Category

developers

Roadmap Update: no more free VPN, nodes get paid in $MYST

mysterium VPN

Has that gotten your attention?

 

Mysterium Network is maturing, alongside our wider ecosystem. With the freedom of speech online being debased, a global pandemic and other macro forces in play  – we see it as a priority to enable peer to peer payments in the most frictionless way possible. 

As we have written previously, transaction fees on Ethereum have proven to be a problem. But we have found the workaround.

To dive deeper, read these blogs:  

1. Layer 1, 2, 3 – and beyond: The search for the cheapest and fastest microtransactions. [2020]

2. Mysterium Network’s Head of Product, Jaro Šatkevič breaks down a lightweight solution for Mysterium Network payments

3. Mysterium Network micropayments whitepaper [2019]

 

Mysterium Network Updated Roadmap Q4 2020

What does this mean?

 

Step one: Network Fork 1

 

All users and node runners within Mysterium Network will have to upgrade into testnet version two (Testnet 2.0).


What is Testnet 2.0?


a) New smart contracts on Goerli testnet – Mysterium Testnet 2.0 will be using new test MYSTT token, same code as new MYST token, with `permit` function and 18 zeros (instead of 8) after the comma. We will also be using a new set of payments smart contracts which will halve settlement of collected funds and add support for being used in multiple chains.

Read more in our deep dive on Layer 2 solutions so as to avoid ETH transaction fees.

b) Payment processor integration into apps  – this will provide the possibility for dVPN consumers to top-up via their Mysterium account with a set of different cryptocurrencies (such as BTC, LTC, ETH, BCH, DAI or USDT). Paid funds will be converted into MYST (or to MYSTT while in testnetv2) token and be sent into the user’s payment channels (top-up address) on the blockchain.

c) 1 MYSTT will be equal to 1 MYST. Also, bounty payouts will be done in MYST tokens. Previously we have pegged 1 collected MYSTT to 1 USD and did node runner bounty payouts in ETH. To take us closer to MainNet environment conditions, the time has come to implement pay-outs in MYST tokens. We will be still using our ETH bounty fund reserves, but we will be buying MYST token on the market to do payouts for node runners.

Users will have to update their applications. You will be given a starter kit of MYSTT. Following this users will need to top up using BTC, LTC, ETH and other cryptocurrencies.

Existing Node Runners will need to upgrade their node into the newest version, network upgrade will be done under the hood.


Please note: 

  • Node runner bounty will be paid only for Mysterium Node Runners running on Testnet 2.0 
  • Node runners will begin to receive payouts in $MYST. 


A month after the transition begins, testnet 1.0 will be completely destroyed. Network fork ends.

Step two: 

 

We will be releasing BetaNet (silent launch for a limited set of test users) and upgrading Testnet 2.0 to use some of Ethereum’s sidechain and cross-chain payments (consumers will be on a sidechain testnet, and node runners will have their accounts on Ethereum Goerli testnet).

This upgrade will happen under the hood and users may even not recognise that such change happened.

This will mean cheaper on-chain transactions for users and node runners as account registration and top-ups will happen on the sidechain instead of Ethereum Blockchain, once on MainNet.

Stay tuned for exciting integration partnerships coming very soon. Subscribe to our newsletter to hear it first. 

As you can clearly see, the nature of the service we are offering and the emerging markets that we are a natural ally to, make Ethereum’s current transaction fees a lock out when onboarding new customers. 

As such, like many other Ethereum-based projects, Mysterium Network has had to reroute our roadmap in search of scalability solutions to give our users the cheapest and fastest service possible, while maintaining decentralized and noncustodial architecture. 

In the following sections, we will review existing Layer 2 solutions in relation to Mysterium Network’s use case, explaining how they offer both opportunities and limitations.

Step three:
Testnet as we know it is going to be destroyed.

Step four:  

 

All users and node runners within Mysterium Network will be upgraded onto Mysterium MainNet in 2021.

 

What is MainNet?


MainNet is Mysterium Network on Ethereum Blockchain. All internal payments will be done using real MYST tokens.

Users will pay as they go for VPN service on Mysterium Network. Mysterium Network will run a few free nodes so that new users can test the service before topping up their account. This is also when we will look to roll out our much-awaited referral program, and other user-focused bounties. 

Node Runners will continue to be paid in MYST. This marks the end of the Mysterium Node Pilot No provider bounty is needed at this point and node runners can settle collected funds any time you like.

What happened to our Mysterium Pro plans?


As we had previously written, we were considering Mysterium Pro as our solution to high Ethereum transaction fees

Thanks, to Multichain support and the ability to use sidechains for consumer payment channels (top-up wallet management), we can avoid releasing a custodial MysteriumPro solution and instead merge its best features (such as pay in different cryptos, or one-click connect) into the default Mysterium VPN application itself. 

Onward to MainNet

 

Mysterium has been hard at work getting peer to peer payments implemented within the network. This has meant the navigation of a quickly shifting technological landscape. We wouldn’t be here without our community of node runners, users and token holders. 

We thank you for your ongoing support and are excited about the new changes to come as Mysterium Network grows to meet the new and very real challenges of our times. 

If you haven’t already, download Mysterium VPN or start to run a node.

Layer 1, 2, 3 and beyond: The search for the cheapest and fastest microtransactions

How many layers does it take to get cheap and fast microtransactions?

Building on top of a quickly iterating Layer-2 scaling ecosystem has meant murky navigation of several new technologies. This is especially difficult for builders looking to find workarounds for high transaction fees on the Ethereum blockchain. 

The recent DeFi boom has led to users cramming into Ethereum Network and creating a large backlog of unprocessed transactions. This has meant network congestion, and high transaction fees – both of which are natural killers for decentralized applications and networks. 

Why are cheap and fast microtransactions important for decentralized networks? 

In Mysterium, a decentralized VPN, payments are peer to peer. Consumers of VPN are directly paying exit node runners for VPN service. As such, there is no middleman with the power to freeze payments. This means that payments happen minute by minute, with transaction values as small as 0.0001 USD (in our native token MYST).

The nature of the peer to peer, and second by second service consumption mean that decentralized VPNs, and other incentivized distributed networks depend on microtransactions as a means of reducing risk within their network economy. Learn more about peer to peer technologies.

Earlier this year, we released our own Layer 2 solution (based on payment channels) on Testnet. This enabled users to transact with one another autonomously, without a need for an intermediary (including us) and without touching Layer 1 (Ethereum blockchain). This introduced super cheap and instant transactions, and allowed paying with values as small as $0.0001.

However, one of the challenges with payment channels, our protocol included, is the need to have specific on-chain transactions. In the case of Mysterium Network this is seen in two events, dVPN account creation and top-up. 

Onward - the search for scalability

User story: As a user in Nigeria, I am looking for a VPN solution that lets me pay for what I consume. I am unable to afford the expensive subscription pricing of traditional VPNs. I try Mysterium VPN, which allows me to stream a video for $0.05 USD in MYST on their freemium version. I run out of free MYST and want to add an additional $1 USD (in MYST). I try to top up. It costs me $2.25 in ethereum tx fees to top up my Mysterium Account. I delete the app.

See our how our userbase is growing in Nigeria.

As you can clearly see, the nature of the service we are offering and the emerging markets that we are a natural ally to, make Ethereum’s current transaction fees a lock out when onboarding new customers. 

As such, like many other Ethereum-based projects, Mysterium Network has had to reroute our roadmap in search of scalability solutions to give our users the cheapest and fastest service possible, while maintaining decentralized and noncustodial architecture. 

In the following sections, we will review existing Layer 2 solutions in relation to Mysterium Network’s use case, explaining how they offer both opportunities and limitations.

Methodology: An Overview of Existing Solutions

Recently at Mysterium we did more research on various Layer 2 solutions and conducted an overview of the most recognised and trustworthy ones in 2020. In this overview, we looked at different sidechains, taking into consideration the differing motivations and user personas of actors within Mysterium Network – [Consumer/ User; Provider/ Mysterium Node Runner]. 

1. Sidechains or alternative blockchains with bridges to Ethereum blockchain

These types of solutions are characterised by xDAI, MaticRSK (RSK is creating bridges into Ethereum, meaning that you can technically move Ethereum based assets onto this Bitcoin sidechain).

The main value proposition of these solutions is they are scalable, capital efficient and offer fast withdrawal into Layer 1. The main drawback is that validators control the network and are able to freeze and confiscate funds with consensus.

This make sidechains unattractive to DeFi (who lock hundreds of millions) offerings, while they remain relevant for a decentralized VPN use case such as Mysterium Network. This is due to the fact that DeFi carries with it different risks when compared to a dVPN.

Matic Network

The following two examples, Plasma and Rollups are different articulations of sidechains, built more specifically for the Ethereum ecosystem.

2. Plasma

Plasma is a framework proposed for scaling Ethereum using hierarchical sidechains. Plasma type sidechains (also referred to as child chains) allow a majority of transactions to occur outside of the Ethereum blockchain. Only deposits and withdrawals, and points of entry and exit are handled on the main blockchain smart contract.

To make sure that transactions are final, Plasma operators run a “state commitment”. This is a cryptographic method for storing a compressed version of the state of sidechain inside the Ethereum blockchain. This storage of a compressed version of the state impacts the user experience of Plasma as it makes it challenging for users to withdraw their tokens. Users are required to be both online frequently and to download data.

While offering significant speed (up to 1000 transactions per second) and latency improvements over Ethereum, Plasma cannot offer the near-zero latency and near-free transaction fees required for a decentralized VPN micropayments solution.

One of the differentiators, and drawbacks of Plasma as a Layer 2 solution is it allows users to leave the network at any time – an action referred to as “exiting”. This means that users can safely withdraw their funds from Plasma even if it is shut down by validators. But this has to be done in a certain period of time and done by everyone. Read more about the mass exit problem in Plasma.

Another drawback, Plasma is not 100% EVM compatible. This would mean any decentralized application building on Ethereum would have to update their smart contracts or it might even not be possible to build on Plasma

Dive deeper into Plasma and its potential applications within distributed networks in Mysterium Network’s Micropayments Whitepaper.

Plasma network

3. Rollups

Rollups are Layer-2 scaling solutions similar in form to Plasma in that a single mainchain contract holds all funds and a cryptographic commitment to larger sidechain state. This state is maintained by users and operators offchain, providing an independence from Layer 1 storage. This is the biggest scalability benefit of Rollups.

 

    1. Optimistic Rollups


      Optimistic Rollups are constructions which enable autonomous smart contracts on Layer 2 using OVM. Borrowing heavily from both Plasma and ZK Rollup designs, Optimistic Rollups trades of some scalability to enable running fully general smart contracts on Layer 2, secured by Layer 1.

      It promises an easy way to migrate existing decentralized solutions and services with a reasonable degree of security/ scalability trade offs. Karl Floresch goes into more detail on Optimistic Rollups and OVM.

    2. ZK Rollups


      ZK Rollups is a Layer 2 solution where data is placed onchain.

      With ZK Rollups operators generate Zero-Knowledge Proof (SNARK) for every state transition, making it impossible for operators to commit an invalid or manipulated state.

      ZK Rollups should theoretically be able to process up to 2,000 transactions per second. 


ZK Rollups solution differs from Plasma as it solves the mass exit problem, meaning that validators are unable to freeze funds and users have no time limit to move funds out of Layer 2 even in case of emergency This makes ZK Rollups a great fit for both DeFi or cold wallets for Hodlrs. 

Its most known application is Loopring, a next-generation high-performance decentralized exchange and payment protocol also focused on scalability.

The challenge with ZK Rollups is the fundamental limitation in transaction amounts [2000 transactions per second], with current real world implementation, Loopring, achieving 500 transactions per second. 

Also, while transaction costs are lower than Ethereum, they cannot in theory be more than 100 times cheaper than Ethereum’s transaction costs. Most like 20 – 50 times cheaper according to our math.

Also, ZK Rollups are the more sophisticated and long term answer. Which as always, will take a longer time to implement. 

zKRollup

4. Payment channels

We have written extensively about payment channels both within our micropayments whitepaper released in 2019, and in several of our more recent updates:

    1. Introducing micropayments on Mysterium Network
    2. MYST, Migration and Mainnet
    3. Mysterium Network begins token migration

TL;DR

Payment channels fuse together the technologies and methodologies used by other payment solutions such as State Channels.

With payment channels parties exchange digital value without committing transactions to the blockchain. Only channel opening and closing are logged on the blockchain.

To open payment channels both parties have to lock some funds into a multisig smart contract. This allows both parties to update channel balances without the fear that funds will be double spent or stolen.

As these microtransactions are “commitments” rather than on-chain payments, we drastically reduce the total amount of transactions sent to the blockchain.

We dive deeper into what payment channels are, and how we envision them functioning in our micropayments whitepaper. Read more.

How are payment channels different from Plasma, ZK Rollups and Sidechains?

Layer 2 solution

From a technical perspective, Plasma and zkRollups – all fall into a wider umbrella of sidechains. Sidechains are fundamentally different in nature from payment channels. We highly recommend “Evaluating Ethereum Layer 2 Scaling Solutions: A Comparison Framework” for a deeper dive into the distinct differences between sidechains.

In our comparison of Layer-2 solutions, we saw that while Rollups are great in terms of security and give significant scalability over Layer 1, they do not completely solve for the challenge of micropayments needed for Mysterium Network. They have a limit of 2K tx/sec, and they don’t give users instant finality. Also the transaction price is still too expensive for $0.001 transactions.

In the following section we will explain how payment channels, and more specifically unidirectional payment channels are the best fit for the peer to peer decentralized virtual private network use case in Mysterium Network.

Payment channels are different as they are:

  • Flexible – i.e. able to live on layer 3, or 2 
  • Cheapest solution when it comes to transaction fees.
  • Most scalable in terms of peer to peer payments.
  • Could be used for cross-chain payments (e.g. from one side-chain to another, or from Layer 1 to Layer 2).

Sidechains (broadly speaking to include Plasma and ZK Rollups) bring with them limitations on transaction amounts. Payment channels on the other hand, could be foundational to cross-chain interoperability as they allow payments to move from one chain to another without custody – with zero costs, and in seconds. Don’t take my word for it, hear it from Vitalik himself.

Unidirectional vs Bi-directional payment channels

Why unidirectional payment channels?

In the case of Mysterium Network, most network actors are either consumers or providers (nodes) of VPN service. Payments are always going in one direction. There is only a need for providers (Mysterium Nodes) to rebalance the payment channel and settle earned tokens on Layer 1. 

Bi-directional payment channels are more complex and do not give Mysterium Network’s use case much value. Also, thanks to unidirectional payment channels our consumers don’t need to have apps online all the time to ensure that their funds will not be stolen. 

 

Payment Channels as Layer 3, on top of Layer 2 

As we continued to take apart different Layer 2 solutions, we came to the same conclusion. Payment channels – as described in our micropayments whitepaper – should be on Layer 3. 

  • Consumers of VPN service need at least one onchain transaction to top up their funds. With payment channels on Layer 3, we can capitalise on cheaper channel openings (account creation) and top-ups on Layer 2. So adding $1 to your dVPN app account will cost users 2 cents, not 2 dollars. This would greatly reduce friction in onboarding new users.
  • Providers of VPN service need at least one onchain transaction once in a week or so to receive their funds. In payment channels, once the value of the offchain commitment is bigger than the channel size, a settlement onchain is required. By offering flexibility we can let providers choose whether they choose to settle on Layer 2, or Layer 1.

    Why is this important? Some providers may send their funds to DeFis or exchanges often, this will mean moving from Layer 2 to Layer 1 regularly. As such being on Layer 1 makes more sense for providers with this particular profile. 

In a world of zkrollups, payment channels can be used as bridges within networks. – Vitalik Buterin

In conclusion: Multichain, cross-chain and the future of interoperability

We did all that research to find a solution for our own problem. We believe that we found it! 

Just to recap:

  • Ethereum transaction fees are killers for decentralized applications and services which depend on cheap onchain transactions
  • ZK Rollups seem to be a promising Layer 2 solution, but unfortunately, it is new and smart contract support is only on testnet. We will need to wait for at least half a year or longer. 
  • There are good sidechains such as xDAI and Matic network, but no one knows which will gain mass adoption or how they will evolve. Being tightly connected to one blockchain is a risk to Mysterium Network, or any decentralized service. It may mean a hard and complex migration in the future. 
  • Payment channels are able to be used in cross-chain transactions – this means that consumers of VPN services can hold their wallets on Layer 2, while a provider is on a different Layer 2 or even on a Layer 1 blockchain. 

Mysterium Network will be deployed on multiple chains and we already are working on cross-chain payments support. We see this as the future for most payment channel-based solutions. 

Exciting updates to our roadmap and partnership announcements coming soon. If you haven’t already – Get Mysterium VPN: Free on Testnet.

VPN vs Tor — which is better?

VPN vs Tor

VPN vs Tor vs dVPN - What are the real differences?

The internet was not built to be private and secure by default. This means no matter what you do online, there’s always some new malware or cybercriminal trying to get to you.

In this VPN vs Tor vs dVPN comparison, you’ll learn just how good these security tools are when it comes to hiding your information and keeping you safe online.

Want to skip the read? Check out this video where we sum up the VPN, Tor browser and dVPN solutions.

What is TOR - is TOR a VPN?

Tor is a privacy project that launched in 2002. It’s an open-source and free browser that enables anonymous communication online. It was first developed by Syverson and computer scientists Roger Dingledine and Nick Mathewson, who originally called it The Onion Router (Tor) project, due to its “layers” of encryption.

Tor browser and VPNs are similar in their aims but not in their technological approach. While both are great at hiding your identity and ensure your browsing activity is kept private and encrypted, there are certain advantages and disadvantages to each. That’s why using the two systems together is your safest bet for securing your digital privacy.

VPN vs Tor

How Tor works

The Tor network utilises a system that was originally developed by the US Navy to protect intelligence communications. It “bundles” your data into smaller, encrypted packets before it begins routing these through its vast network of nodes, which can be run by anyone for free.

The chosen path is randomised and predetermined, and your traffic will pass through a minimum of three relay nodes before it reaches a final exit node.

Each time your traffic passes through a relay node, a “layer” of encryption is removed, revealing which relay node the traffic should be sent to next. Each relay node will only be able to decrypt enough data to identify the location of the next relay, and the one before it who passed on the traffic.

Exit nodes, however, remove the last layer of encryption. It can’t see your location or IP address, but it is possible for an exit node to see your activity if you visit an unsecure website (one that is not HTTPS).

VPN vs Tor

How does a VPN work?

A regular VPN seems much simpler, because a company simplifies everything with a nice user interface and additional features. You can run an app in the background, or connect through a browser extension, while you access sites around the world.

Your VPN provider will keep you hidden and encrypt all of your data, directing all your traffic to a remote server owned or hired by them. You can usually choose from a list of servers located across the world, so you’re able to access the internet via a secure and private connection, and unblock your content based on where a website is located. However, your protection has its limits, and you won’t be completely anonymous.

What is a dVPN?

A decentralized VPN mimics the architecture of Tor more closely, but has the same ease of use as a VPN. As a peer to peer system, you plug into a global network of nodes run by people voluntarily. Unlike Tor network, all nodes are paid for providing the VPN service and keeping the network powered and safe.

One example of this in action is Mysterium Network. This dApp (decentralized application) allows people to select the connection from a list of available nodes (mostly providing residential IP addresses) from around the world. Traffic is encrypted and directed through the network, and users pay the provider for the minutes they are connected and the traffic they’re sending through those nodes.

But how do all these popular privacy tools really compare?

This breakdown explores the most important differences between VPN, Tor and dVPN, comparing new features, access, connecting speed, rewards and more.

For this comparison, we use Mysterium as an example of a dVPN, though there are other projects out there, each with their own technical approaches, solutions and advantages.

Network design

dVPN

A global collection of nodes (usually run in people homes) power a VPN network by sharing their bandwidth P2P in exchange for cryptocurrency. Anyone can easily become a node and also download the VPN app to select from a global menu of node IDs.

Tor

The main goal of Tor is privacy and anonymity. It’s a browser that anonymizes your web browsing by sending your traffic through various nodes in the Tor network, which can be hosted by anyone. Traffic cannot be traced as each node encrypts it and hides the source IP.

VPN

Not a network, but more a global, centralised service that uses dedicated data center servers around the world in hundreds of different locations. Centralized VPNs also allow P2P traffic on certain servers and can additionally provide Dedicated IP address, Double VPN, Onion Over VPN and connection to the Tor anonymity network.

How are nodes rewarded?

dVPN

Nodes set their own price based on supply and demand. This unique micropayments system utilises cryptocurrency payments, so nodes can sell their bandwidth in small intervals, ensuring security and convenience.

Tor

Tor doesn’t have incentivisation. All nodes are operated by volunteers. This lack of incentivisation for nodes in the network has meant it remains relatively small (after 10+ years of development, it still only has 6500 exit nodes).

VPN

No rewards or incentive – centralized VPNs are businesses who own the infrastructure and charge customers for the service.

Node onboarding

dVPN

Anyone can run a node using their laptop, or even mini computers such as a Raspberry Pi. (In theory, even mobile devices can run one). Node runners can link their crypto wallet address via an easy to use dashboard, and track earnings.

Tor

Anyone can create and run a Tor node. However, there are various technical requirements and it’s recommended that you do not run a relay (non-exit) node from a consumer-level route, as it may overwhelm it.

VPN

VPN companies manage their own servers/exit nodes, so all setup and maintenance is done by company’s employees. By paying for the service, you get access to the VPN service, but do not help power it.

Costs & fees

dVPN

Users pay in cryptocurrency for only the bandwidth they consume on a pay-as-you-go model. Nodes earn cryptocurrency directly from users of this VPN service. They will pay a small fee to payment hubs for validation of their payments, similar to paying miners for processing transactions in a blockchain network. (Mysterium is currently free to use while in BETA)

Tor

Tor is free to use.

VPN

Monthly subscription model, rather than a pay-as-you-go structure. Sometimes users are even motivated to pay for a 3 year subscription in advance.

User Security

dVPN

As a fast and scalable security layer to reinvent privacy via VPN, it’s built so that different protocols can be plugged into the network.

A traffic slicing solution could send traffic to different services via different nodes. Thanks to Wireguard and OpenVPN protocols, it’s already encrypted, so even ISPs can’t view what is in there.

Tor

While Tor has better privacy properties, offers protection via anonymity, it’s not risk free. Your ISP can still see that you’re connected to Tor. This could lead to surveillance, as US government agencies (FBI/NSA) are constantly trying to crack Tor and discover its users web activity. Note that installing Tor is not illegal, but if you’re looking at things you shouldn’t, keep in mind arrests have been made in the past linked to Tor users’ browsing activity.

The owner of an entry node will be able to view your real IP address. After this node hides your address, the rest of the nodes will no longer know who you are or what sites you visit. The last node will see what you’re looking at, but not your identity. This presents some risks when using the network, but in terms of fully private internet access, it is the best available option at the moment.

VPN

Traditional VPN services route all their customer’s data through a remote server, hiding IP addresses and encrypting all incoming and outgoing data. For encryption, they use the OpenVPN and Internet Key Exchange v2/IPsec technologies in their applications. One company admits their servers were hacked due to an expired internal private key being exposed, potentially allowing anyone to spin out their own servers imitating their own.

Additionally, a VPN exit node knows a user’s IP, destination addresses, and in many cases (because of fiat payments) even user’s identity (name, email, etc.). If that destination is not encrypted (e.g. not using HTTPS), they can see the content you’re accessing, which may compromise your security.

Logging policy

dVPN

No centralized logs! The distributed architecture removes any technical possibility for collecting or storing logs centrally.

Tor

Some hypothesize that a number of nodes are run by malicious actors (eg. the NSA) who could potentially control enough nodes to effectively track users. The network itself is unable to store logs, however a Tor entry and exit node may be able to see your activity or IP address, but actually piecing the information together to identify you would require a lot of effort.

VPN

In theory, a centralized VPN *could* keep logs of a user’s activity, but many state they are committed to a zero-logs policy. However, nobody can be really sure that they’re not cooperating with governments or not selling user’s browsing data to 3rd parties.

Node Security

dVPN

Mysterium allows users to select whitelisted traffic only, designed to protect nodes. However nodes can choose to accept any kind of traffic and increase their earning potential. They’ll soon identify and block bad actors from the network through the use of registered identities and reputation system.

We are currently in R&D for a traffic slicing solution which will allow node runners to preselect the type of traffic they are willing to run through their node – i.e. social media, blogging, streaming, etc. while the remaining traffic could be sent forward into Tor or rejected.

Tor

Running a node can be risky, as you can potentially receive a lot of shady outbound traffic as an exit node. Being an exit node comes with the highest legal exposure and risk, so you should not run a node from your home. Your ISP may disconnect your service and you may receive some letters from various authorities.

VPN

Nodes are protected as the centralized VPN assumes all security and legal risks.

Ease of Use

dVPN

Simple apps can be used on desktop or a mobile device.

New nodes can get set up in just 5 minutes and 5 steps via a simple, user-friendly dashboard. There is a knowledgebase with all relevant guides and information, and support team on hand to help. Users will need to have some basic understanding of cryptocurrency, and how to keep it secure. An Ethereum wallet is easy to set up and you can receive payments any time.

Tor

Anyone can download and install Tor browser to connect to the internet (similar to any other browser).

However, browsing is quite slow (as all your traffic has to pass through numerous nodes first). Its practical usability suffers (e.g. not being able to unlock media content) but this drawback is the exchange for better anonymity and protection. A Tor relay must be able to host a minimum of 100 GByte of outbound/inbound traffic per month.

VPN

Many VPN services offer apps or browser extensions for instant security. Some VPNs have features such as smart algorithms that can automatically choose the best server for you based on location, time, or your special requirements.

You can use a VPN because they’re easier to navigate, allow convenient payment methods (eg. via credit card) and have 24/7 user support. However, they may slow down your speed and don’t always have unlimited streaming options.

 

Scalability

dVPN

As with most P2P infrastructure, the more participants which join the network, the stronger and more robust it becomes.

Mysterium’s micropayments system is a homegrown Layer 2 solution. It was built to handle large volumes of users and transactions, making the network fast and more scalable.

Tor

Tor is currently used by a couple million people. Due to its distributed nature, the network can (in theory) grow larger. However it would require a much higher number of nodes. Unfortunately, despite its millions of users, Tor has not had huge growth in nodes due to its being a free service run by volunteers. Without incentivisation for nodes, it can only grow so fast.

VPN

The service depends on high bandwidth throughput and fast connection speeds to provide an optimal service for customers. Often use multiple tunneling protocols to ensure their network can scale and can adapt to various needs.

Compatible with

dVPN

Mysterium – Android devices, macOS, Windows, Linux for desktop. Apps for iPhone coming soon.

Tor

Tor for Android, Windows, Mac, Linux and as a separate tab in Brave browser.

VPN

Currently offers the widest choice for connecting; Android, Windows, Mac, iOS, Chrome/Firefox extension, Linux.

Open Source?

dVPN

Yes — always transparent and collaborative from Ground Zero. Check out Myst codebase.

Tor

Yes – open source pioneer.

VPN

No – centralized VPNs are proprietary and closed source. You can only imagine what they do with your collected data stored in their servers.

Decentralized?

dVPN

You bet.

Tor

Yes, but it doesn’t use blockchain for payments.

VPN

Nope. Decentra-what?

Network Status

dVPN

In the case of Mysterium, the testnet has 900 residential nodes, with more than 500 live at any given point.

Tor

Approx. 6500 exit nodes.

VPN

Depends on size of VPN provider, but biggest can provide over 5200 servers in 59 countries.

So, Tor or VPN - why not both?

Tor and VPNs/dVPNs are complementary solutions, so they can work together to enhance your privacy and security even more.

There are two methods for merging Tor with VPN:

VPN on Tor: connect to the Tor browser, then use a VPN. This is a more complex method as it requires some manual configuration. As your VPN server acts as the final exit node, Tor’s own exit nodes will not be able to peel back the final layer of encryption to reveal your activity. While your ISP can tell that you’re using Tor, it wouldn’t be able to trace you and keeps your IP address hidden from your VPN service.

Tor over VPN: Connect to your VPN, then use Tor browser. Your VPN will encrypt your traffic before it enters the Tor network, and also hides your IP address. It also hides the fact you’re using Tor from your ISP. However, if your VPN provider chooses to keep logs, it can see that you’re using Tor. This is why it’s best that you use a decentralised VPN, which cannot keep user logs.

Both Mysterium and Tor can be pieced together to ensure full privacy coverage and secure internet access. One of Mysterium’s most considered features is to extend our whitelisting in such a way so that your traffic would only exit via a Mysterium node’s IP, while the rest would be forwarded throughout the Tor network. In this way, Mysterium users will get to unblock content, and our node runners will not risk unwanted content passing through.

 

how to build a blockchain app

The Bigger Picture

Decentralized privacy networks like Mysterium and Tor are grassroots, open source technologies who have managed to grow large community-driven platforms without any corporate backing or support.

However, we have one point of difference; while regular VPNs offer to protect you for a price, we believe the fight against surveillance and censorship is a shared one.

Regular VPNs do nothing to address the infrastructural flaws of the internet, instead they apply a quick fix solution. We want to rebuild the internet itself, creating people-powered networks that are immune to corporate or government control.

In the case of Mysterium, our trustless, P2P payment network (currently on testnet) will be the first of its kind. It allows users of our global, distributed VPN to pay each other in short and frequent intervals, whenever they “rent” a VPN service from each other. We believe this is the missing link for current privacy solutions – mutual incentivisation, and the goal of restoring the internet to its former glory.

Tor helped kickstart this grassroots anonymity revolution and now the dVPN industry is taking it even further.

You can try dVPN apps for Android. You can use Tor browser for android.

Try our free dVPN app for Android. You can also decide which tor browser for android to use.

Check us out our Github or join our Discord to ask our developers any questions directly. 

Join the Mysterium Army here

Opensource VPN partnership alert 🚨🎉 Portals builds on Mysterium Network

open source vpn

Portals VPN builds on top of Mysterium Network

We’re excited to announce the first project building on Mysterium Network! Mysterium Network is building a decentralised VPN, but we are also fundamentally an open source VPN. 

Portals has built on top of our open-source infrastructure to bring consumer VPN users into Mysterium ecosystem.

To celebrate this new milestone, Portals is offering a discount to all Mysterium users who’d like to sign up and give their Android application a go.

Related: What is a VPN connection? And why is it needed as our internet splinters apart?

What is Portals?

Portals is a dVPN application that plugs directly into Mysterium Network’s pool of nodes. Yes, you heard correct – a business, building on our infrastructure and sending traffic to our node network. And it doesn’t stop there.

Portals are focused on consumer adoption. They offer a subscription service, with monthly or annual payments. This means that Portals users can pay not just with cryptocurrencies, but with cold hard credit cards. Under the hood, this will drive traffic into Mysterium Network and tokens into Mysterium node runners’ pockets. Once a user signs up for Portals, all they need to do is pick the country they’d like to connect to. Portals’ built-in algorithm selects the best nodes for them to connect to based on quality, and the service the user is looking to access. 

Portals also offer live chat, which means anyone with issues getting their dVPN application up and running will have a helping hand.

A small step for dApps, a giant step towards mass adoption.

With Portals, users will be able to access the benefits of Mysterium Network’s pool of residential IPs without having to even know what ETH or MYST is! More users and traffic will flow into Mysterium Network, without all that crypto mumbo jumbo needing to be explained to people who just want an app that’s easy to use.

Portals app is available on Android, Mac and Windows. Check them out here.

open source vpn

Check out PORTALS VPN,
30% off all plans with
code STOPSPY

Get Portals VPN

Why are decentralized VPNs important?

Centralized VPNs today have full access to the history and metadata of what we consume online.

“The websites we browse, torrents we download, movies we watch on Netflix, the time we spend playing games, watching Youtube, idling on social networks – we can only imagine (and know from certain instances) how this data is used to track us and eventually influence our behaviour,” says the team behind Portals VPN.  

“This influence is so strong yet so concealed, that we have the right to replace the term “influence” to the term “control” in this context.”

Portals VPN is built on the belief that the more Internet users become aware of this control that centralized VPN providers have, the more they will turn to decentralized solutions. 

Why is this step important to Mysterium Network?

Mysterium Network is building a distributed VPN node network. 

While we have a reference implementation of our technology available, as an open-source VPN one of our goals is to help create tooling that allows for easy integration into our node network.

This means that we can continue to focus on building our node software, nurturing our community of nodes and helping developers build apps that drive traffic through the network.

Portals building on top of Mysterium is an important step for us as it will help us with the following:

  • Getting feedback on our developer documentation to ease future open source adoption of our technology;
  • Building processes to help onboard open-source talent more seamlessly into first learning about Mysterium technology, and then building on top of it;
  • Gaining a new channel through which traffic will enter our network and gets distributed across our node runners.

An open Internet for all

Portals and Mysterium are just two of the many projects pioneering decentralization. The ecosystem is made up of a range of companies, initiatives and projects all working together to create a better Internet for all. 

The magic of decentralized technology means that different platforms complement each other, merging to form a new Internet that is as accessible, interoperable and open – as if it were one. 

Related: Read our behind-the-scenes look into how networks like these are built.

Stay tuned for our developer bounties

Portals is the first of many projects that we hope will join us in building Mysterium’s wider ecosystem.

We will be announcing developer bounties on the 1st of March through our blog and community channels, so stay tuned to find out how you can contribute to a more free, more open Internet – and earn while you do it.

Decentralised VPN (dVPN) Comparison 2020

dvpn comparison

Decentralised VPN (dVPN) Comparison

The following is a continually dVPN comparison is a resource tracking the differences between emerging decentralised virtual privacy networks in the market.

Last updated: 19 May 2020

If you would like to see an additional dVPN compared here, please do get them to reach out to us, we’d love to continue to develop this as an educational resource for end-users to make educated decisions on their digital lives.

Related: Tor vs VPN vs dVPN – what are the differences?

Network Design

Mysterium Network

A global collection of nodes power a VPN network by sharing bandwidth P2P in exchange for cryptocurrency.

Users can easily become a node and also download the free VPN app to select from a global menu of IP addresses/bandwidth providers.

Orchid

VPN users connect to bandwidth sellers (nodes) using a directory. Node providers stake tokens to advertise these services.

Users install the Orchid VPN, add OXT to their wallet, and can then access the internet through their preferred path (single or multi-hop).

Sentinel

P2P VPN network also functioning as an SDK. Allows anybody to become a “resource node” by selling their unutilized computing resources in the marketplace.

Users mask their Internet traffic through a series of nodes.

VPN

A global VPN service which can provide Dedicated IP address, Double VPN, Onion Over VPN and connection to the Tor anonymity network. 

As well as dedicated data centre servers around the world, centralized VPNs also allow P2P traffic on certain servers  – there are hundreds of them in different locations around the world, optimized for file sharing.

How are nodes incentivised or rewarded?

Mysterium Network

Pilot program
Monthly bounties for UK, US, Italian and German participants, earning up to $600 in ETH per year. Only an email and IP address is required.

P2P payment network
(coming soon)
Nodes set their own price based on supply and demand. This unique micropayments system utilises cryptocurrency payments, so nodes can sell their bandwidth in small intervals, ensuring security and convenience.

Orchid

Stake-weighting
Anyone can operate an Orchid Node, but must first stake (lock up as collateral) the native OXT cryptocurrency. The more OXT that is staked, the more traffic they can receive, and the greater the chances of reward in the Network.

Orchid uses an advanced payments architecture known as probabilistic nanopayments for per-packet network payments.

Sentinel

Resource Nodes can earn the native $SENT token in return for contributing network bandwidth and other resources by hosting a Service Node for the dVPN Service.

VPN

Nodes are not incentivized in centralized VPNs as these businesses own the infrastructure and charge end users for the service.

Node Onboarding

Mysterium Network

Anyone can run a node using their computer, mining equipment or compatible hardware such as a Raspberry Pi. Link your node to your Ethereum wallet address via an easy to use dashboard, My.Mysterium.Network to track your earnings.

No staking is required to be a node – sign up is free.

Orchid

Anyone can run a node by signing up to the stake registry and provider directory on the blockchain.

However, all new nodes must purchase and stake OXT to start receiving traffic.

Sentinel

Running a node requires technical knowledge of how to install a docker and configure a node. At present there is no user-friendly dashboard or application for download.

VPN

No need to onboard. By paying for the service, users get access to the VPN service, but do not help power it.

Costs & fees

Mysterium Network

While on testnet, the VPN is currently free to use.

Once live, users will pay in cryptocurrency for only the bandwidth they consume on a pay-per-use model.

Nodes pay no fees and earn cryptocurrency directly from users of this VPN service.

Orchid

Users pay for the bandwidth in OXT.

Nodes pay OXT to advertise their services.

Sentinel

Using their on-chain, inbuilt ‘Token Swap’ feature, users can privately purchase $SENT tokens to access any service on the Sentinel network.

Running a node is free.

VPN

Monthly subscription model, rather than a pay-as-you-go structure. Users get access to a VPN service where they can select from IP addresses based all over the world to suit their browsing needs.

VPN Security

Mysterium Network

Layered protection protocols built to protect any individual or organization. Mysterium is a fast and scalable transport security layer to reinvent privacy via VPN. Traffic is encrypted and sharded into separate pieces, filtered in an unrecognisable form through the distributed node network — without the possibility of being traced or censored.

Orchid

Users can select single- or multi-hop onion routed circuits by selecting nodes randomly weighted on stake and filtered by price, location, etc. A single hop route has the benefits of a normal VPN connection, creating a tunnel to route your traffic over a public network or your ISP, while a multi-hop connection provides additional privacy benefits by securing your network data from any one provider.

Sentinel

Swixer is Sentinel’s first utility that allows anybody to simply convert their cryptocurrency tokens online while keeping their data away from prying eyes.

User’s privacy is enhanced by Swixer’s cross-chain swaps between the Ethereum chain and other blockchains which possess a working zero-knowledge protocol or privacy layer within the protocol.

VPN

Traditional VPN services route all users’ internet traffic through a remote server, hiding IP addresses and encrypting all incoming and outgoing data. For encryption, they use the OpenVPN and Internet Key Exchange v2/IPsec technologies in their applications.

One company admits their servers were hacked due to an expired internal private key being exposed, potentially allowing anyone to spin out their own servers imitating their own.

Logging policy

Mysterium Network

no logs! Mysterium protocol removes any technical possibility for collecting or storing logs centrally.

Orchid

No logs.

Sentinel

No logs.

VPN

In theory, a centralized VPN *could* keep logs, but most state they are committed to a zero-logs policy.

Node Security

Mysterium Network

Mysterium allows users to select whitelisted traffic only, designed to protect nodes. However nodes can choose to accept any kind of traffic and increase their earning potential. They’ll soon identify and block bad actors from the network through the use of registered identities and reputation system.

Orchid

Users can prevent certain kinds of attacks from malicious exit nodes by using a default exit node whitelist consisting of trusted VPN partners. Users can use their own whitelists, and eventually well known third parties will emerge as whitelist curators.

Sentinel

Sentinel is developing a relay network, where participants in the network can choose to be a relay or an exit node on which encrypted tunnels traffic between the VPN paid user and an exit node.

It will also involve the use of governance nodes which will dictate path of packet transmission between user and exit node.

VPN

Nodes are protected as the centralized VPN assumes all security and legal risks.

Ease of Use

Mysterium Network

VPN is a simple to use and free desktop or mobile application.

New nodes can get set up in just 5 minutes and 5 steps via a simple, user-friendly dashboard. There is a knowledgebase and support team on hand to help.

Users will need to have some basic understanding of cryptocurrency and must have an Ethereum wallet set up to receive payments.

Learn more about upcoming features.

Orchid

VPN app designed for mobile and desktop. People wishing to be nodes must register and have some prior knowledge of cryptocurrency and staking.

Sentinel

Sentinel is not user-friendly and is better suited to more technically proficient users or those intuitive with Ethereum DApps and blockchain platforms.

VPN

Smart algorithms automatically select the best VPN server for you based on location, loads, or your special requirements.

They also have a dedicated support team.

Scalability

Mysterium Network

As with most P2P infrastructure, the more participants which join the network, the stronger and more robust it becomes.

Mysterium’s micropayments system is a homegrown Layer 2 solution. It was built to handle large volumes of users and transactions, making the network faster and more scalable.

Orchid

Orchid uses a probabilistic payment system which scales to millions of transactions per second, enabling a highly liquid bandwidth market without a trusted central party.

Sentinel

Sentinel’s “multi-chain architecture” secures data exchange between people and both centralized and decentralized applications meaning. This is meant to solve problems with infrastructure and scaling.

VPN

Depends on high bandwidth throughput and fast connection speeds to provide an optimal service for their users. Often use multiple tunneling protocols to ensure their network can scale and can adapt to various needs.

Social following

Mysterium Network

11.3K Twitter Followers

2000 Medium Followers

2088 Telegram Members

Orchid

27.1 K Twitter Followers

235 Medium Followers

4381 Telegram Members

Sentinel

3,392 Twitter Followers

336 Medium Followers

2946 Telegram Members

VPN

Not applicable.

Compatible with

Mysterium Network

Android, Mac, Windows, Linux.

Orchid

iOS, Android, Mac, Linux, and (soon) Windows.

Sentinel

Mac, Windows, Linux, Android.

VPN

Android, Windows, Mac, iOS, Chrome/Firefox extension, Linux.

Decentralised?

Mysterium Network

You bet.

Orchid

Of course.

Sentinel

Of course.

VPN

Nope. Decentra-what?

Network status

Mysterium Network

Testnet live – 900 residential nodes, with more than 300 live at any given point.

Orchid

Between five and 10 node providers at launch, including players from both the traditional VPN world and “new entrants from the crypto space.”

Sentinel

83 nodes in the network, with an average of 28 at any time

VPN

Choose from over 5200 servers in 59 countries.

Also – several cases of being hAcKEd

Open Source?

Mysterium Network

Transparent and collaborative from Ground Zero – check out Myst codebase.

Orchid

Duh. Everything to see here.

Sentinel

Yep. Peek under the hood here.

VPN

No – centralized VPNs are proprietary and closed source.

What is Mysterium Network?

Mysterium Network is one of several emerging networks enabling decentralisation of the internet. Find out how you can contribute by running a node. Or download our dVPN and give it a whirl.

Related: Tor vs VPN vs dVPN – what are the differences?

Golang — C++ interoperability in VPN network

The reincarnation of OpenVPN’s C++ library

What is a VPN configuration? And how does understanding this help you protect your digital rights? Find out more here.

At Mysterium Network we are working on the world’s 1st decentralized VPN. Our project is built on Golang (Go). Go is a statically compiled language, which offers a rich standard library. Go is syntactically similar to C but comes out as the winner when it comes to memory safety, garbage collection, structural typing, and CSP style concurrency.

There are many libraries written in C or C++. When you wish to use these libraries within Golang, there are two approaches:

Rewrite the library in Golang

Several projects have gone down this road. Wireguard® has done this, check out some of their libraries.

Reuse the code in a way that Golang can call it.

There are other tools that can help with calling java or objective C code into Golang, but everything goes through an intermediary. At a fundamental level, there is interoperability between C and Golang.

What is VPN configuration? Integrating C++ OpenVPN 3 library into a Golang Mysterium Node.

As mentioned above, we are using OpenVPN under the hood. This was our first protocol and it was used as an external binary (executable file).

What does this mean for VPN configuration? This basically means that a Mysterium Node and OpenVPN are two different processes which communicate using OpenVPN config and IPC (local sockets to be exact).

Now, this has some limitations — for example, software distribution becomes complicated as you also need to distribute OpenVPN binary with each Mysterium Node — two steps, never great for UX.

It was workable for a proof of concept or very early versions, but as we moved to mobile platforms, this approach became very complicated or even not feasible — especially when considering iOS.

To solve this challenge, we decided to find a way to integrate OpenVPN into our Golang project directly. Also, we decided that this package could be useful for others, that’s how this library was born.

Openvpn3 to the rescue.

Openvpn3 is the official library maintained by OpenVPN team and is being used in almost all platforms as client or connector to OpenVPN server. Also, it’s written in C++ which came with some obstacles we needed to solve.

Golang and C++ don’t get along

Our first obstacle was that C++ code cannot be directly called by Golang (Cgo to be exact).
We needed to make small changes to the OpenVPN library itself to export OpenVPN Client as C callable code. This can be found here, and it’s basically a go compatible entry point to the OpenVPN library.

Then there is how Golang treats C code itself (cgo).
The problem was that Golang and it’s package management systems expect that all libraries are source files (i.e. there is no or very limited binary package management). And OpenVPN3 library build process was very over complicated and not easily expressed in a Go way.

What is a VPN configuration without some interoperability? So our decision was to compile that library in advance for all platforms we currently support or produce binaries for (arm family (android ios), amd64 family (Windows, Linux, some simulators). As we use Linux for our automatic build system, we had to set up all compilers and SDKs in one place — but that’s for another blog post. Sign up to our newsletter to hear more about what we’re building.

Our heavily patched docker image is heavily borrowed from Karalabe. The result was a single header file (very simple) and a bunch of static libraries for each platform/OS we needed.

We also had to ensure that these binaries were Go gettable (the go way to fetch a library from GitHub).
We simply committed those libraries to Go repo along with all supporting Go code (which is available at mysterium.network/go-openvpn/openvpn3). Not the best way to distribute the software, but our target was a go gettable library.

Now the easy part 😏 — to call Openvpn3 functions from Go.

It’s quite easily doable. The following examples are simple calls of C functions exported by OpenVPN library (our C wrapper):

And here come problems:

  1. First of all, strict rules as to what can and cannot be passed to C code and vice versa, for example — you cannot pass go function reference to C code.
  2. The openvpn3 client also depends heavily on callback functions. One way to approach this was to use only static functions for callbacks. However, this would have limited the flexibility and usability of the library.
    A hybrid solution was to define customisable callback functions in Go and register them in a map with function ids. Static functions in the OpenVPN3 client would then dispatch respective callbacks to registered functions with corresponding ids.
    Here is how it works (let’s take state event callback function as an example):

User defines normal go structures with methods, which satisfies interfaces expected by callback registry:

Structure is passed to callback registry which is essentially global id -> callback map:

What happens next, callbacks registry inserts user provided structure with methods, and creates a C structure, ready to be passed to C code, but instead of passing go function reference to C code, it passes id which is simply key to callback map and an exported go function (with special comment).

When C code wants to inform user of state changes, it calls static go function and one of the parameters is id. That id is then passed to callback registry to find and call apprioprate user defined callback.

It compiled. At least the Go part — that means that C code is reachable, and all headers are ok.

Most of the dragons started rearing their heads when it came to linking the Go packages with OpenVPN static libraries.

The biggest issue was that — the library was built with C++ compiler, but golang cgo used C compiler by default. As a result, all weird and ugly errors began to raise at the linking stage. So if you see similar errors as in example — you are not alone:

After hours of stack overflow exploration, a simple workaround was to put a empty .cpp file inside the package which uses “C” imports. That way cgo was tricked into using the c++ linker which already had c++ library by default.

There are several other issues we faced in rewiring what VPN configuration looks like without a centralised element. But that again is for another blog post. Stay tuned.

In conclusion

When using new technologies like Golang you have to sometimes go off-chain to find solutions that will help you use existing libraries so that you don’t have to start everything from scratch. However, as most solutions in IT, it’s not a silver bullet.

Key takeaways

  • Precompiled libraries on their own poses security risk — potential library users cannot be sure what is exactly compiled in, as there is no code to review
  • Each OS and architecture combination has to have a separate version of the same library
  • iOS framework problem — iOS framework lib (provided by gomobile tool) is a static library itself. So any other dependencies are linked but not combined into the framework — need to do it as a separate step
  • It’s simply not a go way — golang usually expects all source needed for the package, to be in one place.

Connect with our project

Please be sure to follow and subscribe to the following:

Website — https://mysterium.network

Twitter — https://twitter.com/MysteriumNet

Telegram — https://t.me/Mysterium_Network

Reddit — https://www.reddit.com/r/MysteriumNetwork

Facebook — https://www.facebook.com/MysteriumNet

Steemit — https://steemit.com/@mysteriumnetwork

Bitcointalk — https://bitcointalk.org/index.php?topic=1895626.0

Please join the Telegram groups most relevant to you and engage with our team. We want to hear from you.

English — https://t.me/Mysterium_Network

Rules & FAQ — https://t.me/MysteriumRulesAndFAQ

Announcements — https://t.me/MysteriumOfficialAnnouncements

Node Testing — https://t.me/mysterium_network_nodes

MysteriumVPN Testing — https://t.me/joinchat/I5-aG0z_3SA6PLgQBCOXlA

中文 / Chinese — https://t.me/MysteriumChineseChat

русский / Russian https://t.me/mystRU

Español / Spanish — https://t.me/mysterium_network_espanol

And finally, if you’d like to see more of these types of updates give us some claps and let us know.

*WireGuard” and the “WireGuard” logo are registered trademarks of Jason A. Donenfeld.