AgePony PGPony ↗ download
Open Source · Apache-2.0

Read the code.

Encryption you can't inspect is a promise, not a guarantee. The entire AgePony iOS app is public — not just the crypto core.

The repository

The full iOS app lives at github.com/norsehorse-dev/AgePonyiOS under the Apache License 2.0. Clone it, build it, audit it, or fork it.

AgePonyCore

Inside the repo under Sources/AgePonyCore is the pure-Swift cryptographic core, with clean boundaries and no app dependencies:

  • age — X25519 + ChaCha20-Poly1305 STREAM, the v1 file format, scrypt passphrase stanzas.
  • SSH key parsing — ed25519 and RSA public keys as recipients; identity parsing for signing.
  • SSHSIG — detached signatures in the ssh-keygen -Y sign format.
  • FIDO / CTAP2 + PIN — the security-key stack, including PIN/UV protocol-1 and the clientPin commands.
  • tar archiver — the USTAR bundler behind multi-file .age bundles.

Each module is pinned to reference test vectors, so the implementation stays bit-compatible with the age CLI and OpenSSH.

Verify it yourself

# a file encrypted in AgePony, decrypted by the reference CLI age -d -i identity.txt bundle.tar.age | tar -tf - # a signature made in AgePony, verified by OpenSSH ssh-keygen -Y verify -f allowed_signers \ -I you@example.com -n agepony \ -s report.pdf.sig < report.pdf

License

Apache-2.0 — use it, modify it, ship it, with attribution and the standard patent grant. The full text is in the repository's LICENSE file.

The sibling cores

AgePony's cousin PGPony publishes its OpenPGP cores too — PGPonyCore (Swift) and PGPonyCore-Kotlin, both Apache-2.0.