How can we help?
FAQs, troubleshooting for both platforms, and the fastest way to reach a human.
Frequently asked.
Quick answers to the most common questions. Looking for the marketing pitch instead? Homepage FAQ.
How do I generate my first key pair?
Open PGPony and tap the Keyring tab. Tap the + button to generate a new key. Enter your name and email, pick an algorithm (Ed25519 + Cv25519 is the default and recommended), and optionally set a passphrase. The new key appears in your keyring immediately. The whole flow takes about 15 seconds.
How do I share my public key with someone?
Four ways, all one tap from the Exchange tab: (1) generate a QR code for them to scan, (2) export an .asc file and send it through any app, (3) copy the armored block to your clipboard, or (4) publish to keys.openpgp.org so anyone can find it by email. Your private key never leaves your device — only the public half is ever shared.
How do I import someone else's public key?
Three ways: scan their QR code with the camera button on the Exchange tab, paste their armored public key block into the import field, or use WKD lookup by email (PGPony queries their mail domain and falls back to keys.openpgp.org). Once imported, they show up in the Encrypt tab as a recipient option.
Where are my private keys stored?
On iOS: in the iOS Keychain, with Secure Enclave protection on every iPhone since the 5s. On Android: in the Android Keystore, hardware-backed where the device supports it. In both cases the OS enforces that keys never leave the secure subsystem; PGPony can request signing or decryption operations but cannot extract the raw key material.
I lost my passphrase — can I recover my key?
No, and that's by design. The passphrase is the second factor that protects your private key; without it, the key cannot be decrypted to sign or open messages. PGPony has no recovery, no reset, and no backdoor. If you've forgotten it, the key is gone — generate a new one, share the new public key, and ask senders to re-encrypt anything you still need access to.
How do I back up my keys?
From the Keyring tab, long-press a key and choose Export → Secret Key. This produces a passphrase-protected .asc file you can save to iCloud Drive, Google Drive, a password manager, an encrypted USB drive, or print on paper. The exported file is useless to anyone who doesn't know the passphrase. We strongly recommend backing up immediately after generation.
How do I move my keys to a new phone?
Two paths. If iCloud Keychain sync was enabled on iOS, your keys appear automatically on any new device signed into the same Apple ID. Otherwise: export the secret key to an .asc file on the old device (Keyring → long-press → Export → Secret Key), transfer the file securely to the new device, and import it from the Keyring tab. Same flow works across platforms — iOS-exported keys import cleanly into PGPony for Android and vice versa.
Ed25519 vs RSA — which should I use?
Ed25519 + Curve25519 is the default and recommended choice — smaller keys, faster signing, modern cryptography. PGPony generates these as v4 OpenPGP keys today; v6 generation (per RFC 9580) arrives in v6.0 alongside hardware-token support. RSA (2048 or 4096) is also fully supported and remains a good choice if your correspondents are stuck on older versions of GnuPG (pre-2.1) or other legacy tooling. Both are secure; Ed25519 is just newer and lighter.
What happens when I publish my key to keys.openpgp.org?
Your public key is uploaded so anyone who knows your email can find it. You'll receive a verification email from the keyserver — click the link to confirm you control the address (otherwise the email portion of your key stays hidden). Only your public half is uploaded; your private key never leaves your device. To remove your key later, follow the deletion process at keys.openpgp.org/about.
What does the clipboard countdown do?
When you copy decrypted text or other sensitive content, PGPony starts a countdown and clears the clipboard automatically when it reaches zero. A floating banner shows the remaining time, and tapping it wipes the clipboard immediately. Duration is configurable in Settings (10s / 30s / 60s / off). This stops sensitive data from sitting around for paste history apps, screen sharing, or shoulder surfers.
Does PGPony collect any data?
No. Zero analytics, zero telemetry, zero crash reporters, zero advertising IDs. PGPony has no server and no account system. Two optional features (bulk key discovery and key publishing) transmit limited data to keys.openpgp.org when you tap a button to start them; both are off by default. See the privacy policy for the full breakdown.
How do I report a bug or request a feature?
Email NorseHorse@norsehor.se with your device, OS version, app version (Settings → About), and a description of what happened. For bugs, steps to reproduce help enormously. PGPony is built by a solo developer — every email is read by an actual person.
Common fixes.
iOS and Android, side by side.
- iOS
- Settings → PGPony → Camera → On
- Android
- Settings → Apps → PGPony → Permissions → Camera → Allow
- Both
- Hold the phone 6–8 inches from the QR. PGPony reads binary high-density QR codes — the older "text-only" decoder in some scanners can't handle them.
- Cause
- The message was not encrypted to a public key you hold, or the matching private key isn't imported.
- Check
- Keyring → confirm the private key for the recipient address is present.
- Sender
- Confirm they encrypted to your latest public key, not an old one. WKD or QR exchange avoids stale keys.
- iOS
- Settings → PGPony → Contacts → On
- Android
- Settings → Apps → PGPony → Permissions → Contacts → Allow
- Match
- PGPony matches by email. The address on your contact's PGP key must appear on their contact card (any email field).
- iOS
- Settings → Face ID & Passcode (or Touch ID) must be enrolled at the OS level first. Then in PGPony Settings → Lock → Biometric.
- Android
- Settings → Security → Fingerprint / Face must be enrolled first. Then PGPony Settings → Lock.
- Fallback
- If biometrics fail repeatedly, the device passcode unlocks the app.
- iOS
- From any Share Sheet, scroll the action row right → More → enable PGPony Encrypt / PGPony Decrypt.
- Android
- The PGPony share targets appear after the first launch. If not, Settings → Apps → PGPony → Open by default → Add supported links.
- File types
- PGPony accepts
.asc,.pgp,.gpg, and plain text from any app.
- First
- Check spam / junk — keys.openpgp.org mail lands there often.
- Then
- Retry the publish — it's safe to upload the same key multiple times.
- Without verify
- The key is still uploaded; only the email portion is hidden from search until verified.
- Why
- The recipient's mail provider must publish keys via Web Key Directory. Most providers don't. PGPony falls back to
keys.openpgp.orgautomatically. - Workaround
- Ask them to publish their key to
keys.openpgp.org, or exchange via QR code in person.
- Step 1
- Force quit and relaunch (your keys are safe — they live in the OS keystore, not app storage).
- Step 2
- Reboot the device.
- Step 3
- If it still crashes, email support with device, OS version, and app version.
Recent updates.
Highlights from recent releases. For full version history, see the App Store or Google Play changelog.
- Android release
- PGPony now ships on Google Play. Same standards, same key formats, same UI conventions as iOS.
- OpenPGP v6
- RFC 9580 — import, decrypt, and verify v6 keys (Argon2id S2K parsing, AEAD-OCB decryption). Generation and encryption-to-v6 in v6.0.
- Ed25519 generation
- Native key creation on-device, with full GnuPG round-trip.
- WKD lookup
- Find a recipient's key by typing their email — queries their mail domain first, then keys.openpgp.org.
- Bulk discovery
- One-tap scan of your contacts for published PGP keys.
- Expiration reminders
- Local notifications at 30 / 7 / 1 days before any key expires.
- 6 languages
- English · Deutsch · Español · Français · 日本語 · Português (Brasil).
Still need help?
One developer. One inbox. Real reply. Include your device, OS version, and app version so I can reproduce the issue.
Found a security issue? Please mark the email subject "SECURITY" and I'll respond first.