Why verify?

To be absolutely sure that your device has not been tampered with before delivery. With open source like GrapheneOS, you can verify that everything is authentic, from the system to the apps.

How do I verify the operating system?

Check OS signatures via the Auditor app. Auditor is a built-in security feature in GrapheneOS that allows you to verify that the operating system is genuine, unmodified, and running on genuine Pixel hardware.

1. Open the "Auditor" app

   • Comes pre-installed in GrapheneOS

   • If it is not visible, go to:
     Settings → Security → Auditor

2. Tap “Add Local Verification”

3. The app is now available:

   • Do a hardware attestation

   • Verify that the firmware, OS, and boot chain are secure

   • Verify that the system is signed with GrapheneOS's own keys

4. You will see a result:

   • Green (✔) = everything is correct and unchanged

   • Red (✘) = something is wrong (possible manipulation, faulty system, etc.)

5. (Optional) Tap each section to see details:

   • OS build fingerprint

   • Verified boot status

   • Key attestation data

How do I verify the apps?

1. Open Obtainium
   The app is pre-installed or can be downloaded here . Obtainium only downloads apps directly from official sources like GitHub, so you don't have to rely on third-party servers.

2. Search for the app, e.g. Signal

3. Tap the app > scroll down to Versions

4. Compare the version number with the one found at:

   • The app's official GitHub page

   • App homepage

5. You can also tap the version number → View signature/metadata

   • Check the signature fingerprint if you want to go deeper