Monerujo

Monerujo is the reference Monero-only Android wallet — the privacy-first mobile XMR wallet that Android users gravitate toward when they want an XMR-maximalist option (vs the multi-coin Cake Wallet). Distributed via F-Droid + Google Play + APK, open-source from the start, supports Tor + I2P proxies natively, lets you point at your own remote node or run a community node, and has been shipping since the Android-XMR-wallet category effectively didn't exist. Listed at Grade A · editor's pick because it's the no-compromise pick for Android users who want a wallet that's structurally Monero-aligned rather than Monero-as-one-of-many-coins.

Background. Monerujo has been in active development since 2017, originally led by m2049r with a wider contributor community over time. Source code at github.com/m2049r/xmrwallet under the Apache-2.0 license. Funded by community donations (XMR address published in-app + on monerujo.io) plus occasional sponsorship from Monero Community Crowdfunding System (CCS) for specific feature deliverables. Available on F-Droid (community-trusted Android free-software store) as the canonical distribution channel, plus Google Play Store (signed identical APK for users who prefer Google's update channel), plus direct APK download from monerujo.io for users avoiding both stores. The wallet is Monero-only — no multi-coin sprawl, no integrated swap to other chains, no token-list UI; the editorial choice is to do one thing well.

What you trust. Non-custodial — keys generated and stored locally, encrypted with a passphrase, never transmitted to Monerujo servers (there *are* no Monerujo servers in the wallet path). No telemetry — the wallet doesn't phone home, doesn't have a "help us improve" opt-in that collects usage data, doesn't include analytics SDKs. Remote node trust: Monerujo connects to a Monero remote node by default (skipping the multi-week initial chain sync that a full node would require on Android); the user picks which node — community-run public nodes, your own monerod, or a Tor onion node URL. The node sees the wallet's IP and the timing of address queries, but cannot see the keys or amounts (Monero's protocol design protects content from the node). For maximum privacy, point at your own monerod over Tor. Tor + I2P proxies: native support — paste an .onion node URL and the wallet routes through Tor automatically; same for I2P.

Operational specs. Platform: Android only (no iOS — Apple's App Store policies and Monero's CCS-funded development model haven't aligned for an official Monerujo iOS build). Distribution: F-Droid (canonical), Google Play, APK direct download — all signed by the same key, all reproducible from the public GitHub source. Features: full XMR send/receive, view-only wallets (key share with bookkeepers without spend authority), watch-only wallets, multi-account + subaddress generation, integrated TX (paying a Monero address that resolves to multiple actual recipients), configurable transaction confirmation thresholds, optional third-party exchange integrations (disabled by default; enable only if you want in-wallet conversion), backup + restore from 25-word seed or polyseed. Node configuration: paste any monerod RPC URL — clearnet, Tor, I2P. Default uses community-vetted public nodes.

Philosophy. Monerujo's editorial differentiator is the Monero-maximalist mobile posture. Cake Wallet covers multi-coin + integrated swap + Cake Pay; Monerujo deliberately doesn't. The trade-off: less convenience for users who hold BTC + LTC + ETH alongside XMR, but a smaller attack surface and a smaller "what does this wallet talk to externally" footprint. For users who only hold Monero and want the wallet to reflect that focus, Monerujo is the structural fit. The F-Droid-first distribution model reinforces the editorial story — F-Droid is community-trusted, reproducible-builds-friendly, and doesn't require a Google account to install. The Google Play presence is a convenience for users who want auto-updates through Google's channel, not a primary distribution.

Grade rationale. Grade A and editor's pick reflect: 8+ years of operational continuity (since 2017); open-source Apache-2.0 codebase; F-Droid + Google Play + APK distribution (multi-channel for trust diversification); native Tor + I2P proxy support; non-custodial wallet keys stored locally; no telemetry, no analytics SDK; remote-node + own-node configuration with onion URL support; view-only / watch-only / multi-account / subaddress feature parity with the official Monero GUI; consistent community recommendation as the default Android XMR wallet for users who want Monero-only; absence of major security incidents or fund-loss reports in the last 24 months. Last verified 2026-05-13.

Useful when. You're Monero-maximalist and want a mobile wallet that reflects that — no multi-coin sprawl, no integrated swap, no extra surfaces. You're running your own monerod and want a mobile wallet that connects to it over Tor (paste your onion node URL and it just works). You want F-Droid as your primary app distribution channel (Android-Open-Source-Project pure, no Google account required). You want view-only wallet capability for bookkeeping / accountant scenarios without granting spend authority. You're on a budget Android phone where Cake Wallet's heavier feature surface is overkill.

Caveats. Android only — no iOS build, no desktop, no web. iOS users should use Cake Wallet for Monero on iPhone. Remote-node trust is the user's responsibility — Monerujo defaults to a vetted public node list, but pointing at a malicious node would let that node observe your wallet IP + query timing patterns (not amounts/keys). For high-threat use, run your own monerod or use a trusted operator's onion node. Less polished UX than Cake Wallet — Monerujo's UI is functional and mature but less marketing-polished. Users coming from iOS or from polished commercial wallets may find the UX more "Android-developer-aesthetic" than "polished consumer product." No first-party hardware wallet integration — Ledger / Trezor support is community-developed and less seamlessly integrated than Cake Wallet or Feather. CCS-funded development means feature timing depends on community votes — Monerujo's roadmap is community-driven, which is great for alignment but means specific feature requests (e.g., a particular hardware wallet integration) can take longer than commercial-team development. No background sync on iOS-style "always running" — Android battery-management heuristics may pause the wallet's syncing when the app is backgrounded; expect to open the app briefly to catch up on transactions.