The Android Mainline Modules Transparency Log uses verifiable data structures to ensure the integrity of Mainline modules.
The utility of transparency logs has been proven by projects like Pixel Binary Transparency and Certificate Transparency.
Transparency logs are built on Merkle trees. This page assumes general knowledge of Merkle trees and binary transparency. See Verifiable Data Structures for an overview of Merkle trees and the main page for an overview of binary transparency efforts within Android.
Log Implementation
The Android Mainline Modules Transparency Log is implemented as a
tile-based Merkle tree of height 8.
The root of the tile contents is served at
https://gstatic.com/android/binary_transparency/mainline/2026/01/tile/.
Note that this URL is not a standard web page. Instead, the log entries in its
subdirectories should be accessed programmatically using tools like the
Golang SumDB Tlog library.
Refer to Log Content for a description of what each entry contains.
The Merkle tree root hash of the log, contained in a checkpoint, is served at https://gstatic.com/android/binary_transparency/mainline/2026/01/checkpoint.txt in the checkpoint format. The data leaves of this Merkle tree are served as a single file at https://gstatic.com/android/binary_transparency/mainline/2026/01/module_info.txt. The signature of the checkpoint can be verified with the following public key:
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEr6nPds8eKCYU42avidXNM1GDCtQ/
66GjGuIpUcZjqQNngwRFVCFZDpWuvDnqXzhJRxqccL9lbeEVVZGpa4x6pg==
-----END PUBLIC KEY-----
Because Mainline modules are similar to APKs, the verification methods described on the Google APKs verification page apply here as well. You can use the methods there to verify the claims made in the Claimant Model.