For those who never heard about IVPN - we've been around since 2010, we are privacy activists and Bitcoiners.
IVPN Light is an experiment in supporting Lightning adoption. It is admittedly not a novel concept, but it offers a unique combination of the following:
Short duration access option, you can get a “throwaway” VPN tunnel for 3 hours or up to 30 days duration
Priced in sats, not fiat, and it's quite affordable (500 sats for 3 hours)
Access to 5 exit locations or 1 MultiHop combination
Pay with BTC Lightning directly - no intermediaries
An interesting feature here would be to allow me to run a client that isolates the traffic from my internal net but act as an egress point. This could help vpn be more useful as it would show from residential IP. Maybe by running the client I'd get a cut of the sats, and ya'll get a cut as the provider.
Thanks! While the idea has merit due to the benefit of looking like a residential IP which would solve a lot of VPN use issues, it could face reliability/speed and also privacy/trust issues. If a customer exits on your egress their potentially isolated, unencrypted traffic is liable to inspection by an entity they don't know and cannot vet - of course you won't learn their source IPs if they enter at an IVPN server, but it still introduces uncertainty. I think the risk-reward tradeoff is not good for privacy conscious users, while others might not be able to assess it properly.
I agree for the most part, however I think using lightning one could theoretically come up with an incentive structure to make this work, if traffic out of the tunnel is encrypted(unencrypted traffic is an issue so point well taken), tls interception could be an issue, but would throw warnings on most modern browsers/clients. But I do agree this could cause a lot of issues with non-technical users. I worked on the AWS cloudformation team as a Security engineer, I may go check out your github and see if I can help out in anyway.
Interesting. Would you consider something like hourly / daily subscriptions paid over lightning by chance? Something we're looking to build support into @ Mutiny and I think the VPN use case could work out with something like this. Starting to focus heavily on building subscriptions on LN.
Hello Tony! Yes we have considered it and done some research towards this. I can share more, email me (in bio) and let me know about your preferred channel to discuss further.
This is great. Here is a short guide for beginners if you would like to learn how to create your own Wireguard keys without having to save data to disk, but still view it on the screen.
Generating WireGuard Keys on Windows 11 Without Admin Privileges
Why This Method?
No Disk Writes: Sensitive keys are not written to disk, reducing the attack surface.
Clipboard Isolation: The keys are isolated in the clipboard temporarily, limiting exposure.
Immediate Inspection: You can directly paste and inspect the keys in Notepad++, without them ever touching the filesystem.
Prerequisites
Windows 11 machine
WireGuard utilities installed
Notepad++ installed
Steps
Open Command Prompt
Open a standard Command Prompt window. No need for admin privileges.
Generate Private Key and Copy to Clipboard
wg genkey | clip
This pipes the generated private key directly to the clipboard.
Paste Private Key in Notepad++
Open Notepad++.
Paste the private key and save the file as privatekey (optional).
Generate Public Key
echo "<private_key_here>" | wg pubkey
Replace <private_key_here> with the actual private key. This will display the public key in the console.
Copy Public Key
Manually select and copy the public key from the console output.
Paste Public Key in Notepad++
Open a new tab in Notepad++.
Paste the public key and save the file as publickey (optional).
Generating WireGuard Keys on Ubuntu Without Disk Writes
Why This Method?
No Disk Writes: Keys aren't written to disk, reducing potential attack vectors.
Clipboard Isolation: Temporarily holds the keys in the clipboard to minimize exposure.
Immediate Inspection: Keys can be pasted into a text editor like vim or nano for immediate inspection, never touching the filesystem.
Been using ivpn for the last few months. VERY happy with service. Anonymous account creation, pay with btc and super fast VPN.
Only drawback is that most servers are in the "5 eyes" countries. Canada, uk, us, Europe. Wish there were some more obscure countries.... I use Iceland almost exclusively.
Reliability - it's much harder to find a dependable data center that can offer close to 100% uptime and proper server controls that we require
Price - bare metal servers and bandwidth is much more expensive in such countries, and if real demand is not there to pay for additional subscriptions, it is clearly cost prohibitive (e.g. arranging this in Paraguay or Argentina is 5x costs compared to US/EU, or more)
Why big VPN providers can offer end points in many such countries? Because they don't rely on bare metal servers, but use VPS/shared hosting, which is cheaper, easier to replace and more expendable. We don't go down that route as it carries privacy and security risks.
Generating WireGuard Keys on Windows 11 Without Admin Privileges
Why This Method?
Prerequisites
Steps
privatekey(optional).<private_key_here>with the actual private key. This will display the public key in the console.publickey(optional).Generating WireGuard Keys on Ubuntu Without Disk Writes
Why This Method?
vimornanofor immediate inspection, never touching the filesystem.Prerequisites
sudo apt install wireguard-tools)xclipinstalled for clipboard operations (sudo apt install xclip)Steps
Open a terminal window. No need for root privileges.
vimornano.Ctrl-Shift-Vin terminal) and save the file asprivatekeyif needed.<private_key_here>with the actual private key. The corresponding public key will be displayed in the terminal.publickeyif needed.