Many of you are probably familiar with the term VPN (Virtual Private Network) and understand how such a service can enhance your default Internet connection by adding an extra layer of security to it and keeping your privacy in pristine condition if used right.
However, nowadays more and more security solutions come to be and dVPN is just one of them. dVPN stands for decentralized VPN and its purpose is pretty much still the same as that of a standard VPN, with a twist: this type of network has no form of central authority, as its users play the roles of both clients and relay/exit nodes, much as in a P2P (Peer-to-Peer) network.
Brave establishes the core of a distributed VPN solution
Brave’s Research and Development team has recently published a paper that thoroughly describes a new, ambitious project called VPN⁰, which is based on a decentralized VPN foundation.
It’s well-known that in any such a network (i.e. a dVPN network), a few problems might occur, ones that are related to users having their machine (now playing the role of a relay/exit node) transmit traffic of a questionable nature, potentially harmful or even illegal network traffic.
Reportedly, there have been several reports to indicate that dVPN users’ machines have been used as malicious exit nodes without their knowledge. However, VPN⁰ is expected to be a pocket of fresh air in the dVPN industry, as it aims to put an end to those issues by offering traffic authorization features along with a validation mechanism that’s bound to preserve the privacy of its users.
dVPN with added selective traffic capabilities
In other words, VPN⁰ was designed with one thing in mind: dVPN nodes (the users who operate said machines) should have the possibility to decide what kind of traffic they want to route through their machines, thus eliminating the possibility of transmitting illegal or unwanted content.
However, this becomes problematic, since the content you route through your machine while you’re connected to the private network shouldn’t be visible in the first place, so this selective traffic capability should be achieved without ever learning the content of the routed traffic.
According to the research paper, VPN⁰ has already been integrated with Mainline (BitTorrent’s DHT) and ProtonVPN to demonstrate the feasibility of working with next-gen VPN solutions.
How could this possibly work?
Allegedly, VPN⁰ is capable of letting relay nodes control the kind of traffic they transmit minus the inconvenience of learning of its content through a “novel application of zero knowledge proofs.” The zero knowledge proof is a technology used in cryptography that enables a certain entity to prove to another entity that plays the role of a verifier that a certain bit of information (statement) is true, but without revealing what the content of the statement is, only its validity.
So for this to work, a whitelist of some sort needs to be generated. Based on this theory, a VPN⁰ client can prove to a VPN⁰ relay that the traffic it wants to route is contained within the specified whitelist. That, or a set of domains that the relay agrees to route traffic for.
What can we expect now?
While Brave’s Research and Development team has an optimistic view of the VPN⁰ project, they also realize that it still has a long way to go before it becomes totally reliable. The concept is iron-clad, as it brings standard dVPN features minus the inconvenience of potentially having others violate your privacy.
According to the research paper, VPN⁰ was built based on DHT (Distributed Hash Table) on top of which numerous privacy safeguards have been stacked. After the Mainline (BitTorrent’s DHT) and ProtonVPN integration, the research team has reached the conclusion that more research is needed to speed up the zero-knowledge calculations needed by VPN⁰ to prove the validity of the traffic it routes.
It’s possible that the research might be used to develop a decentralized VPN system that uses cryptocurrency to reward those of which are carrying traffic and uses the same kind of currency to run their services so that relay/exit nodes users can pay with their tokens. That would be an ideal model, especially since (in theory, at least), it would keep the service attractive enough for every participant and would be an effective solution to maintain the anonymity of its users.