Shipped, building, considering.
There are no dates here on purpose. AgePony is built by one person around a day job, so things ship when they're right rather than when a calendar says so. Here's where everything stands.
2.0Signing, security keys, and bundles
Detached SSHSIG signatures made with an in-app SSH key, the Secure Enclave, or a FIDO security key tapped over NFC. Verify other people's signatures inside the app. Encrypt several files at once into a single bundle. And the whole iOS app went open source under Apache-2.0.
1.1Onboarding and polish
A short walkthrough for first launch, an in-app Help & Support section, and a few rough edges sanded down across the encrypt and decrypt flows.
AndroidFull parity port
A native Kotlin build of AgePony, with the crypto core cross-checked against the same reference vectors as iOS so a file encrypted on one platform decrypts cleanly on the other.
1.0The first release
age encryption and decryption on the phone, including the headline trick: encrypting straight to someone's GitHub username. Passphrase mode for when there's no recipient, and key storage in the Secure Enclave and platform keychains.
Keeping the two ponies in step
Ongoing work to keep iOS and Android feature-matched as each one ships, so a guide or a screenshot is true on whichever phone you happen to be holding.
More recipient sources
Today you can paste an age recipient, an SSH public key, or a GitHub username. Other sources are worth exploring, but only ones that don't drag a server or an account into the picture.
age plugin identities
The age ecosystem has plugins for things like hardware tokens. Supporting plugin-backed identities on mobile is genuinely hard and isn't promised, but it's on the list of things being thought about.
Roomier tablet layouts
The app runs on tablets, but the layouts are phone-first. Giving them proper breathing room on a larger screen is a nice-to-have, not a commitment.
Accounts, sync, or a cloud
AgePony has no backend and never will. There's nothing to sign into and nothing leaves your device unless you send it. That isn't a gap to fill; it's the whole point.
Analytics or telemetry
No tracking is a permanent rule, not a feature waiting to be built.
A desktop app
On the desktop you already have the excellent age command line and ssh-keygen. AgePony exists to bring those to the phone, so a separate desktop build isn't on the table right now.
Got an idea, or something you wish AgePony did? Mail is the roadmap's suggestion box: NorseHorse@norsehor.se.