Opened 4 years ago

Closed 4 years ago

#18752 closed defect (fixed)

[Security Alert] Latest Orbot is signed by different key.

Reported by: ikurua22 Owned by: n8fr8
Priority: Medium Milestone:
Component: Applications/Orbot Version:
Severity: Critical Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Latest Orbot on F-Droid is signed by different key.
When tried to upgrade, F-Droid urge user to delete Orbot to install
the latest one.

Why do you change key?

Child Tickets

Change History (5)

comment:1 Changed 4 years ago by ikurua22


15.1.2 (tor

comment:2 Changed 4 years ago by n8fr8

If you install Orbot from the public F-Droid repo, then the key uses there is the F-Droid signing key, since they build Orbot from source.

If you install Orbot from Google Play, the Guardian Project F-Droid repo, or the direct APK download, it will be signed with the Tor Project signing key.

It is likely you switched from one stream to the other accidentally.

comment:3 Changed 4 years ago by ikurua22

I don't use GooglePlay, only F-droid with official repo + Guardian repo.

Hmm... So, 15.1.2 is released from Guardian...?

IIRC, I switched from v15.0.1-RC-3-PIE.

If the "Orbot on F-Droid" and "Guardian FDroid's Orbot" are different, please consider merging into one, or delete Orbot from

Last edited 4 years ago by ikurua22 (previous) (diff)

comment:4 Changed 4 years ago by n8fr8

Yes, so there is a problem which is Orbot is in both and the Guardian Project repo. The F-Droid app makes it hard to know where you are getting it from.

15.1.2 is indeed from us, and from our F-Droid repo.

I agree Orbot should be removed from the main repo.

Also though we are working with them on a new system where they would build the source code, compare it to ours, and then use binary signed with our key, if it matches up.

comment:5 Changed 4 years ago by n8fr8

Resolution: fixed
Status: newclosed

(apologies for the trouble/confusion)

Note: See TracTickets for help on using tickets.