Proton

Over the past year, we’ve had a number of people ask us about our approach to Open Source software. The reality is that the most critical parts of Proton Mail have actually been open source from day one. This is not something that we have made a special effort to point out, and as a result it is not widely known.

All of the source code can be downloaded and viewed here:

https://github.com/openpgpjs/openpgpjs(new window)

In addition to using the OpenPGPjs library, our developers have also audited the library and we regularly contribute our fixes and improvements. In the past few months, we have also made extensive overhauls to the library in order to resolve a couple of major performance bottlenecks and when these changes are completed, we will be making a major OpenPGPjs release which we will detail in a future blog post.

ProtonMail’s approach to open source revolves around two core philosophies.

1. Standards Compliant

We believe in compatibility and interoperability. Thus, Proton Mail’s encryption complies fully with the OpenPGP standard. This brings a number of benefits. Because we are using an open standard, you as the user can know exactly how we are applying end-to-end encryption to secure your emails. In the future, we will be adding to Proton Mail the ability to import and export PGP keys. By complying with OpenPGP, it will be possible to do things like, download Proton Mail messages and decrypt them locally using your own PGP software.

2. Peer Review

As former scientists from CERN, MIT, and elsewhere, we are firm believers in the peer review process. Open source without peer review is just not sufficient. Because of this, we are committed to helping foster and maintain a strong community around OpenPGPjs. Today, OpenPGPjs has become the most well known Javascript PGP library with by far the largest user community. This translates to many developers from around the world reviewing and auditing the code with us to ensure that it is free of security flaws. Simply put, no other JS PGP library has undergone the same level of peer review.

The Future

We are committed to keeping Proton Mail’s cryptography open source for the long run. As time goes by, we will be continuing to open source more and more software packages as they mature. Recently, we completed the first native OpenPGP libraries for both iOS and Android which will be launched in our upcoming encrypted email mobile apps. These native libraries will allow for unparalleled performance and the best possible user experience for secure email on mobile. We look forward to continuing to support open source on mobile and beyond.

Sign up and get a free encrypted email account from Proton Mail.

Related articles

The cover image for a Proton blog, showing a phone screen with a lock logo and three password fields surrounding the phone
Here's what to look for when choosing an enterprise password manager to streamline collaboration and protect your organization's sensitive data.
  • Privacy guides
Learn how to unsend an email, how it’s useful for personal or business emails, and how Proton Mail can help.
Proton Mail and Proton Calendar winter product roadmap
  • Product updates
  • Proton Calendar
  • Proton Mail
Preview upcoming updates to Proton Mail and Proton Calendar, including performance boosts, new features, and enhanced privacy tools.
Gantt chart displaying Proton Drive plans and development of new features
Discover the tools, features, and improvements coming to Proton Drive’s secure cloud storage and document editor this winter and spring.
laptop showing Bitcoin price climbing
  • Privacy guides
Learn what a Bitcoin wallet does and the strengths and weaknesses of custodial, self-custodial, hardware, and paper wallets.
pixel tracking: here's how to tell which emails track your activity
Discover what pixel tracking is and how it works, how to spot emails that track you, and how to block these hidden trackers.