SilverLABS/SilverMetal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7d5f9cc2463ac2ff1cfa10ddee05c943e97882d3
SilverMetal/stack/vpn/README.md
SysAdmin 7d5f9cc246 chore(scaffold): initial SilverMetal program scaffold 
Cross-platform privacy-hardening program. Two-layer product:
- SilverLABS Application Stack (cross-platform spine)
- Platform Hardening Profiles (per-OS, tier-honest)

Platforms: Linux (Debian/Kicksecure), Android (Pixel/Samsung/Moto/generic),
Windows (LTSC IoT), macOS (profile), iOS (MDM profile). Each flavour has
both a preflashed hardware SKU path and a self-apply "harden your existing
device" path.

Includes umbrella docs (README + threat-model, design-principles,
platform-matrix, roadmap, trust-model), per-platform and per-stack-
component README stubs, .gitignore, LICENSE.

Linux v1 ships first; Stack v1 = Browser + VPN + Sync.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 03:11:48 +01:00

41 lines
1.8 KiB
Markdown
Raw Blame History

# SilverVPN
**Status**: v1 (Linux MVP) — planning
Always-on VPN with no logs, run on SilverLABS infrastructure. Mullvad-style account-number signup (no email, no name).
## v1 approach
- **Protocol**: WireGuard. Period. (Battle-tested, tiny attack surface, performant.)
- **Account**: random 16-digit account number; no email, no PII
- **Payment**: separate channel (SilverDotPay / crypto / payment processor) with no link back to account number
- **Exit nodes**: SilverLABS-operated initially; geographically diverse
- **Kill-switch**: enforced at firewall layer (nftables on Linux, NetworkExtension content filters on Apple)
- **DNS**: encrypted DNS through tunnel; no DNS leaks
- **Per-device keys**: each device gets its own WireGuard key; revoke per-device
## Server-side
Lives in `SilverLABS/silver-vpn-infra` (separate repo). This repo holds the **client** code only.
## What we do not do
- We do not log connection metadata beyond what is operationally required (typically just real-time peer state, not retained)
- We do not bundle ad-blocking — that's the browser's job, not the VPN's
- We do not bundle tracker-blocking heuristics in the VPN — that risks false positives that break sites
- We do not run a "free tier" with a different infrastructure — paid users and free users (if any) get the same server quality
## Per-platform clients
- **Linux**: GTK + native daemon (`silvervpn-daemon` running as systemd service)
- **Android**: VpnService-based, native UI
- **Windows**: WireGuard tunnel service + tray UI (signed)
- **macOS**: NetworkExtension, signed and notarised
- **iOS**: NetworkExtension via App Store
## Verification
- Kill-switch test: disconnect upstream, verify zero packets leak
- DNS-leak test: capture DNS during tunnel-up; all queries must traverse the tunnel
- Reconnect test: WAN flap, verify reconnect without temporary leak
Reference in New Issue View Git Blame Copy Permalink