Hi, I’m new to Nym and I was reading that the Wireguard protocol stores the user’s ip address on its server, which makes it less private than Open VPN. Does this mean that the 1st node on the 2 hop Nym path stores my real ip address? What about the 1st node on the 5 hop path?
Really, I’ve stumped everyone here with this question??
I am pretty sure that nym.com has somewhere published a no log policy, like other VPN providers do. What does nodes see? Sure, the first node in fast mode sees your IP address and the second not. With 5 hop anonymous node the entry gateway know your IP address and in case SURB communication is used, the entry gateway computes the three mix nodes route for you. In case Nym addresses would be used then the communication would only be pseudonymous I would say. But better let the Nym team give a proper answer.
Stupid me, I guess. There is no Nym address to communicate with for the exit gateway.
Thanks for the replies pollux. So I know that the 1st hop Nym node will SEE my real ip, but does it STORE it. My understanding is that any VPN using Wireguard must store a user’s static ip on the 1st hop node or server. Mullvad VPN addresses this by keeping your real ip address only in RAM and flushes out the RAM every 10 minutes if it doesn’t receive another handshake within that 10 minutes. Nord VPN uses NordLynx to authenticate you via your real static ip on an outside server and then gives you a dynamic ip unassociated with your static ip that sends you to their real VPN server. So I’m assuming Nym VPN stores your real ip address on its 1st hop node for a significant period of time, since I haven’t seen documentation of a solution. If NSA set up a malicious 1st hop node or if jackboots break down the door and confiscate 1st hop node owner’s computer, would they be able to say, “Hey, mixnettom was connected here from this physical address. Let’s get him??”
Well, the Nym team should answer this as I don’t have any details about storing, because I do not run a gateway. But what benefit does this have for a third party running a malicious gateway? It would need IMHO a lot malicious entry/exit gatways run by third parties, which are accepted by the community stakers , I guess. If that would be the case then there is probably also the problem of low-latency, compared to high-latency Mixnets, I guess. So better wait for an official answer from the Nym team.
Do any of them ever show up here? Right now it seems like the only ones here are you & me!
Well, mostly they are on Telegram, because all the young Nym users with smartphones prefer such places, instead of classic forums like Usenet or Mailing Lists.
Thanks for your questions! will get back to you with more information soon @mixnettom
They know you’re using Nym, but linking it to specific actions or reliably de-anonymizing you requires controlling/observing far more of the network which is very hard and resource intensive (That’s the whole point of Nym mixnet). In short: It “flags” you as someone using strong anonymity tech and they would say (“We’ve got a problem”), but doesn’t hand them an easy win like a centralized VPN provider would do, even if the provider is honest today (and don’t forget, the majority have been caught misleading or complying when pressured), the centralization means one legal or technical hit and it’s over.
2 Likes
The team responded to a similar question on Reddit recently:
The entry node has to sign a TOS that they do not log the IP address. Even if they did log your IP they have no way to link it to any activity on the network.
You can read this thread for more info: Reddit - The heart of the internet