| 27 Apr 2026 |
 chrillefkr | Lol, lucky me I guess | 21:14:43 |
 pentane |
What is stateVersion really?
I made backwards-incompatible changes to how exactly the APKs and APEXes are being signed in robotnix, and I introduced stateVersion to prevent these breaking changes from occuring
| 21:14:48 |
| pentane | if it's really just the avb keys that you regenerated (which you shouldn't do btw - you should set avbKeySize to your old value instead ;) ), the OTA upgrade will only fail if you relocked your bootloader | 21:15:29 |
| pentane | (OTA upgrades are signed with releasekey) by default | 21:15:42 |
| chrillefkr | Ahh, okok. Thanks. What would you recommend for me to get further? I just figured I should fetch some updates for my phone ya know | 21:15:46 |
| pentane | * (OTA upgrades are signed with releasekey by default) | 21:15:47 |
| pentane | hmm, I am very much confused how your initial build worked in the first place, but as a bandaid (ymmv), I'd recommend manually patching over the error by specifying which key the APK should be signed with:
signing.extraApks."com.android.appsearch.apk.apk" = "${config.device}/releasekey";
| 21:17:14 |
| chrillefkr | Ah cool! I'll fiddle around and see if I can get it to sign. Thanks! I can send over the state of my flake.lock + .nix etc of where it worked if you want | 21:19:06 |
| pentane | would be great to get some insights, thanks! :) | 21:19:41 |
| chrillefkr | Download robotnix-working-for-pentane.tar.gz | 21:22:35 |
| pentane | Ohh I see now | 21:24:17 |
| pentane | that was from before I added the signing safeguard patch from GrapheneOS | 21:24:31 |
| pentane | * that was from before I added the signing safeguard patch from GrapheneOS to all distros | 21:24:36 |
| chrillefkr | You're quick at this lol, cool | 21:24:49 |
| pentane | i.e. the APEX file from your error message simply was left with its test keys | 21:25:03 |
| pentane | so the safeguard caught my past error and worked as intended, i guess 😂 | 21:25:31 |
| pentane | Let's hope that LineageOS doesn't complain upon the next upgrade | 21:25:48 |
| chrillefkr | Okay, you lost me 😅 what should I do? | 21:28:01 |
| pentane | best to try to apply the upgrade with this fix | 21:30:29 |
| pentane | not 100% sure that it'll work but worth a try | 21:30:37 |
| chrillefkr | You goddamn genius, it worked. But now I'm stuck on another app failing to sign. I will try to figure this one out myself 😄 thx! | 21:36:03 |
| pentane | if it's the same error, adding that one to extraApks too will work too :) | 22:35:17 |
| 29 Apr 2026 |
|  brittonr removed their profile picture. | 14:44:11 |
 bigfreakintaco | Hi everyone, hope you are doing well. I have been building GrapheneOS the manual way for the past few years, and recently stumbled across Robotnix, and have it working with GrapheneOS, but the only part I can't figure out, is how to use our existing release/signing keys from GrapheneOS. I tried creating a folder called "keys" in the main dir I cloned, and it doesn't find them. Then in the config file, I can't figure out what setting to use to set the path to my keys because the documented settings seem to be obsolete now. I'll be happy to contribute to the project with updated docs (if needed) once I learn how; but any tips are SUPER appreciated! <3 | 16:50:08 |
| pentane | can you post ls -l keys? | 17:04:04 |
| pentane | (I suspect it's because your keys are located at keys/*.pk8 instead of keys/<devicename>/*.pk8 | 17:04:51 |
| bigfreakintaco | 
Download image.png | 17:05:22 |
| bigfreakintaco | Yes, they are! Sweet I'll change it now and rebuild! | 17:05:39 |
| pentane | yes, looks good! | 17:06:35 |
| pentane | (basically, just move all of these files into keys/<devicename>) | 17:07:00 |
