[APP] microG GmsCore - lightweight free software clone of Google Play Services

Introduction
microG GmsCore is a FLOSS (Free/Libre Open Source Software) framework to allow applications designed for Google Play Services to run on systems, where Play Services is not available. If you use your phone without GAPPS this might become a useful tool for you.
microG GmsCore is one of the two core components of the microG project.
More up-to-date descriptions and instructions might be available on the wiki

Instructions
Preparation:

1. You need a 4/5/6 ROM that is GAPPS-free. Either don't install them or remove them, if your ROM ships them. Please note that microG GmsCore might run on a cleaned stock ROM, but it might also brick it or cause random bugs. Be aware that only latest Android versions (4.4+) are regularly tested and thus prioritized over older versions when issues occur.
2. You need a ROM that supports signature faking. Some custom ROMs are patched to support signature faking out of the box, including all OmniROM-based ones. Stock CyanogenMod denied the inclusion, as the possibility of third-party play services implementations is considered a security issue (read here about why it's not). Please ask your ROM developer if unsure. The latest version of signature spoofing for Android < 6.0 has to be enabled at the bottom of the developer settings first. If your ROM does not support signature faking, but you use Xposed, you can grab a Xposed module here.
   If you are a ROM developer or just do custom builds for whatever reason, you can download and include the patch from here and here for Android 5.1 or here for Android 6.0.
3. Remove UnifiedNlp. In case you installed it before. You can keep your backend modules installed, microG Services will be able to use them later and provide the same feature set (to be precise, microG Services includes UnifiedNlp).

Installation:
The installation does not require any modification of the /system partition. All installations should be done using the default app installer included with Android or using `adb install`. This means you need to enable third-party sources or developer mode first.

1. Install GmsCore.apk as provided in the download section below.
2. If you want to use Google Cloud Messaging ("Push-Notifications"), Install GsfProxy.apk as provided in the download section below. The GsfProxy version does not need to match the GmsCore.apk version.
3. • If you have BlankStore installed, continue with the next step.
   • If you want to be able to access the Play Store, install BlankStore from its thread. It is not a requirement that you set it up correctly and this is not covered by this instructions. If you need help ask in the original thread.
   • If you don't care about Play Store access, Install FakeStore.apk as provided in the download section below.
4. Open the microG Settings, which are available in the launcher now. If you want to use any Google services (Log-In, Cloud Messaging), tick both checkboxes for background services. This is the only supported setup, but you are free to disable them if you like playing with fire. You can also open the UnifiedNlp settings to enable the location backends of your choice. If you don't have any yet, check out F-Droid. For further questions and concerns regarding UnifiedNlp, use its corresponding thread.
5. Reboot your device. If you skip this step, everything unwanted is possible.

Using it:

• You can test Google Cloud Messaging using this test application. Push notifications do not require account registration.
• You can add an account through the system settings. Some applications might ask you to do so, if you don't.
• Use your applications as you like. But note that apps that use Cloud Messaging must be installed after GmsCore, else they will not work. Some hint of applications that can run due to microG GmsCore: TextSecure/Signal, Play Music, YouTube
• When using AdAway make sure to put mtalk.google.com on your whitelist, else problems are likely to occur when using Google Cloud Messaging. Thanks @benstyle1 for the hint.

Downloads
See this wiki page for Downloads. You can find details on the F-Droid repository on https://microg.org/fdroid/.

Signing key
The NOGAPPS and microG Project use a shared signing key. Apps and the F-Droid repository are signed using this key. You can verify app signatures using the Checkey app (not when signature spoofing is enabled) and the F-Droid key in F-Droid repository details.
The SHA-256 hash of the key is:
9B D0 67 27 E6 27 96 C0 13 0E B6 DA B3 9B 73 15 74 51 58 2C BD 13 8E 86 C4 68 AC C3 95 D1 41 65

Current implementation progress
Please check this wiki page for up to date implementation progress.

Please report bugs
This project is still rather unstable. Please report bugs as they occur. Whenever you report a bug, please tell us what application caused the bug, including its exact version. If you're the developer, name the play services library you are using. Please do not bother the original app author when it might be related to microG services. If the problem is related to geolocation with UnifiedNlp, report it in the UnifiedNlp thread, even if you're using it through GmsCore.

Thanks
Big thanks to everyone who continuously supported me doing this, by donating, pull-requests or just feedback.

XDA:DevDB Information
microG GmsCore, App for all devices (see above for details)

Contributors
MaR-V-iN
Source Code: https://github.com/microg/android_packages_apps_GmsCore


Version Information
Status: Beta
Current Beta Version: v0.2.13.203915
Beta Release Date: 2020-10-19

Created 2015-10-04
Last Updated 2020-10-20

I am still alive, but just super busy.

Starting end of February, I set aside 20 hours a week to work solely on microG.

But please don't expect any update earlier than that, I have to ensure that there are no loose ends before I remove myself from some of the obligations I have right now, so probably will be even busier than before.

Thanks for your ongoing support everyone.

Nice! Even original Play Store started to work with this! Not fully, but now you can login, search for apps and see already installed ones. Just download doesn't work yet. Keep up good work! Original GMSCore is android cancer.

Thanks for your feedback @emandt. I appreciate it, although it's impossible for me to not agree with @Ultramanoid that it feels like trolling. I will try to answer to all your concerns.

It's true that Google API change. This project has some history and still uses some code from 2013. In the meantime, I saw some API changes, but most APIs stay stable. This is because not all play services users update directly and Google does not want important system features to break. I know that Google is aware of this project (or atleast some Google employees are) longer than you are and atleast one change in the web service implementation was targeting a third party software, with microG being the only one I know that fits into that. So yes, I agree that Google is unlikely to be happy with this project. But as Ingress players know, even the mighty Google is not able to block users out that really want to do something with their services. We will always find a way.

This project is all about privacy. As mentioned above it existed long before I posted it here on XDA and it was reviewed by several people. I also know that at least one "Android company" is working with it. The source code is still fairly simple to follow, and if you want you can check every future commit (and those from the past) one-by-one. It should also be noted that I built privacy related tools for Android the last years, some of them being published here on XDA as well or being integrated in e.g. OmniROM.
As I don't want users credentials to end up in wrong hands, microG GmsCore doesn't even safe or access your google account password, the login is done through Google's OAuth based website.

You complained that not "any warning/advice about privacy, credential or critical actions" was stated on the first post. As you mentioned that you're a XDA user for ten years, this can only be trolling: I never saw a ROM or Patched WhatsApp or darkened Play Store or anything else on XDA state something like this in the first post. And most of them were not open source. I expect users to be able to think theirself that, if you enter confidential data, random things might happen with that. I actually pointed that out by mentioning that "This is currently alpha-grade Software. Don't use it if you're not aware of possible consequences." in red letters

I agree that payments are crucial and it is important that they work fluidly. Until now I did not implement anything related to payments for that reason. Inside Play Store, payments are not directed through Play Services, so this is nothing to fear about (this is all about microG GmsCore now, not about a future implementation of the Play Store). On the other hand, as already pointed out by others, payments should be managed server side. It should NEVER be possible to pay more than needed.

Reducing the enormous size and bloat in Play Services is one of the goals of the project. And I'm quiet sure that this will be possible, because some things inside Play Services just don't need to be there or can be made a lot simpler. The majority of the size until now actually do not really belong to the project (but is the map rendering library used in the backend and the android-support libraries). I did not use proguard until now, I have a single release for all major instruction set (play services use multiple) and 500KB of assets that can also be reduced in size. Although i did not try it yet, I am quiet sure the size final packages size will stay below 10MB. I am not going into details why play services is so huge here, if you're interested in that, ask me when we meet in person.

And finally I wanted to point out that most Google applications do not user Play Services intensively. Play Store is using it primarily for Auth and checkin, as well as some smaller things like advertisement id. Only Google Plus related apps (Google+, Hangouts) use Play Services a lot. This is not really a surprise considering that Play Services was originally invented for Google+ and OAuth 2 APIs.

Finally, I'd like to thank you for the insights in your feelings about this project. I guess these answers will not sufficiently satisfy you, but there is not a lot more I can do. Trust me or don't - it's up to you.

Puh, what a post...

b.roid said:

what is the best way to download this these days? little confused by all the different updates and forks.

is f droid repo a good place to install from still?

Click to expand...

Click to collapse

Here's what I know:

NanoDroid is an app pack that contains, among other things, MicroG. It also replaces system apps and is compatible with Magisk overlays. It is configured with a text file that can be generated using a zip installer with Aroma. It is currently using @Setialpha's fork of microG. There are also basic subset packs for just MicroG or just system app replacements. It comes with a patched version of Play Store that allows for IAP, but can also install FakeStore.
@ale5000's zip I think was the first of the unofficial zips and AFAIK just installs official MicroG and related dependencies, as well as removing conflicting apps (important for location services), which NanoDroid does as well. I'm not following the thread for this zip for some reason, and probably should find it so I can follow it. AFAIK, there is no simple configuration for this zip.

My zips are built by downloading the latest MicroG apps by parsing the F-Droid repo's index file for URLs and thus only follows official releases. There are separate zips for installing with FakeStore, official Play Store, and the NanoDroid patched Play Store. There are also separate NoGapps packs that mirror OpenGapps but with apps from F-Droid (and no MicroG, as that's in a separate installer). Configuration is done at build time, but I provide my build tool and build recipes for easy modification.

The NoGoolag installer I think is most similar to NanoDroid in that it installs its own fork of MicroG as well as F-Droid system app replacements. I'm least familiar with it, but it's in pretty active development, for what that's worth. I don't know much more about it than that, though.

All of the above zips AFAIK will ensure best compatibility with your device by uninstalling system apps that will interfere, e.g. with location services; extracting libraries from apps that get installed to /system (Android generally can't find the libraries otherwise); and similar things. This tends to provide a better/easier experience than installing straight from F-Droid, though that is still a valid option. Also, if you use an installer that uses the official MicroG, you can get updates from that F-Droid repo.

TL;DR: Which installer you use will depend on what you're looking for from it. I will almost always recommend mine, but I am opinionated on the subject. It may be worth you looking deeper into what each does and does not provide and if you need that thing, then make a decision. I would highly recommend using one of the zip installers though, even if it's not mine.