There was no principled exit from a project but rather from a company. GrapheneOS started in 2014 and was previously called CopperheadOS. We still use multiple of the 2015 era GitHub repositories.

A company which I co-founded in 2015 where I still own 50% of the voting shares was taken over and many illegal actions were taken in an attempt to take over my open source project and then spent years trying to destroy it when that failed. The company was then used as a weapon to wage a war against myself and GrapheneOS for years. A large of donations were stolen and repurposed for attacks on the project people made those donations to. Meanwhile, the company entirely depended on repeatedly forking GrapheneOS to sell it as a project. We stopped them from doing it through legal action and it's essentially over. It took a very long time to rebuild GrapheneOS and the attacks they started never stopped.

I continued working on the same project after the failed takeover attempt and it turned into a much bigger project where I'm no longer anywhere close to the most active developer. I mostly do organization tasks including giving developers tasks and system administration, not development. It's quite hard to do development when you're harassed throughout the day, every day, to an extreme level. It took away my ability to do the kind of creative work involved in development for the most part. I leave that up to others now. I don't even do much code review anymore but rather delegated that to others too. I don't know why people continue claiming otherwise when it's plainly not the case.

> I'm not sure how to do that, but it may include communicating who is involved (not just names, but why they should be trusted), and what safeguards there are against mistakes and compromised/rogue individuals.

We have to protect our team from relentless harassment including swatting attacks. Our moderators aren't allowed to use accounts tied to their real name since otherwise they'd be heavily targeted. The same applies to our community manager. We generally recommend developers avoid using their real name unless they're able to tolerate being tolerated. We avoid having people's names tied to things when we can. It was a mistake to do it in the beginning and can't be undone for myself but others can avoid being targeted. I don't think many people would be willing to work as a community manager or any other public-facing role in GrapheneOS if they had to use their real name. That's especially true if they're part of around half of the people who are women or many other groups who would be targeted specifically for their identity alone.

> I say this because GrapheneOS may be the best candidate for a trustworthy smartphone platform right now, and I hope for the best followthrough and success of that.

Continued success unfortunately enrages people who have been trying to harm us for years as can be seen throughout this thread. It's not getting better and I don't think many people want to be exposed to it.