AgePony PGPony ↗ download
Changelog

Every release, in order.

The big beats are below. The App Store and Google Play listings carry the per-build notes too. Both platforms track the same feature set, so a version number means the same thing on either phone.

2.0 Signing arrives current
  • Detached signatures. AgePony can now sign, not just encrypt. Signatures are standard SSHSIG (the same format as ssh-keygen -Y sign) under the namespace agepony, so anyone with OpenSSH can verify them with ssh-keygen -Y verify — no AgePony required.
  • Three ways to sign. Use an in-app SSH key (ed25519 or RSA), a Secure Enclave key generated in hardware on the device, or an external FIDO security key tapped over NFC.
  • Security keys, done properly. External keys produce both sk-ssh-ed25519 and sk-ecdsa-sha2-nistp256 signatures, and work whether they're touch-only or protected by a FIDO2 PIN. PIN-protected keys prompt for the PIN only when the key asks for it, then finish in a single tap.
  • Verify inside the app. Check signatures other people send you without leaving AgePony.
  • Multi-file bundles. Pick several files in the encrypt flow and AgePony rolls them into one standard USTAR tar, then encrypts that into a single bundle.tar.age. Decrypt and run tar -xf bundle.tar to get the originals back.
  • Open source. The entire iOS app is now Apache-2.0. The pure-Swift crypto core lives in the same repo under Sources/AgePonyCore, each piece pinned to reference test vectors.
1.1 Onboarding and polish
  • A short first-launch walkthrough that explains identities, recipients, and the encrypt flow before you need them.
  • An in-app Help & Support section.
  • A review prompt that only appears after you've actually used the app, with its own quiet gating so it never nags.
  • Assorted fixes and smoothing across the encrypt and decrypt screens.
Android Parity port platform
  • A native Kotlin build of AgePony for Android phones.
  • The crypto core is cross-checked against the same reference vectors as iOS, so a file encrypted on one platform decrypts cleanly on the other and a signature made on one verifies on the other.
  • Same rules as iOS: no accounts, no tracking, no backend.
1.0 The first release
  • age on the phone. Encrypt and decrypt files with the age protocol, bit-for-bit compatible with the age command line.
  • Recipients, three ways. Paste an age1… string or an SSH public key, scan a QR code, or just type someone's GitHub username and AgePony pulls their keys.
  • Passphrase mode. No recipient needed — encrypt to a passphrase with scrypt when you're just protecting a file for yourself.
  • Encrypted notes. A private notes tab where each note's body is sealed with its own passphrase.
  • Text mode. Encrypt and decrypt short text directly, without a file.
  • Locked by default. The whole vault sits behind Face ID / Touch ID, with keys held in the Secure Enclave and the platform keychain.
  • A Share Sheet extension so you can encrypt straight from other apps.

Curious what's next instead of what's done? The roadmap lays out what's being built and what's deliberately off the table.