CalyxOS Is Dead — Here’s What You Should Do Now

TL;DR: CalyxOS paused all development and security updates on August 1, 2025, after its founder and tech lead both departed. Devices are stuck on the June 2025 security patch with known exploitable vulnerabilities. The project has not resumed updates as of February 2026. If you’re still running CalyxOS, you should migrate immediately — GrapheneOS is the strongest option for Pixel owners, while /e/OS offers an easier path for less technical users. This guide walks you through both.

What Happened to CalyxOS?

If you’ve been running CalyxOS on your daily driver, you probably already feel the unease. The project that was once praised as the “perfect middle ground between convenience and privacy” has gone silent — and has been silent for over six months.

Here’s the timeline of how we got here:

May 28, 2025: CalyxOS releases version 6.7.23, its final feature update. At the time, everything seems normal. The team mentions preparations for Android 16 upstream.

June 9, 2025: CalyxOS 6.8.20 and 6.8.21 ship with the June 2025 security patch (2025-06-01). These are the last security updates CalyxOS ever delivers. No one knows it yet.

August 1, 2025: The Calyx Institute publishes “A Letter to Our Community.” The letter announces two devastating departures: Nicholas Merrill, the president, founder, and namesake of the Calyx Institute, has left the organization “to pursue other projects.” Simultaneously, Chirayu Desai, the CalyxOS tech lead who was the primary force behind the OS’s development, has also departed. The letter states that development and maintenance are being paused for four to six months while the remaining team overhauls infrastructure, upgrades signing key management, and stabilizes operations. Installation images are pulled from the website.

August 5, 2025: An update to the letter is posted. The team states they have “no reason to believe the security of CalyxOS and its signing keys have been compromised,” but acknowledges that current users will not receive further security updates until new security protocols are in place. They recommend users consider uninstalling CalyxOS due to the lack of patches. Under community pressure, they restore the installation images with a prominent warning banner.

November 10, 2025: CalyxOS publishes a progress report on signing infrastructure and team capacity. They confirm they are working with security consultants on an HSM (Hardware Security Module) signing solution and rebuilding team capacity. But no release date is given. No builds ship.

February 2026 (now): Eight months after the last security update. No new CalyxOS builds have been released. The project’s Wikipedia page lists its working state as “Development paused.” The subreddit is filled with users asking “What is happening?” and receiving no answers from the team.

The four-to-six-month estimate has come and gone. CalyxOS is, for all practical purposes, dead.

Why This Matters: The Security Risk of Staying on Outdated CalyxOS

Let’s be direct: if you are still running CalyxOS, your phone is insecure. This isn’t fear-mongering — it’s the reality of how Android security works.

CalyxOS is frozen on the June 1, 2025 security patch level. Since then, Google has released eight monthly security updates, each patching critical vulnerabilities in the Android Open Source Project (AOSP). Many of these are remotely exploitable — meaning an attacker can compromise your device without you clicking anything, installing anything, or doing anything wrong.

Within just weeks of the last CalyxOS update, at least two remotely executable vulnerabilities were publicly disclosed that affect unpatched devices. By now, months of accumulated vulnerabilities exist in your kernel, media framework, Bluetooth stack, and system components.

You might think: “I’m not a high-value target. No one is coming after me specifically.” That’s probably true — but it misses the point. Once vulnerabilities are weaponized, they are deployed at scale. Botnets, drive-by exploits, and mass-scanning campaigns don’t care who you are. The Mirai botnet didn’t target important people — it targeted every vulnerable device it could find.

A privacy-focused OS that doesn’t receive security patches is worse than useless — it gives you a false sense of security. You’ve made tradeoffs (no Google services, app compatibility quirks, a smaller ecosystem) in exchange for the promise of better security. That promise is now broken.

The Signing Key Problem

Even if CalyxOS does eventually resume, there’s another issue. Nicholas Merrill was the sole person with access to the CalyxOS signing keys. The remaining team has stated they need to generate entirely new signing keys and transition to a new HSM-based signing process.

What this means for you: you will need to completely wipe and reinstall CalyxOS from scratch to transition to builds signed with new keys. There is no OTA path from your current installation to a future CalyxOS build. You’re going to lose everything on the device either way.

If a reinstall is inevitable, why not reinstall something that’s actually receiving updates?

Your Options: Where to Go From Here

Option 1: GrapheneOS (Recommended for Most Users)

If you’re on a supported Google Pixel — and if you were running CalyxOS, you probably are — GrapheneOS is the clear choice. It’s the gold standard for mobile privacy and security, and it’s never missed a security update cycle.

Why GrapheneOS:

Fastest security patch delivery in the custom ROM space (often same-day as Google)
Hardened memory allocator, exploit mitigations, and sandboxing that go far beyond AOSP
Sandboxed Google Play Services (optional) — better app compatibility than CalyxOS’s microG approach, with stronger isolation
Verified boot with a locked bootloader
Active, well-funded development with a growing team
Working with a major Android OEM on future non-Pixel device support (expected late 2026/early 2027)

What you lose coming from CalyxOS:

microG is gone. GrapheneOS uses sandboxed Google Play Services instead. This actually provides better compatibility (banking apps, push notifications), but it is Google’s code running in a sandbox rather than an open-source reimplementation. If avoiding all Google code is non-negotiable for you, be aware of this.
No built-in Datura Firewall. GrapheneOS has per-app network permission toggles, and you can use a firewall app, but there’s no integrated firewall UI like CalyxOS had.
F-Droid is not pre-installed. You can install it yourself, though the GrapheneOS team recommends Accrescent or Obtainium as alternatives due to F-Droid’s security model concerns.
The “feel” is different. CalyxOS was friendlier out-of-the-box. GrapheneOS is more spartan but more secure.

Currently supported Pixel devices for GrapheneOS (as of February 2026):

Pixel 6, 6 Pro, 6a
Pixel 7, 7 Pro, 7a
Pixel 8, 8 Pro, 8a
Pixel 9, 9 Pro, 9 Pro XL, 9 Pro Fold
Pixel Tablet
Pixel Fold

Migration Guide: CalyxOS → GrapheneOS (Step by Step)

Before you begin: This process will completely wipe your device. Back up everything first (see the “What About My Data?” section below).

Back up your data. Use SeedVault (CalyxOS’s built-in backup) to create a backup to a USB drive or cloud storage. Manually copy photos, documents, and any files you need off the device. Export contacts as a .vcf file. Write down your 2FA app codes or transfer them.
Charge your phone to at least 80%.
Go to the GrapheneOS web installer at grapheneos.org/install/web on a desktop computer. (If you want a walkthrough with app recommendations, see our GrapheneOS setup guide.) You’ll need a USB-C cable.
Enable OEM unlocking on your CalyxOS device: go to Settings → About Phone → tap “Build Number” 7 times to enable Developer Options, then go to Settings → System → Developer Options → enable OEM Unlocking.
Boot into fastboot mode: Power off the phone, then hold Power + Volume Down simultaneously.
Connect your phone to your computer via USB-C.
Follow the web installer prompts. The GrapheneOS web installer will:
- Unlock the bootloader (this wipes the device)
- Flash the GrapheneOS image
- Relock the bootloader
The entire process takes about 10–15 minutes.
Set up GrapheneOS. On first boot, configure your settings. If you need Google Play compatibility, go to Apps → Install Google Play Services (this installs them in a sandboxed profile).
Restore your data. Reinstall your apps, import your contacts .vcf file, copy photos back, and reconfigure 2FA apps.

Option 2: /e/OS (For Less Technical Users)

If GrapheneOS feels too intense, or if you have a non-Pixel device (Fairphone, Samsung, Motorola), /e/OS is a solid alternative. If you’re weighing the two, our GrapheneOS vs /e/OS breakdown will help you choose. It’s built on LineageOS with a focus on usability and de-Googling, and it’s backed by the e Foundation (now Murena).

Why /e/OS:

More user-friendly — it feels closer to a “normal” Android experience
Includes a built-in app store (App Lounge) that pulls from multiple sources
microG is integrated for Google service compatibility
Supports a much wider range of devices, including Fairphones, Samsung Galaxy phones, and Pixels
Murena sells pre-installed /e/OS phones if you don’t want to flash anything
Active development with regular updates

What you should know:

/e/OS is less hardened than GrapheneOS. It’s privacy-focused but doesn’t have the same level of exploit mitigations.
Not all /e/OS device builds are official — some are community-maintained. Stick to devices marked as “Official” in their Smartphone Selector.
The bootloader may not be relockable on all devices, which is a security concern.

Migration Guide: CalyxOS → /e/OS (Step by Step)

Back up your data (same as above — see “What About My Data?” section).
Check device support at doc.e.foundation/devices. Search for your Pixel model and confirm it has an “Official” build.
Download the /e/OS Easy Installer from e.foundation/e-os (available for Windows and Linux). This is a GUI-based installer designed for non-technical users.
Enable OEM unlocking and boot into fastboot mode (same steps as the GrapheneOS guide above).
Follow the Easy Installer prompts. It will handle unlocking, flashing, and (on supported devices) relocking the bootloader.
Set up /e/OS. The first-boot experience is more guided than GrapheneOS. You can create a Murena account for cloud sync, or skip it entirely.
Restore your data from backups.

If the Easy Installer doesn’t support your specific device, /e/OS also provides manual installation guides with detailed command-line instructions for each device model.

Other Alternatives Worth Knowing About

DivestOS: Also Dead

If you were considering DivestOS as an alternative — it’s gone too. DivestOS officially ended in December 2024 after a decade of development. The sole maintainer announced there would be no further updates. DivestOS was popular for extending the life of older devices with security patches, and its death also took down Mull, the well-regarded privacy-focused Firefox fork.

The privacy ROM landscape is shrinking.

AXP.OS: The DivestOS Successor

AXP.OS has emerged from DivestOS’s ashes. It’s an AOSP and LineageOS-based operating system that picked up where DivestOS left off, particularly in supporting older devices that no longer receive manufacturer updates. It was originally based on DivestOS but rebuilt its foundation on LineageOS after DivestOS shut down.

AXP.OS offers two flavors:

Pro (default): A full-featured privacy-oriented OS
Slim: A more minimal, DivestOS-like experience

It’s worth watching, but it’s still a smaller project. If you have an older device that isn’t supported by GrapheneOS or /e/OS, AXP.OS may be your best bet. Check their device list for compatibility.

What About My Data?

The migration from CalyxOS to any other OS requires a full device wipe. There’s no way around it. But with some preparation, you won’t lose anything important.

Contacts

Export before wiping: Go to the Contacts app → Menu → Export → save as .vcf file to your device storage, then copy it to your computer or USB drive.
Import after migration: On your new OS, open the Contacts app → Menu → Import → select the .vcf file.
If you use a CardDAV server (like Nextcloud or Radicale), your contacts will simply re-sync when you add the account on your new OS.

Photos and Videos

Copy them off the device to your computer via USB before wiping. They’re in DCIM/ and Pictures/ on internal storage.
If you use a self-hosted sync solution like Nextcloud, Syncthing, or Immich, your photos are already backed up — just reinstall the app and reconnect.
Do not rely solely on SeedVault for photos. SeedVault backs up app data, but manually copying your media ensures nothing is lost.

Apps and App Data

SeedVault (CalyxOS’s built-in backup tool) can back up app data to USB storage or compatible cloud providers (Nextcloud via DAVx5). Create a backup before wiping.
However, SeedVault backups are not universally compatible across different ROMs. A CalyxOS SeedVault backup may not restore perfectly on GrapheneOS. You should treat SeedVault as a best-effort safety net, not a guaranteed migration path.
For critical apps, manually export data where possible. Signal has built-in backup. Messaging apps, password managers, and authenticators usually have their own export functions.

Two-Factor Authentication (2FA)

This is the most dangerous thing to forget. If you use an authenticator app (Aegis, andOTP, Google Authenticator), export your seeds/keys before wiping.
Aegis (recommended): Has an easy export function — export to an encrypted file, copy it off the device.
Google Authenticator: Supports account transfer via QR codes between devices.
If you lose your 2FA seeds without backup, you’ll need to go through account recovery for every service — which can take days or weeks for some providers.

Signal Messages

Signal has a built-in backup feature: Settings → Chats → Chat backups → Turn on. Save the backup file and the 30-digit passphrase. Copy the backup file off the device. On your new OS, install Signal and restore from the backup during setup.

Password Managers

If you use Bitwarden, KeePass, or similar: your vault is either cloud-synced (Bitwarden) or stored in a file (KeePass .kdbx). Make sure you have the vault file or know your master credentials before wiping.

A Checklist Before You Wipe

Contacts exported as .vcf
Photos and videos copied to computer/external storage
2FA app seeds exported (Aegis, andOTP, etc.)
Signal backup created and passphrase saved
Password manager vault accessible from another device
SeedVault backup created (best-effort)
App-specific data exported (notes, documents, etc.)
Phone charged to 80%+
OEM unlocking enabled in Developer Options

The Bigger Picture

CalyxOS’s collapse is part of a troubling trend. DivestOS died in December 2024. CalyxOS effectively died in August 2025. The privacy ROM ecosystem is consolidating rapidly.

Maintaining a secure Android fork is enormously demanding work, and Google’s increasing platform lockdown — hardware attestation, Play Integrity API, tighter bootloader restrictions — makes it harder every year. Projects that depend on one or two key developers are fragile. When those people leave, the project dies.

GrapheneOS has survived because it has a larger team, dedicated funding, and a security-first engineering culture. But the privacy community can’t take any project for granted. Support the projects you depend on — financially, through testing, through documentation.

If you trusted CalyxOS, that trust was well-placed at the time. The team built something genuinely good. But the situation has changed, and your security can’t wait for a project that may never come back.

Back up your data. Flash a new OS. Move forward.

Have questions about migrating from CalyxOS? Reach out to us at privacyphones.com — we’re here to help.

Last updated: February 17, 2026