Sendant
Direct download · Android

Install Sendant directly — and verify it's really us

Updated 11 July 2026

For de-Googled phones, GrapheneOS, restricted regions, or anyone who would rather check every byte than trust a store. Download the app, confirm it was signed by Sendant, and install — three steps, each one you can verify yourself.

Why this page exists: if you can't or won't use the Play Store, you shouldn't have to take a download on faith. So we don't just hand you an APK — we hand you the signing-certificate fingerprint and the exact command to check it. If the fingerprint matches, the app was built and signed by Sendant and nobody altered it in between. That check is the whole point, and it takes about thirty seconds.

Download Sendant v1.0.93

Android 8.0+ · APK · 72 MB · released 2026-07-06 · arm64 · signed

or use the web app — no install

Prefer a store? Google Play · F-Droid (planned). Whichever source you use, the signing fingerprint below is how you confirm the copy is genuinely ours.

Not on Android? There's no separate iPhone or desktop app — and there doesn't need to be. Sendant runs fully in any modern browser at app.sendant.io, including on iPhone. This download is only for people who specifically want an installed Android app off the Play Store.

Three steps, and what each one proves

  1. 1 · Download the APK

    Tap the button above. Your browser may warn you about downloading an APK — that's expected for any file that isn't from the Play Store, and it's exactly why the next step exists.

    Proves nothing yet — a download alone is just bytes. Don't install it until step 2 checks out.

  2. 2 · Verify it was signed by Sendant — the step that matters

    Every Android app is signed with a private key only its developer holds. You can read the fingerprint of that key off the file you just downloaded and compare it to ours. If they match, this APK genuinely came from Sendant and hasn't been modified.

    On a computer with the Android SDK (build-tools):

    # reads the signing certificate out of the downloaded file apksigner verify --print-certs sendant-1.0.93.apk

    The "SHA-256 digest of certificate" it prints must equal:

    2128421c489906f43fac5c44dc610e8ac2c3bde8a1ee42ded2466139ab36f0f2

    Proves the app came from Sendant, unaltered. A matching fingerprint means this APK was signed by the holder of Sendant's private key and changed by no one since. Record this value, and treat a fingerprint that ever changes as a reason to stop and check.

    Don't take that fingerprint from this page alone — cross-check it against DNS:

    # the same fingerprint, published on separate infrastructure dig +short TXT _sendant-direct.sendant.io

    The TXT record answers with …sha256=2128421C…F0F2 — the same fingerprint as above. It lives in DNS, behind a different service and permission boundary than this page, so whoever could tamper with the download page can't, with that access alone, also rewrite this record. If the value on the page and the value in DNS ever disagree, or either one differs from what your APK prints, stop and don't install. Honest limit: this page is served from AWS and the DNS record lives on a separate DNS provider (DNSCove) — two independent accounts, so compromising either one alone can't forge both; only someone holding both credentials could. It is a strictly stronger check than a fingerprint you could only read in one place.

    Optional — also check the file didn't corrupt in transit:

    # macOS / Linux shasum -a 256 sendant-1.0.93.apk

    Expected SHA-256:

    e3c9a79d875cc2b8842e335e97b3fb22e2cca581ab3f788ea78e5a0430c4ea08

    A matching SHA-256 only means the download wasn't corrupted or truncated. It is not proof of authenticity on its own — whoever controls a website controls both the file and the hash printed next to it. The signing fingerprint above is the real anchor; treat the hash as a bonus integrity check.

  3. 3 · Install

    Open the downloaded file. Android will ask permission to install from this source the first time — grant it for your browser, then confirm the install. On GrapheneOS and most de-Googled ROMs this is the normal, built-in flow.

    You're done. You installed an app whose author you cryptographically confirmed — which is more than a store install lets you do yourself.

This is a separate app from the Play Store version

The direct build has its own package id (io.sendant.direct) and its own signing key, so Android installs it alongside a Play Store copy instead of updating it. That's deliberate: Google holds the signing key for the Play build, so a self-signed update can't replace it — Android would reject it as a different signer.

Why you should care: your Sendant identity is a cryptographic key that lives inside one specific install. Two installs = two separate identities and two separate contact lists. Pick one build per device and stay on it. If you're moving from the Play version, tell your contacts your new handle first — there's no automatic migration, by design, because we never hold your identity for you.

Keeping it updated

Outside the Play Store, updates don't arrive automatically yet. Two honest options today:

Honest status

The bounds matter more than usual here, because this audience checks:

Is Sendant independently audited?

Not yet. The cryptography uses well-understood primitives — X3DH and the Double Ratchet, the same as Signal — but an external security audit is planned and not yet done. Verifying the signing fingerprint proves the app is authentic (really from us, unmodified); it does not substitute for an audit of the code itself.

Does it work on GrapheneOS / a de-Googled phone?

Yes — the app runs without Google Play Services. One caveat we won't hide: background push notifications use Firebase Cloud Messaging, so on a fully de-Googled device without Play Services you may not get instant alerts while the app is closed, and may need it open to receive messages promptly. Messaging, encryption, and calls otherwise work normally.

Can I build it from source myself?

No — Sendant's source is private and stays private, so there's no public repository to compile and no bit-for-bit reproducible build to reproduce (which is also why Sendant isn't on F-Droid, which requires buildable public source). The way you confirm authenticity is the signing-certificate fingerprint and SHA-256 hash published here: check them before you trust an APK. We'd rather tell you exactly what you can verify than imply source you'll never get to read.

What permissions does it ask for, and why?

Notifications (to alert you to new messages), and microphone/camera only when you start a voice or video call. No contacts access — Sendant has no phone-number or address-book directory by design. No analytics or tracking in the app, ever.

Not sure yet? Try it with zero commitment

No phone number, no email, no account, no install. Open it in a browser and see how it feels first.

Open web app Compare messengers