Signal-FOSS

A fork of Signal for Android with proprietary Google binary blobs removed. Uses OpenStreetMap for maps and a websocket server connection, instead of Google Maps and Firebase Cloud Messaging.

Download

DISCLAIMER: You might want to consider the officially supported APK download from Signal if you don't mind proprietary dependencies. This is an unofficial client with no guarantees of timely (or any) updates. It's licensed under GPL3, like Signal, meaning it has no warranty and you use it at your own risk. Signal is a registered trademark of the Signal Foundation in the USA. This connects to Signal's servers, all terms from their Privacy Policy apply.

Binary

F-Droid Repo QR Code

F-Droid Repository:

https://fdroid.twinhelix.com/fdroid/repo?fingerprint=7B03B0232209B21B10A30A63897D3C6BCA4F58FE29BC3477E8E3D8CF8E304028

Click or copy/paste the above link into the F-Droid app, and it can automatically download and update this application.


Current version direct download:

Signal-FOSS v5.24.17.0 APK

Source Code

Source is on Github in branches whose name ends in '-FOSS'. You can use Github to compare the branch with upstream's release tag of the same version to see the changes.

Frequently Asked Questions

Isn't Signal for Android open source?

Not entirely. All official APKs include multiple closed source Google dependencies including Firebase Cloud Messaging (for notifications), Maps, Authentication and (since v5.24.15) Wallet/Payments. See the app/build.gradle file in Signal's source, or search the codebase for for any imports of com.google.android.gms or com.google.firebase - these two links search the whole Signal codebase for files that import those dependencies.

What's the difference between this and official Signal for Android?

Links go to pages describing relevant privacy policies:

Component: Signal-FOSS Signal Website Build Signal Play Build
Updates Via F-Droid Repo Built-in updater Via Google Play
Notifications Websocket to Signal server Firebase Cloud Messaging if installed, otherwise websocket
Maps OpenStreetMap Google Maps
Donations Not supported in-app Google Wallet/Payments

A websocket connection often uses slightly more battery than Firebase Cloud Messaging, which the official client uses for message notification pings.

Signal versions 4.61.4 - 5.3.7 included Firebase ML Vision for facial recognition; this was replaced in 5.3.8 with Android's inbuilt support.

How do I switch between this and an official Signal build?

  1. It's best to switch between identical versions of Signal.
  2. Make sure backups are enabled in your "Chats and Media" preferences and you have written down the backup password and made a backup.
  3. Check your backup exists in the "Signal/Backups" folder on your internal storage.
  4. Uninstall the application.
  5. Install the other application and let it import backups on first run.

Can this be distributed on F-Droid?

F-Droid requires the original project's permission to distribute an application in their main repository. I asked for permission on their bug tracker and the Signal developers declined.

How do I compile it?

Clone the Github project, see the .github/workflows/android.yml file; you need to add a Base64 encoded Java private key generated from keytool named apksign, and its corresponding password, both as named Github secrets. Then just push a branch whose name ends in "-FOSS" and it will compile, sign and release a build.

To build locally, checkout the source and see the Signal wiki for instructions (or look into the Reproducible Builds directory for Docker build instructions). NOTE: Instead of ./gradlew build use ./gradlew assemblePlayFossProdRelease to build without Google proprietary dependencies. Also, please use apksigner instead of jarsigner if the wiki suggests that.

Can I trust this build?

Builds are automatically generated by Github Actions from source. If you're logged into GitHub check the project's Actions for the relevant build, in the "Sign APKs" step, there's a SHA256SUM listed for each build by filename. Currently the Universal builds are published here. The only new dependency on top of plain Signal is the open source osmdroid library.

Credits

Molly.im (Valldrac)
For Firebase Messaging stubs from Molly-FOSS.
Fumiakiy Yoshimatsu
For OpenStreetMap support.

Changelog

5.24.17.0-FOSS

5.24.14.0-FOSS

5.24.5.0-FOSS

5.23.7.0-FOSS

5.22.7.0-FOSS

5.21.6.0-FOSS

5.20.4.0-FOSS

5.19.4.0-FOSS

5.18.5.0-FOSS

5.17.3.0-FOSS

5.16.3.0-FOSS

5.15.6.0-FOSS

5.14.5.0-FOSS

5.13.8.0-FOSS

5.12.3.0-FOSS

5.11.5.0-FOSS

5.10.8.0-FOSS

5.9.7.0-FOSS

5.8.10.0-FOSS

5.7.6.0-FOSS

5.6.3.0-FOSS

5.5.5.0-FOSS

5.4.12.0-FOSS

5.3.9.0-FOSS

5.2.3.0-FOSS

5.1.9.0-FOSS

5.0.8.1-FOSS

5.0.8.0-FOSS

4.77.3.0-FOSS

4.75.8.0-FOSS

4.61.6.0-FOSS

4.61.0.0-FOSS

4.60.5.0-FOSS