MeshVPN - Decentralized P2P VPN Network
β οΈ WORK IN PROGRESS - Built in 7 hours by a 15-year-old developer. Phase 1 complete, Phase 2 in progress.
A decentralized, censorship-resistant VPN combining Tor-style onion routing with P2P mesh networking. Built in Rust with a focus on privacy, resilience, and distributed architecture.
π― What Makes This Different
MeshVPN is not just another VPN - itβs a research project exploring the intersection of:
- Tor-style onion routing (multi-hop encryption)
- P2P mesh networking (decentralized infrastructure)
- VPN technology (secure tunneling)
Traditional VPNs have single points of failure. MeshVPN distributes trust across multiple nodes, making it harder to block, monitor, or compromise.
π§ Current Status
Pβ¦
MeshVPN - Decentralized P2P VPN Network
β οΈ WORK IN PROGRESS - Built in 7 hours by a 15-year-old developer. Phase 1 complete, Phase 2 in progress.
A decentralized, censorship-resistant VPN combining Tor-style onion routing with P2P mesh networking. Built in Rust with a focus on privacy, resilience, and distributed architecture.
π― What Makes This Different
MeshVPN is not just another VPN - itβs a research project exploring the intersection of:
- Tor-style onion routing (multi-hop encryption)
- P2P mesh networking (decentralized infrastructure)
- VPN technology (secure tunneling)
Traditional VPNs have single points of failure. MeshVPN distributes trust across multiple nodes, making it harder to block, monitor, or compromise.
π§ Current Status
Phase 1: P2P Foundation β COMPLETE
- β P2P peer discovery via Kademlia DHT
- β NAT traversal (STUN + UDP hole punching)
- β Relay protocol for symmetric NAT
- β GUI client (Tauri + React)
- β Two laptops successfully connected
Phase 2: Circuit Routing π§ IN PROGRESS
- π¨ Circuit/onion routing through multiple nodes
- π¨ Exit node implementation
- π¨ TUN interface integration
- π Path selection algorithms
Phase 3: Production Ready π PLANNED
- π Monero payment integration
- π Production deployment
- π Security audit
- π Performance optimization
ποΈ Architecture
System Components
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β MeshVPN Network β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β Client βββΊ DHT Discovery βββΊ Circuit Building βββΊ Exit β
β β β β β β
β β β β β β
β ββββΊ P2P βββββ΄βββΊ Relay ββββββββββ΄βββΊ Onion βββββ β
β Layer Server Routing β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Crates Structure
6 modular crates, 47 Rust files, 5 binaries:
- meshvpn-dht (655 lines): Kademlia DHT for peer discovery
- meshvpn-network: P2P networking, NAT traversal, TUN drivers
- meshvpn-crypto: Onion routing encryption (X25519, ChaCha20-Poly1305)
- meshvpn-core: Circuit building, routing logic
- meshvpn-exit: Exit node implementation
- meshvpn-payment: Monero integration (planned)
Key Technologies
| Component | Technology | Purpose |
|---|---|---|
| DHT | Kademlia | Decentralized peer discovery |
| P2P | Custom UDP | Direct peer connections |
| NAT | STUN + Hole Punching | Traversal through firewalls |
| Crypto | X25519, ChaCha20 | End-to-end encryption |
| Onion | Layered encryption | Multi-hop privacy |
| TUN | Cross-platform drivers | Virtual network interface |
| GUI | Tauri + React | Desktop application |
| Relay | AWS EC2 | Fallback for symmetric NAT |
π How It Works
1. Peer Discovery (DHT)
Client β Bootstrap Node β DHT Network β Find Peers
Uses Kademlia DHT to find available nodes without central coordination.
2. Circuit Building (Onion Routing)
Client β Guard β Middle β Exit β Internet
βββencryptedβββ΄ββencryptedβββ΄ββencryptedβββ
Each hop only knows its predecessor and successor, never the full path.
3. NAT Traversal
Peer A βββUDP Hole Punchβββ Peer B
βββfailsβββ Relay Server βββfailsβββ
Direct P2P when possible, relay fallback for symmetric NAT.
π‘ Why This Approach?
Censorship Resistance
- No central servers to block (DHT-based discovery)
- Dynamic relay network (canβt blacklist all nodes)
- Uses AWS IP ranges (blocking = collateral damage to businesses)
- Looks like normal HTTPS traffic (mimics legitimate patterns)
Privacy
- Onion routing: No single node sees full path
- P2P mesh: Traffic distributed across network
- End-to-end encryption: Even relay servers canβt read content
- No logs: Decentralized architecture = no central logging
Resilience
- No single point of failure: Network continues if nodes go down
- Automatic failover: Circuit rebuilds if hop fails
- Distributed bandwidth: Load shared across participants
π Quick Start
Prerequisites
- Rust 1.70+ (
rustup install stable) - Node.js 18+ (for GUI)
- Linux/macOS/Windows
Build
git clone https://github.com/Kristian5013/meshvpnP2P
cd meshvpnP2P
# Build all components
cargo build --release
# Build GUI
cd gui
npm install
npm run tauri build
Run Bootstrap Node
cargo run --bin meshvpn-dht-bootstrap
Run Client
cargo run --bin meshvpn-client
Run GUI
cd gui
npm run tauri dev
π Documentation
- Architecture Deep Dive - Technical implementation details
- Roadmap - Development timeline and milestones
- Pressure Ontology - Philosophical foundation
- Contributing Guide - How to contribute
π Development Context
This project was built in approximately 7 hours of active development by a 15-year-old developer using:
- Rust + Tokio for async networking
- AI assistance (Claude Opus) for architecture guidance
- Iterative development with rapid prototyping
The speed was possible because:
- Clear architectural vision from the start
- Modular design allowing parallel development
- AI assistance for boilerplate and debugging
- Focus on core functionality first, optimization later
π§ Philosophical Foundation
MeshVPNβs design is rooted in Pressure Ontology - a unified philosophical framework explaining phenomena from cosmology to system design.
Key principles applied in MeshVPN:
- DHT routing = center-seeking through pressure gradients
- Circuit building = sequential deviation with compensation
- Relay mechanics = pressure redistribution
- Path selection = gradient descent toward equilibrium
View Complete Framework (47+ concepts) β
Developed at 5-30 seconds per concept over 4 months.
"Code is philosophy made executable."
π€ Contributing
Weβre looking for:
- Code reviewers: Especially for crypto and networking code
- Security auditors: Help identify vulnerabilities
- Testers: Different NAT types, operating systems
- Contributors: See CONTRIBUTING.md for areas needing help
Priority areas for Phase 2:
- Circuit/onion routing implementation
- Exit node NAT/routing logic
- TUN interface integration
- Performance benchmarking
β οΈ Security Notice
This is a research project and NOT production-ready:
- β No security audit completed
- β Crypto implementation not peer-reviewed
- β May contain vulnerabilities
- β Use at your own risk
DO NOT use for sensitive communications without independent security review.
π Project Stats
- Lines of Code: ~8,000 (Rust + TypeScript)
- Crates: 6 modular components
- Binaries: 5 executable programs
- Development Time: 7 hours active coding
- GUI Framework: Tauri + React + TypeScript
- Network Stack: Custom UDP + Tokio
π Links
- GitHub: github.com/Kristian5013/meshvpnP2P
- Issues: GitHub Issues
- Discussions: GitHub Discussions
π License
MIT License - See LICENSE for details.
π Acknowledgments
- Tor Project: Inspiration for onion routing design
- Kademlia: DHT algorithm design
- WireGuard: VPN protocol inspiration
- Claude (Anthropic): AI assistance during development
π¬ Contact
- Open an issue for bugs/features
- Start a discussion for questions
- Email: [contact information]
Built by a 15-year-old developer exploring the intersection of philosophy, cryptography, and distributed systems.
"The code is philosophy made executable."