must actually be a really rare last name indeed (an anglicization of the Swedish "Wahlgren" according to Wikipedia).

              GrapheneOS Calyx should publish information on why Nicolas Merrill was previously demoted and what's happening with the signing keys and other infrastructure he controls. CalyxOS users deserve to know whether he's refusing to hand over keys, domains, IPs, ASN, etc. and if Calyx considers the keys compromised.

              The lack of transparency and honesty about why exactly their founder and lead developer have left so suddenly and simultaneously is very worrying.

                Hathaway_Noa Yes, it's the same person. He has an identity verified account on a well known libel, harassment and stalking site called Kiwi Farms which he involved in attacking us through publishing his video. His video closely follows the way that site often targets people with a false narrative referencing the harassment to justify itself. It was very clearly meant to appeal to that audience which he is certainly familiar with since he openly seeks their respect and friendship on their site. We won't link to the thread targeting our founder there, but that's what is used as the blueprint for attacking him and attacking GrapheneOS by many of the people targeting us. It exists to provide a false narrative linking a bunch of other harassment content together along with information useful to people wanting to physically harm them including leaked pictures (one is a Signal profile picture which would have been available to Nicolas Merrill and others at Calyx due to talking there) and an address.