pull down to refresh

For those who never heard about IVPN - we've been around since 2010, we are privacy activists and Bitcoiners.
IVPN Light is an experiment in supporting Lightning adoption. It is admittedly not a novel concept, but it offers a unique combination of the following:
  • Short duration access option, you can get a “throwaway” VPN tunnel for 3 hours or up to 30 days duration
  • Priced in sats, not fiat, and it's quite affordable (500 sats for 3 hours)
  • Access to 5 exit locations or 1 MultiHop combination
  • Pay with BTC Lightning directly - no intermediaries
  • No account creation or PII needed
We look forward to your feedback and appreciate any ideas for improvement here or other channels: https://github.com/ivpn/ivpn.net https://www.ivpn.net/contactus/
We also have a "regular" VPN service supported by open-source apps: https://www.ivpn.net/
If you want to dig into our background and philosophy, I suggest starting here: https://tftc.io/tftc-podcast/392-resisting-online-surveillance-with/ https://www.ivpn.net/ethics/
reply
An interesting feature here would be to allow me to run a client that isolates the traffic from my internal net but act as an egress point. This could help vpn be more useful as it would show from residential IP. Maybe by running the client I'd get a cut of the sats, and ya'll get a cut as the provider.
reply
Thanks! While the idea has merit due to the benefit of looking like a residential IP which would solve a lot of VPN use issues, it could face reliability/speed and also privacy/trust issues. If a customer exits on your egress their potentially isolated, unencrypted traffic is liable to inspection by an entity they don't know and cannot vet - of course you won't learn their source IPs if they enter at an IVPN server, but it still introduces uncertainty. I think the risk-reward tradeoff is not good for privacy conscious users, while others might not be able to assess it properly.
reply
I agree for the most part, however I think using lightning one could theoretically come up with an incentive structure to make this work, if traffic out of the tunnel is encrypted(unencrypted traffic is an issue so point well taken), tls interception could be an issue, but would throw warnings on most modern browsers/clients. But I do agree this could cause a lot of issues with non-technical users. I worked on the AWS cloudformation team as a Security engineer, I may go check out your github and see if I can help out in anyway.
reply
awesome, are Monero payments planned for this service like the regular one has, for those of us more privacy oriented?
reply
Interesting. Would you consider something like hourly / daily subscriptions paid over lightning by chance? Something we're looking to build support into @ Mutiny and I think the VPN use case could work out with something like this. Starting to focus heavily on building subscriptions on LN.
reply
Hello Tony! Yes we have considered it and done some research towards this. I can share more, email me (in bio) and let me know about your preferred channel to discuss further.
reply
Will do later today, thanks!
reply
This is great. Here is a short guide for beginners if you would like to learn how to create your own Wireguard keys without having to save data to disk, but still view it on the screen.

Generating WireGuard Keys on Windows 11 Without Admin Privileges

Why This Method?

  • No Disk Writes: Sensitive keys are not written to disk, reducing the attack surface.
  • Clipboard Isolation: The keys are isolated in the clipboard temporarily, limiting exposure.
  • Immediate Inspection: You can directly paste and inspect the keys in Notepad++, without them ever touching the filesystem.

Prerequisites

  • Windows 11 machine
  • WireGuard utilities installed
  • Notepad++ installed

Steps

  1. Open Command Prompt
    • Open a standard Command Prompt window. No need for admin privileges.
  2. Generate Private Key and Copy to Clipboard
    wg genkey | clip
    This pipes the generated private key directly to the clipboard.
  3. Paste Private Key in Notepad++
    • Open Notepad++.
    • Paste the private key and save the file as privatekey (optional).
  4. Generate Public Key
    echo "<private_key_here>" | wg pubkey
    Replace <private_key_here> with the actual private key. This will display the public key in the console.
  5. Copy Public Key
    • Manually select and copy the public key from the console output.
  6. Paste Public Key in Notepad++
    • Open a new tab in Notepad++.
    • Paste the public key and save the file as publickey (optional).

Generating WireGuard Keys on Ubuntu Without Disk Writes

Why This Method?

  • No Disk Writes: Keys aren't written to disk, reducing potential attack vectors.
  • Clipboard Isolation: Temporarily holds the keys in the clipboard to minimize exposure.
  • Immediate Inspection: Keys can be pasted into a text editor like vim or nano for immediate inspection, never touching the filesystem.

Prerequisites

  • Ubuntu machine
  • WireGuard utilities installed (sudo apt install wireguard-tools)
  • xclip installed for clipboard operations (sudo apt install xclip)

Steps

  1. Open Terminal
    Open a terminal window. No need for root privileges.
  2. Generate Private Key and Copy to Clipboard
    wg genkey | xclip -selection clipboard
    This command pipes the generated private key directly to the clipboard.
  3. Paste Private Key in Text Editor
    • Open a text editor like vim or nano.
    • Paste the private key (Ctrl-Shift-V in terminal) and save the file as privatekey if needed.
  4. Generate Public Key
    echo "<private_key_here>" | wg pubkey
    Replace <private_key_here> with the actual private key. The corresponding public key will be displayed in the terminal.
  5. Copy Public Key
    • Manually select and copy the public key from the terminal output.
  6. Paste Public Key in Text Editor
    • Open a new tab or window in your text editor.
    • Paste the public key and save the file as publickey if needed.
reply
Been using ivpn for the last few months. VERY happy with service. Anonymous account creation, pay with btc and super fast VPN.
Only drawback is that most servers are in the "5 eyes" countries. Canada, uk, us, Europe. Wish there were some more obscure countries.... I use Iceland almost exclusively.
reply
Thanks! We have exit locations in 35 countries. Do you have a specific one in mind which is missing from the list?
reply
Would love to see some central america/south america ones.... I.e. el salvador!
reply
Thanks. Mexico is coming soon.
The issue with more obscure countries is:
  1. Reliability - it's much harder to find a dependable data center that can offer close to 100% uptime and proper server controls that we require
  2. Price - bare metal servers and bandwidth is much more expensive in such countries, and if real demand is not there to pay for additional subscriptions, it is clearly cost prohibitive (e.g. arranging this in Paraguay or Argentina is 5x costs compared to US/EU, or more)
Why big VPN providers can offer end points in many such countries? Because they don't rely on bare metal servers, but use VPS/shared hosting, which is cheaper, easier to replace and more expendable. We don't go down that route as it carries privacy and security risks.
reply
Great to see more VPN companies adopting this business model and integrating with LN.
reply
Yo! First off this is great! I did not know you were bitcoiners and also great job on hosting your own BTCPayserver! That is awesome.
I also just read your website that you now do yearly security audits! Well done.
I used to use your services, but I switched years ago.
Now, that I see way you are doing things, I will recommend you more.
reply
Thanks for the nice words. We've been using BTCPay for a long time, one of our favorite projects in the space:) - https://foundation.btcpayserver.org/
reply
ahhh sheeet... hats off to you all.
This is the way.
reply
I like the idea of a burner VPN for a few hours!
reply
reply
iVPN is a great service.
reply
deleted by author
reply
deleted by author
reply