The Google 1st Party Apps Transparency Log leverages transparency log technology.
The utilities of transparency logs have been proven by projects such as Pixel Binary Transparency and also Certificate Transparency.
Transparency logs are implemented with Merkle trees. This page assumes general knowledge of Merkle trees and binary transparency. See Verifiable Data Structures for an overview of Merkle trees and the main page for an overview of binary transparency effort within Android.
Log Implementation
The Google 1st Party Apps Transparency Log is implemented as a
tile-based Merkle tree of height 8.
The root of the tile contents is served at
https://gstatic.com/android/binary_transparency/google1p/apk/2026/01/tile/.
Note that this is not a regular web page: the log entries contained in its
subdirectories should be read programmatically with the Golang SumDB
Tlog library and not through a browser. We state the link here for clarity.
Refer to Log Content for a description of what each entry contains.
The Merkle tree root hash of a log, contained in a checkpoint, is served at https://gstatic.com/android/binary_transparency/google1p/apk/2026/01/checkpoint.txt in the checkpoint format. The data leaves of this Merkle tree are served as a single file at https://gstatic.com/android/binary_transparency/google1p/apk/2026/01/package_info.txt. The signature of the checkpoint can be verified with the following public key.
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEaP7xodTP5/teDOUYFAUHF0MqvOXt
+jamtcDYWxTjY99hyYczpB/cF2fxHhIqEznNpLcI2Vorl+iEchWhZ0y3Mg==
-----END PUBLIC KEY-----
The verification page describes in more detail how the various components of the log are used to verify the claims made in the Claimant Model.