Disclosure up front: I built this. Posting here because c/privacy is the audience this app is actually for — people who’ve stopped trusting “no-logs” promises from VPN companies that operate the entire path.
The threat model behind every commercial VPN is: you have to trust them. They run the servers, they see your traffic, you’re taking their word on what they log and what they don’t. Audits help, jurisdictions matter, but at the end of the day you’re handing your DNS and your packets to a third party.
I wanted the opposite: no backend, BYO server, no logging story to trust. You bring your own server (Outline, WireGuard, Shadowsocks, or Trojan — a $5/mo VPS works fine). The client runs on your device, the server runs on your VPS, and I’m not in between. I literally don’t have your traffic, your DNS, or your configs. There’s no account to create, no email, no telemetry beacon home. The thing I can’t see, I can’t be compelled to hand over.
The other piece is the smart split-tunnel routing, which matters for privacy too: most clients are one big on/off switch, so the moment you connect, everything — including your bank app and local services — exits from another country, which breaks them and also paints a weird fingerprint. This routes per destination automatically. The apps that need your server go through it; everything else stays direct. Region-aware profiles (US↔JP, US↔CN, etc.) keep the right traffic on the right path without you babysitting it.
Apple platforms only for now — iPhone, iPad, and Mac as a single Universal Purchase. Configs sync via iCloud (end-to-end encrypted if you have Advanced Data Protection enabled; otherwise inherits standard iCloud protection — wanted to be precise about that rather than wave it away).
$2.99 one-time, no subscription, ever. Happy to answer anything about the threat model, the routing engine (it’s sing-box under the hood), or what is and isn’t on my side.
use DoT/DoH
so instead of trusting a VPN provider you trust your VPS provider… that has physical (and virtual ofc.) access to the hardware your VM server runs on… brilliant!
Most VPN providers also use external hosts. That includes ProtonVPN.
OP’s argument makes sense. I, for one, did not even install the recommended images my VPS provides, but mounted my own standard Debian image, installed with full disk encryption.
They simply do not have access.
OK, one could argue that they could possibly somehow hack the raw data on the physical machines, but that is so out there and definitely illegal.
Downside: your server has most likely only one IP to VPN out from, which is more or less tied to your identity.
All that said, Apple, paid software, mostly a frontend to things that already exist: meh.
full disk encryption on a VPS is not a silver bullet.
A hypervisor-level attack (e.g., a cold boot or memory dump of the running VM) can extract the encryption keys from RAM.
The VPS provider or anyone who compromises the hypervisor has that capability. That’s not theoretical it’s how many cloud forensic tools work.
Afaik for most VPN providers it would be equally illegal to sniff your traffic without being prompted by lawenforcement.
Good point about the single IP and ofc a whois lookup or abuse complaint could reveal your identity cause most VPS providers have your payment details and private infos.