Private Routing

Private and Safety Routes

a diagram of routes between points a and b
Veilid Routes are a combination of source and destination private routing. Because no node can trust any other node to pick the whole route, both source and destination must participate.

Compiled Routes

a diagram of routes between points a and b, shown with components
Private Routes are published as a ‘private destination’ and Safety Routes are allocated locally and combined together with a Private Route to form a Compiled Route.

Secure Envelopes

a diagram how a message is passed from B to A

Each node hop only knows about the next one This is similar to onion routing, but assumes that the source is fully in control of the Safety Route and the destination is fully in control of the Private Route.

To zoom in on the details, view the image directly.

Toward The Future

Private routing is a balance of performance and security

Applications can make use of higher node hop counts if they desire

Future private routing advancements will be transparent to users

  • Per-Hop Payload Keying

    Ensuring that there is nothing common between packets at each hop will reduce the risk of mass data collection being able to deanonymize routes.
  • Simplify Directionality

    Routes are currently bidirectional, but are allocated directionally. We may be able to simplify our allocation mechanism by enforcing bidirectionality. Bidirectional routes are faster, but directional routes could provide more anonymity.
  • Elimination of Hop Counting

    Currently the protocol keeps an internal hop count that is not necessary. Efforts should be made to ensure that individual nodes don’t know how far along in a route they are.
  • Hop Caching

    Route hop NodeInfo could be cached to save on-the-wire size as well as speed things up.
  • Increasing Hop Count

    Currently the default is one hop chosen by the Safety Route, and one hop chosen by the Private Route, which leads to three hops total once compiled.

    It may be important to increase hop count to 2 for users with critical safety needs and to protect from nation-state-level deanonymization where appropriate.

    Existing research (on Tor) suggests that our existing hop count should be sufficient and provide comparable anonymity, but this should be revisited.

IP Privacy means your location is safe too

Users don’t have to do anything to use it

No IP address means no tracking, collection, or correlation

Back to Top