GIP-122: Should GnosisDAO support the continued development of Gnosis VPN to bring it to market?

GIP-122: Should GnosisDAO support the continued development of Gnosis VPN to bring it to market?

  • In Favour
  • Against
0 voters
GIP: 122
title: Should GnosisDAO support the continued development of Gnosis VPN to bring it to market?
author: Sebastian Bürgel on behalf of HOPR Association
status: Draft
type: Funding
created: 2025-02-13
duration: 24 months
funding: $4.8m + 500 GNO

Abstract

HOPR has completed the first proof-of-concept version of Gnosis VPN, a trustless, decentralized, uncensorable VPN service running on top of the HOPR network. The results were far in excess of expectations, demonstrating the viability of Gnosis VPN. More details can be found in our closing report for proposal 1.

However, it is still only a proof of concept. To continue development, the next stage would be to turn Gnosis VPN into a truly web3-native product with decentralized tech and incentive structures, ready to take to market and aligned with the goals of the Gnosis ecosystem. The HOPR team has scoped out the necessary work and assessed that it will take 24 months, with the first MVP version available within the first year of work.

The two-year research and development roadmap would focus broadly on four areas:

  1. Turning the proof of concept into a minimum viable product which does not require users to run their own HOPR node
  2. Taking that minimum viable product and turning it into a market-ready product for minimally crypto-savvy users
  3. Optimizing the HOPR protocol to support the increased demands of a VPN service
  4. Hardening the privacy of every component of Gnosis VPN to ensure that the service is uncensorable.

In parallel, it will be necessary to scale and further decentralize the HOPR network and set of Gnosis VPN exit node runners, as well as providing mechanisms for properly incentivizing exit node runners while ensuring users can trust them. We are confident that Circles v2 is the ideal vehicle for these mechanisms, but further research and implementation is needed.

Each improved iteration of Gnosis VPN is targeted at a different user persona, broadly representing an order of magnitude increase in the user base. Over the course of this project, and in keeping with the Gnosis 3.0 vision we would take Gnosis VPN from a proof of concept able to support under 100 users, to a service ready to support many globally distributed users on a host of different devices.

To achieve this roadmap, GnosisDAO would invest $4.8m into HOPR over two years, in exchange for HOPR tokens at a 30% discount to the 90d TWAP ending on the day of each installment.

In addition, similar to GIP-98, 500 GNO would be provided to incentivize the onboarding of new node runners to bootstrap the service.

The Ideal Gnosis VPN

Gnosis VPN is conceived as a trustless, decentralized VPN built on top of the HOPR network, Gnosis Chain and Circles v2. Gnosis VPN usage is anonymous and uncensorable. The HOPR network is leveraged to provide enhanced anonymity guarantees, hiding IP-level metadata of all data going through the VPN. This provides far superior trust assumptions for users than regular VPNs or alternative anonymous communication networks such as Tor. Circles v2 will be used to handle user authentication and user-server trust relationships. This will allow for a frictionless end-user experience and requires fewer trust assumptions between users and third-party services.

Gnosis VPN is a web3-native product with minimal trust assumptions and no reliance on RPC providers or traditional bootstrap nodes. The technical roadmap to get there is outlined in more detail below.

In addition, the commercial alignment of Gnosis VPN and Gnosis DAO is strengthened by the total absence of a traditional "business model”. Gnosis VPN and HOPR are developed as Free and Open Source technology, and all value from the Gnosis VPN service will accrue to node runners, either Gnosis Chain validators (via gas fees), HOPR mixnet relay node runners, or Gnosis VPN exit node operators. No IP will remain with HOPR Association and team and no fees or other revenue from Gnosis VPN would be extracted by them.

The Current State of Gnosis VPN

Over the past 9 months, HOPR has built a proof-of-concept (PoC) version of Gnosis VPN, as specified in GIP-98. The focus was on demonstrating that anonymous data transport is possible at acceptable speeds for modern internet users. The original proposal did not foresee the creation of full-fledged end-to-end VPN capabilities during that period; however, we managed to build a PoC which provides a secure Wireguard VPN connection running over the HOPR network. The PoC is developer-oriented still, requiring some technical knowledge and effort to set up, but does in the end provide a secure, anonymous and working VPN connection.

If you already have or are willing to run a HOPR node, you can test the PoC version for yourself here. However, since this is a technical showcase, the setup is still moderately complex. Future versions will bring greatly improved usability, with an “unrestricted” version of the PoC planned within 6 months which can support all HOPR relay node runners and has greatly streamlined onboarding

The PoC successfully uses the HOPR Session protocol (a protocol designed by the HOPR team as part of GIP-98 which allows raw TCP and UDP traffic to be sent directly over HOPR) to channel requests to exit node runners across the HOPR mixnet. Relaying nodes are successfully paid in HOPR tokens for this service, as can be confirmed via on-chain ticket redemption transactions. The exit node processes the request and serves the result to the user by transmitting it back across the HOPR mixnet. Latency and throughput fall well within usable thresholds (and are actually much better than predicted).

Crucially, the PoC successfully obscures the user’s IP metadata thanks to the HOPR mixnet. Further work is needed on the VPN client to make the service truly uncensorable. This will form a major research component of this proposal.

As stipulated in GIP-98, the PoC version has a limited allow-list of sites to visit, chosen from the Gnosis ecosystem. All exit nodes are controlled by Gnosis. Users are required to control their own HOPR node to act as an entry node.

You can also view footage of Gnosis VPN in action without these restrictions here, including streaming YouTube at 720p. This footage was gathered under ideal test conditions (all Gnosis VPN exit nodes controlled by Gnosis, relay nodes controlled by individual node runners from the HOPR community, in diverse physical locations); users trying the PoC will likely experience somewhat lower performance, especially if many users are connected simultaneously.

More details can be found in our final quarterly report for GIP-98, or at https://gnosisvpn.com, but the key takeaways are:

  • HOPR Session protocol was successfully implemented to securely tunnel TCP and UDP traffic via the underlying HOPR network
  • Relaying throughput is reliably 1200 packets per second, 60x more than our GIP-98 target of increasing from two packets per second to 20.
  • Latency is not negligible, but falls well within usable thresholds
  • In ideal conditions, speeds of up to 1.8Mbps are reached between sender and receiver, 100x the target set in GIP-98
  • All traffic is successfully routed via the HOPR mixnet, and all relay nodes are paid correctly

Despite these successes, there are still limitations. The technical requirements and restrictive allowlisting of sites limits the user base. Exit nodes are still controlled by a single entity. Establishing an initial connection once the initial setup has been completed can take some minutes. While the current network can support the PoC, it is unlikely that it could sustain hundreds of users while maintaining tolerable latency and throughput. Although the HOPR mixnet provides a high level of privacy to users, the PoC could still theoretically be identified and blocked on the server side under the current setup.

Fixing these limitations will be the focus of this second phase of development.

Second Phase

This GIP covers the continued development of Gnosis VPN to bring it to market, directly continuing the work done in the first phase (covered by GIP-98).

The next iteration of Gnosis VPN moving from PoC through MVP (end of 2025) to version 1 (end of 2026) will require significant architecture updates to HOPRd and the Gnosis VPN product components to deliver unique features.

This phase focuses on four upgrades to Gnosis VPN, each of which has its own deliverables:

  • A) Turn the developer-oriented PoC into an MVP usable by end users.
  • B) Turn the MVP into a market-ready product (version 1).
  • C) Scale the underlying HOPR network to ensure scalability of the Gnosis VPN product.
  • D) Hardening the privacy of all Gnosis VPN product components to build a maximally uncensorable service.

Although these are presented broadly in development order, this is a complex project with many interdependencies and parallel workstreams, and a lot of separate and ongoing research.

We will also spend some time over the next six months improving the usability of the PoC and reducing its restrictions, with the goal of being able to support all HOPR relay node runners with good performance.

A lot of the development work is highly technical, including advanced bespoke cryptography. In order to easily understand each iteration of Gnosis VPN, it may be more intuitive to think in terms of the target user base. Each iteration is targeted towards an expanded set of users, with changing requirements as a result. The different user personas for each version are defined as follows:

  1. The current PoC targets technically capable users who are willing to spend time to set up their own HOPR node and use the Gnosis VPN CLI tool in a shell to configure and start the Gnosis VPN connection. Moreover, these users are willing to stake funds, specifically wxHOPR tokens, on their HOPR node to enter the HOPR network and pay for outgoing VPN traffic. An unrestricted version of the PoC, available within six months, will reduce onboarding time significantly but still be targeted at HOPR node runners.
  2. The MVP (9 months) will lower the technical barrier of entry by integrating the HOPR node into the Gnosis VPN software itself. VPN connections can be started through UI applications. Thus, users are no longer required to enter a shell or set up server-side software. However, users must still stake wxHOPR tokens and need to understand how to acquire those.
  3. The first “stable” release of Gnosis VPN (18 months) will further reduce requirements by eliminating the need to stake wxHOPR thanks to streamlined edge nodes (see deliverable A1i for a definition). Integration with Pay, Metri and Circles v2 will let users easily acquire the small amount of tokens needed to use Gnosis VPN through the app itself. Users are still expected to have some knowledge of the crypto ecosystem.

Towards Uncensorability

Providing an anonymous VPN and an uncensorable VPN are related but distinct challenges. Anonymous means that, as far as possible, no-one should know you are using Gnosis VPN or what you are using it for without you choosing to disclose those facts. Being uncensorable means that no-one should be able to stop you from using the service. Gnosis VPN should be both anonymous and uncensorable.

Anonymity is a difficult problem, but HOPR’s technology is well-equipped to solve it: the HOPR mixnet obscures all user data and metadata, even from participants within the mixnet. There are other places (e.g., onboarding, payments, discoverability of exit nodes) where it is important that mechanism design does not leak metadata of network participants, but care will be taken at every stage to minimise trust assumptions and maintain similar levels of anonymity as provided by the mixnet.

Strong anonymity helps towards censorship resistance (it’s hard to stop things if you can’t see who is doing them), but it is not quite sufficient. There are three places where censorship might occur: between the user and the entry node, within the mixnet, and between the exit node and the requested site / service.

Within the multi-hop HOPR mixnet, this problem is solved: individual relayers cannot see what they are relaying or to and from where data is being sent. Malicious third parties running nodes gain no access to identifying information. The only way to censor an individual transmission is to take down the entire network, which should prove technologically and economically unfeasible once the network achieves sufficient scale.

On the entry side, the problem is solved by the user being in full control of their entry node. For the PoC version this currently creates an unreasonable technical burden for a global VPN service (both in terms of knowledge and system requirements), but the development of HOPR edge node capabilities as part of the MVP will allow for more lightweight nodes which can run easily on a wide range of devices.

The complexity lies in the exit nodes, and should be approached from multiple angles. On the exit node side, Gnosis VPN is theoretically censorable in various ways: the entity providing the site or service could identify a request as coming from a Gnosis VPN exit node and refuse to serve it; some external actor, likely a state or ISP provider, could identify a Gnosis VPN exit node operator and block their internet service; finally, exit node runners themselves may choose to refuse a user’s request.

Some components of a solution are already in place: because Gnosis VPN exit node operators will consist of a large number of globally distributed users, it will be technologically and economically unfeasible to block them all. They will also likely be using IP addresses which fall outside the standard ranges used for VPN blocking. If individual nodes are identified and blocked, they can be replaced (but this should be mitigated to ensure incentives are correct for being an exit node operator).

Since exit node operators expose their true IPs, it is reasonable that individual node operators should be able to refuse to serve particular requests (e.g., because of the jurisdiction where they are based). But this becomes a broadcast and discoverability problem: exit node runners should be able to broadcast what they will and won’t do, and users should be able to easily find and switch between exit nodes which meet their needs. A naive version of this functionality is seen in the PoC’s allowlist settings for exit nodes.

Additionally, Gnosis VPN exit node operators should be able to not publicly announce their service but only make it known to a trusted circle of users who can utilize their VPN exit capabilities. Thus, Gnosis VPN effectively provides a framework for customizable VPN service and user groups that are not publicly known and thus not censorable by anyone outside the circle of trusted users.

The trust graphs and group functionality within Circles v2 seem an ideal base for building these mechanisms. We have several ideas for mechanisms here which we intend to test throughout the development period.

This is a complex, research-heavy set of design problems, but one which will be tackled in parallel with building a globally scalable version of Gnosis VPN which, even without these improvements, would still be more anonymous, decentralized and have better trust assumptions than any other VPN currently on the market.

Project Deliverables

A) Turn the developer-oriented PoC into an MVP usable by end users.

The current PoC requires users to install, set up and maintain their own HOPR node. They must also configure Wireguard manually as well as use a command-line interface to start a Gnosis VPN connection. Although this is well-documented and tested, this is still a high barrier to entry and requires time, knowledge and a willingness to commit significant capital in the form of staked wxHOPR.

The Gnosis VPN MVP will be usable by end users without that strong technical knowledge. To achieve this, we have outlined the following deliverables:

  1. Remove dedicated HOPR node requirement
  • HOPR edge node support: Running a HOPR node on end-user devices (e.g., laptops) is hard because these provide limited uptime, resources and connectivity compared to servers in datacenters or dappnodes at home. However, supporting that deployment scenario is critical to making applications like Gnosis VPN viable and scale to large amounts of users.
  • Automated on-boarding: The current multi-step process to set up the node and configure it correctly will be shortened and require as little user input as possible. While this automation will be complex, it will reduce the points where users could fail in their journey.
  1. Provide VPN app which handles all configuration and logic
  • Support macOS and Linux (selected distributions): These platforms have been chosen to support a large potential end-user group while keeping desktop application development in a manageable scope since each platform adds complexity. More platforms will be added in follow-up work.
  • “Single-click” installation: A smooth and fast installation process must be supported for all supported platforms. This will be a big improvement over the PoC which requires downloading pre-built binaries manually and setting them up locally using a shell. However, this work comes with lots of platform-specific requirements and testing effort.

B) Turn the MVP into a market-ready product (version 1.0).

Removing the need for a dedicated full HOPR node is a major milestone in building a viable Gnosis VPN. However, in keeping with the Gnosis 3.0 vision, it will be necessary to move beyond highly embedded crypto users and attract a broader range of user types. Looking at standard VPN usage behaviours, it’s clear that we will need to support a wide variety of devices and operating systems, particularly mobile, bringing a native web3 product to mobile platforms.

The MVP UX will be optimized to enable end users to get their VPN up and running as quickly as possible. Global content restrictions, which were mainly in place due to bandwidth requirements will be lifted.

We envision the following deliverables:

  1. Mobile platform support
  • iOS / iPadOS: Only selected versions, likely the most recent major version, will be supported. More versions will be added in follow-up work. The VPN should integrate as a VPN service in the OS VPN subsystem. This requires extensive work on new test and release automation as is usual for mobile applications.
  • Android: Only selected versions and devices, likely the most recent major version, will be supported. More versions and devices will be added in follow-up work. This requires extensive work on new test and release automation as is usual for mobile applications.
  1. Support desktop platforms
  • macOS: Better integration as a network VPN service and support for older OS releases. Ideally the app should be published through the App Store; however, that is dependent on approval by Apple.
  • Linux: More supported distributions and package managers.
  1. Short time-to-first-use
  • Under 2min to set up and open a VPN connection: Even privacy-valuing users are unwilling to wait long periods simply because a product is decentralized. Hitting this target depends on the HOPR edge node support and being able to connect to the HOPR network and use it within a very short time.
  1. Integrated onboarding and discovery via Circles v2
  • Use Circles v2 as the identification method: This and the following items will begin with research into their feasibility, but we believe Circles v2 is the best way to streamline onboarding, discovery, and UX within the Gnosis ecosystem without creating additional tokens.
  • Integrate with existing Circles v2 ecosystem
  • Reduce UX friction by not requiring additional registration

C) Scale the underlying HOPR network to ensure scalability of the Gnosis VPN product.

Gnosis VPN works by channeling requests to dedicated exit nodes over the HOPR mixnet, via up to three HOPR relay nodes. However, this naturally means that as user numbers grow, the number of relay and exit nodes must scale to support this. As the network grows, discoverability and pathfinding become more crucial.

Work will be done to optimize the HOPR protocol to ensure a feasible ratio between users and node runners, but ultimately for a decentralized network a higher ratio here is a feature, not a bug. Growing and supporting a network of potentially tens of thousands of nodes will require significant work and optimization.

We envision the following deliverables here. These are intentionally broad because the nature of this work is to experiment, test, and improve, and problems cannot easily be predicted in advance. However, the HOPR team has met with excellent success at meeting its scaling goals thus far.

  1. HOPR network supports thousands of mix nodes: The current size of the network is around 500 nodes. Most p2p sub-systems and protocols have to be improved to reliably scale beyond 1000 nodes and support 1000s of users. Having more mix nodes is a prerequisite for higher global bandwidth support.
  2. HOPR network provides enough bandwidth to handle Gnosis VPN requirements: The performance of individual mix nodes must be optimized to handle traffic more efficiently without sacrificing privacy guarantees. Moreover, network topology and pathfinding must be improved to provide sustained bandwidth for individual edge nodes.
  3. Grow the number of HOPR node runners and Gnosis VPN exit node runners to support the MVP: From version 1.0, the economics of Gnosis VPN should be such that sufficient revenue exists to support the necessary node runners. However, until that time, it will be necessary to incentivize users to join to ensure we have a network of sufficient size to support the user base and test improvements on the road to version 1. The proposal requests an additional 500 GNO to use as incentives for these initiatives.

D) Harden the privacy and censorship-resistance of all Gnosis VPN product components.

A common shortcoming with VPNs is that their entire IP ranges are deny-listed by internet services or internet access providers, rendering the VPNs useless to their users. Gnosis VPN is well-placed to mitigate this thanks to its decentralized network which leverages the internet access of all network participants, whose IPs are likely to fall in the residential range, which is harder to block.

However, ensuring that Gnosis VPN becomes uncensorable at scale will require significant research and development specifically in the second half of the proposal. This work is split into four main contributions:

  1. Local VPN entry: Each user will have their own access into the VPN platform through a user-owned HOPR node. In the PoC this is a full HOPR node, while the final product relies on the HOPR edge node functionality (as described in A.1.i). Either way, access to the VPN does not rely on third-party systems and is therefore fully decentralized.
  2. Decentralized VPN exit: Gnosis VPN uses many different servers run by different network participants. This ensures that even if individual entities are shut-down, the Gnosis VPN product as whole will continue to function. While the PoC will work mainly through servers which are run by Gnosis itself, further decentralization will be achieved in the MVP and final product.
  3. Permissionless server registry and discovery: Server operators must be able to show their availability to users. Therefore, they must be able to register themselves in a service registry and users must be able to discover available servers. We plan to leverage Circles v2 in order to create decentralized trust groups which enables small and tiny Gnosis VPN server operators to exist in a permissionless manner.
  4. Protection against abuse: Gnosis VPN server operators must be able to discover and prevent abuse of the service they provide. The definition of abuse must be configurable, with specific settings decided by each exit node operator. Operators must be able to deny service to users if abuse is detected, and must be able to reflect that in the trust graph using Circles v2. For the service to be usable, operators’ abuse configurations must be easily discoverable by users, allowing them to understand the capabilities provided by a given server and to choose their exit server accordingly.

As with anything involving complex network topologies, these last two deliverables will potentially prove to be challenging problems. The final goal is an uncensorable version of Gnosis VPN which gives any users striving for maximum anonymity the ability to create their own closed group within the wider VPN service, accessible only to those they trust. This is very different from standard P2P and DHT-based approaches to discovery and broadcast. While we believe Circles v2 will help unlock these challenges, we still expect these parts of the project to be very research heavy with long timelines.

Rationale

The need for this follow-up proposal was already outlined in GIP-98. However, almost a year later it is worth revisiting and sanity checking this.

The need for a decentralized, trustless, uncensorable VPN service is stronger than ever. Digital privacy has never been more under threat, and access to web services is increasingly gated by those services, ISPs and states.

The PoC delivered through GIP-98 shows that an anonymous, unblockable VPN is feasible. In addition, the challenges to provide high performance, while real, are less pronounced than we feared. PoC performance in ideal conditions was 100x higher than predicted.

A VPN service is also a natural fit for the Gnosis 3.0 vision of onboarding more users to the Gnosis ecosystem. The value of the global VPN market is estimated at over $70b annually in 2024, growing to half a trillion dollars by 2034. The pandemic and rise in remote working has triggered a boom in the already fast-growing industry, with VPN usage estimated to have jumped by over 10% in the US in the past year.

Although Gnosis VPN will be a Gnosis product, the HOPR team is best placed to continue development through this second stage. We have the expertise and momentum from working on Phase 1, and Phase 2 includes challenging architecture, cryptography, research, and mechanism design problems which no other team is better equipped to tackle successfully.

The HOPR team is small, focused, and consistently produces results. GIP-98 was completed on time and within budget. We hit all our reporting and milestone deadlines, and the results exceeded the stipulated deliverables by orders of magnitude. We have already successfully worked with the Gnosis team to establish the Gnosis-hosted infrastructure for the PoC and are well-placed to continue working with Gnosis on the much broader range of challenges presented by Phase 2, which include business development and legal considerations.

Project Timeline, Milestones and KPIs

The proposed start of this project is from the moment the proposal is voted upon and executed. The project will run for 24 months. Development will be fully Free and Open Source, and progress reports will be provided to GnosisDAO on a quarterly basis, as we did for GIP-98.

Reporting and Updates

In addition to providing quarterly reports, we plan to publish three major product updates over the course of this project:

  1. MVP (Month 9) – Focusing on aspect A
  2. Version 1 (Month 18) – Focusing on aspects B and C
  3. Version 2 (Month 24) – Focusing on aspect D

Although each update focuses on particular aspects of the deliverables outlined above, the interconnected nature of the development and research means that each update will include full and partial deliverables from across the whole project scope. The diagram below shows the full list of deliverables associated with each update.

In addition, by month 6 the current PoC will be updated to an unrestricted version, with a significantly streamlined onboarding process.

Minor product updates might be published within each of these timeframes in varying frequencies depending on the amount of bug-fixes and new features.

KPIs

To ensure the project is on track, six-monthly user KPIs will be used to assess progress. By month 6, the unrestricted version of the PoC will be able to support all HOPR node runners as users.

From month 12, monthly active users will be defined based on Wireguard server registrations and activity contributing to HOPR protocol revenue.

Month Version User KPI
6 Unrestricted PoC Support for all HOPR node runners
12 MVP 100 MAU
18 Version 1 150 MAU
24 Version 2 500 MAU

Timeline

The table below collates the timelines for this project, along with the various versions, deliverables and KPIs

Month Version Update Full Deliverables Partial Deliverables KPI
6 PoC (unrestricted) Usable by all HOPR node runners
9 MVP A1,A2,D1 B1,B2,B3,C1,D2
12 100 MAU
18 Version 1 B2,B3,B4,C1,D2 B1,C2,D3,D4 150 MAU
24 Version 2 B1,D2,D3,D4 500 MAU

About HOPR

HOPR is a Swiss-based project building privacy infrastructure for web3. The HOPR network is a mixnet which uses proof-of-relay to incentivize relay nodes using the HOPR token.

HOPR has been active since 2020 and launched its HOPR token in February 2021. HOPR’s mixnet is fully functional, and currently has over 300 active relaying nodes. Of these, fewer than 10% are run by the HOPR team.

HOPR has a longstanding relationship with Gnosis. The HOPR network is incentivized using the HOPR token on Gnosis Chain. HOPR’s staking and node management tools are built on top of Safe. In 2022, HOPR conducted research in collaboration with Gnosis to highlight potential privacy issues related to validator sniping on Gnosis Beacon Chain.

Since 2024, HOPR has been working on Gnosis VPN, the first fully decentralized, trustless, uncensorable VPN network.

Funding and Team

HOPR is requesting $4.8m to fund this proposal, paid in four equal installments of $1.2m. The first will be paid when the proposal passes, with subsequent installments paid every six months, contingent on hitting the user milestones outlined above. In exchange, GnosisDAO will receive HOPR tokens at a 30% discount to the 90-day TWAP ending on the day of each installment.

In addition, similar to GIP-98, 500 GNO would be provided to incentivize the onboarding of new node runners to bootstrap the service.

HOPR has a streamlined, purely tech-focused team consisting of 9 full time engineers who work exclusively on HOPR. As part of this proposal, we would employ a 10th engineer to focus full-time on testing and QA and later on an 11th engineer to strengthen our R&D team.

All team members and their work can be found in the respective repositories of the following GitHub organization: HOPR · GitHub

12 Likes

Thanks everyone for the votes of support! If you have any questions or would like to hear more about Gnosis VPN, the proof of concept, and the plans behind this second-stage proposal, there will be a call on February 26th at 2030 CET

https://x.com/GnosisDAO/status/1893986744711979477

3 Likes

Since the Safe UI is still not operational on Gnosis Chain after the ByBit attack, we will not yet initiate phase 3 voting. We will wait until the Safe UI is back online and then give it a few more days for the dust to settle to ensure that everyone will be able to vote without any issues.

1 Like

I have spent a considerable amount of time testing the proof-of-concept version of GnosisVPN. The setup instructions were easy to follow and I had Gnosis-VPN up and running in just a few minutes. I was pleased with the overall experience for both setup and focused usability. I am looking forward to the MVP version and will do my part to help scale the network and spread the word about this outstanding partnership between Gnosis and HOPR. I would like to see this partnership continue long term with a focus on building resilient web3 products for everyday people around the world. I fully support this proposal and GnosisVPN in general. Great job HOPR team and congratulations on your progress!

3 Likes

GIP-122 entered Phase 3 voting on Snapshot:
https://snapshot.box/#/s:gnosis.eth/proposal/0x08ee3a735c8143c60339d5c9ad42f6c91b2f7e0c1c6f1ef651077004034348a6

I have updated the OP to clarify that HOPR offers a 30% discount to the 90d TWAP for Gnosis DAO. The intent of this proposal was to have commercial terms in line with GIP-98.

Specifically, the following section:

HOPR tokens at a 90-day TWAP ending on the day of each installment

has been updated to:

HOPR tokens at a 30% discount to the 90-day TWAP ending on the day of each installment

This change has been applied in both the Abstract as well as the Funding and Team sections.

1 Like

I would like to thank everyone for support of this GIP - the proposal has been voted upon with nearly unanimous support on Snapshot page.

We updated the Dune dashboard for the 90d HOPR TWAP to match the closing time of the vote giving a TWAP of $0.077110879. For the first tranche, Gnosis DAO will thus purchase

$1.2m / ($0.077110879/$HOPR * 0.7) = 22'231'438 $HOPR

from HOPR Association in exchange for USDC 1'200'000.

1 Like

For transparency, I’m confirming the execution of the transaction with

10 + 1’999’990 = 1’200’000 USDC sent to HOPR Association
and
1 + 22’231’437 = 22’231’438 HOPR sent to Gnosis DAO

3 Likes

Introduction

As part of GIP-122, we committed to giving quarterly updates on the development and launch of Gnosis VPN. We are pleased to present this first overview of our progress so far.

Unrestricted PoC

If you saw my talk and demo at DappCon in June, you’ll know that the unrestricted proof of concept version of Gnosis VPN is now available to all HOPR node runners. This means that we’ve switched away from using an allow list, allowing users to access sites outside of the Gnosis ecosystem.

With this update, our first development milestone has been completed a few months ahead of schedule. However, there are still more improvements to be made to this version, which will also stand us in good stead for the major releases in 2026:

  • We will be improving the client even further, making it easier to use.
  • The Gnosis VPN server setup is being improved to support unrestricted web browsing and support more global exit destinations
  • Ongoing work on the HOPR network supports Gnosis VPN development. A new major version is in the works and will be rolled out in time to support the next milestone. You can read about specific HOPR improvements in HOPR’s tri-weekly dev updates for the quarter [1] [2] [3] [4].

Gnosis VPN Website

To accompany the launch and improvements to the PoC we’ve launched a new Gnosis VPN website: vpn.gnosis.eth.limo.

In addition to completely overhauled content, the new site is hosted on IPFS, using ENS. Since Gnosis VPN aims to be a true web3 product, it was important to us that the product’s web presence would match this ethos. gnosisvpn.com will be updated to explain this approach and point to this new website.

Gnosis VPN Client PoC

The initial version of the client has been published on the Gnosis Github org:

The current version of the client is still focused on CLI use, but has been improved so users no longer have to configure Wireguard manually. Instead, the client implements Wireguard connection negotiation over HOPR and configures local Wireguard interfaces using wg and wg-quick. While this is still a far cry from true end-user usability, it already minimises the amount of configuration for users and it minimizes metadata leakage already at the earliest moment of establishing a connection.


Figure 1: Wireguard connection negotiation over HOPR

Legal Groundwork

Gnosis VPN is designed for resilience, so the goal is to have a minimal legal footprint. Nonetheless, as we plan the launch of Version 1 in 2026, it has become clear that there are some interactions and precautions which will require Gnosis VPN to have its own legal entity. For example, a mainstream version of Gnosis VPN will need to be listed in app stores to improve discoverability. This requires some entity capable of making and maintaining the listing and interacting with Google and Apple.

We have been working with the Gnosis legal team over the past few months to determine the best jurisdiction and governance structure for this legal entity. We will present our findings to the DAO for feedback and approval in the coming weeks.

Outreach

We’ve been busy representing and presenting Gnosis VPN at various events over the last weeks. The main focus was on helping users try out the new CLI-based client and get it running on their own hardware. Here is a list of public presentations we’ve given:

Outlook

That concludes our first quarterly update for GIP-122. Although it’s still early days, we’re delighted that everything is on track so far, with some portions of development completed ahead of schedule. The MVP version of Gnosis VPN is scheduled for release in month 9 of the GIP lifecycle, or December 2025. This is the first version which will really demonstrate how Gnosis VPN can provide accessible, uncensorable, unblockable, anonymous access to the open internet.

In the meantime, if you run a HOPR node and are interested in trying out the PoC, just follow the guide: https://github.com/gnosis/gnosis_vpn-client/blob/main/ONBOARDING.md

If you don’t currently run a HOPR node and would like to start, head here: Overview | HOPR Docs

Once your node is running you’ll be able to try Gnosis VPN.

We look forward to hearing your feedback!

6 Likes

Introduction

As part of GIP-122, we committed to giving quarterly updates on the development and launch of Gnosis VPN. We are pleased to present the second overview of our progress so far. Deliverable identifiers refer to the list provided in GIP-122.

HOPRd v3

In Q3 2025 we focused on finishing and releasing HOPRd v3.0 (deliverable category C). As explained in the GIP, a market-ready version of Gnosis VPN requires improvements to the HOPR mixnet which will underpin Gnosis VPN and provide its privacy guarantees.

This release marks an important step forward and serves as the basis for further development for the GnosisVPN client. Some relevant release highlights are:

  • Introduction of anonymous return path using SURBs (single-use return blocks), a new feature explained below
  • Add binary signatures and automatic packaging for multiple Linux distributions and macOS (A2)
  • Add automatic index logs snapshot fetching on startup to accelerate the initial index phase dramatically (B3)
  • Easier integration via hopr-lib into other projects, specifically needed for GnosisVPN client

Github Release: Release HOPR - v3.0.0 · hoprnet/hoprnet · GitHub
Docs: https://docs.hoprnet.org/

Anonymous Return Path and SURBs

The pre-dominant communication pattern between two applications on the internet is request-response. This applies even to the lower-layer protocols like TCP which send acknowledgments (ACKs) back as responses. In HOPR protocol terms, this means packet receivers must be able to address the sender somehow to be able to send a packet back.

In the perhaps more intuitive Gnosis VPN framing: if a user wants to visit a particular website, that request is sent to a chosen exit node. That exit node visits the requested website and returns the content.

But this produces what seems like a paradox. The sender needs a response to their request, but the anonymity requirements of the HOPR mixnet stipulate that senders must be anonymous, even to receivers.

To resolve this, we introduced the use of SURBs (Single-Use Reply Blocks [1]). SURBs can be generated by the sender and sent to the receiver. A SURB does not expose the sender and acts like an anonymous response envelope. Receivers can now send packets back without exposing the sender and breaking anonymity.

This is a neat solution but introduces practical problems which impact the requirement for Gnosis VPN to work at scale with sufficient bandwidth (Deliverable C2). Consider the typical internet use-case where a website is loaded or content is streamed. Requests are typically small (“I want the content at some site”), but responses are large (the actual content of that site). This usually leads to many more packets going from the receiver to the sender, each of which requires its own SURB.

Thus, the sender must provide an adequate amount of SURBs to the sender on-time and continuously to allow the receiver to send data to the sender with a good-enough bandwidth. Generating too few SURBs will impact bandwidth. Luckily SURBs can be pre-generated, but generating too many SURBs is counter-productive too because this is CPU-intensive work which can hamper normal packet processing.

To address this, we introduced a SURB pre-loading and balancing algorithm. The algorithm we implemented uses information from the creator of the HOPR session about the required/expected bandwidth and tries to balance SURB generation and transmission in the expected case with reliable handling of the extreme cases.

Using SURBs for anonymity comes at the general cost of additional computational and networking overhead on all nodes within a packet’s path. This side-effect is expected, and managing and further optimizing these costs will be at the top of our list of todos for the foreseeable future.

More details on the implementation of SURBs in the HOPR protocol can be found in the RFC-0004: rfc/rfcs/RFC-0004-hopr-packet-protocol/0004-hopr-packet-protocol.md at main · hoprnet/rfc · GitHub

GnosisVPN Client

After creating a working GnosisVPN PoC, we have begun work on the UI client (Deliverable A2), with the initial focus on macOS as the target platform. We chose Tauri as the app framework. This allows us to re-use the existing Rust-based hopr-lib easily.

We’ve begun testing the UI client on macOS internally; however, no publicly testable version is available yet. A major goal of this UI is to greatly streamline the onboarding process compared to the PoC, with particular focus on eliminating technical setup steps such as interacting with the terminal and manually adjusting WireGuard settings.

Progress can be followed on the Github Repository: GitHub - gnosis/gnosis_vpn-client: Gnosis VPN system service · GitHub

HOPR RFCs

As part of the v3 release process, we started formalizing the HOPR protocol design into a set of RFCs which serve as an introduction to the HOPR protocol and a guideline on how the protocol works in technical detail. While not a direct dependency for Gnosis VPN, it is essential that HOPR be well-documented and understandable in preparation for when Gnosis VPN development becomes more standalone.

We aim to improve these RFCs moving forward continuously and add new ones for new topics. All RFCs are publicly available on Github. Any feedback is welcome.

Github Repository: GitHub - hoprnet/rfc: Request for Comments (RFC) for HOPR protocol · GitHub
Public Website: https://rfc.hoprnet.org/

Outlook

With HOPRd v3 shipped, we are already deep into development for v4, the next major release which will serve as the basis for the GnosisVPN MVP. The major focus points for v4 are edge-client support (A1) (allowing GnosisVPN clients to operate without the need for a dedicated HOPRd node) and general optimization of packet processing and path finding, to improve the usable bandwidth for GnosisVPN (C2).
On the GnosisVPN client we are working on making the macOS UI app usable as a general-purpose VPN client and easy to install (A2, B2). We will also start work on the Linux app for a first Linux Distribution as a first-class supported platform (A2).

Everything is progressing according to our projected timelines. We look forward to hearing your feedback!

[1] George Danezis, Roger Dingledine, and Nick Mathewson. Mixminion: Design of a Type III Anonymous Remailer Protocol. In Proceedings of the 2003 IEEE Symposium on Security and Privacy, pages 2–15, May 2003.

4 Likes

GIP-122 Quarterly Update #3

Introduction

As part of GIP-122, we committed to giving quarterly updates on the development and launch of Gnosis VPN. We are pleased to present the third overview of our progress so far. Deliverable identifiers refer to the list provided in GIP-122.

HOPRd v4

The next major milestone for the HOPR protocol is v4, a backwards-incompatible update of the protocol and network which is needed to deliver essential improvements to the networking protocols, on-chain smart contracts and higher-level HOPR Session protocol. These improvements also support and unlock the deliverables A1 (Remove dedicated HOPR node requirement), B3 (Short time-to-first-use), C1 (HOPR network supports thousands of mix nodes), D1 (Local VPN entry).

A lot of work went into optimizing the network communication between HOPR nodes, the work done per packet, and the way the Session protocol generates and distributes SURBs. All of this will result in improved latency and throughput for an individual HOPR Session which is the backbone for improved GnosisVPN performance.

Work on v4 is not done yet. We are currently finalizing integration of these changes across the ecosystem and deploying v4 nodes in our staging network to finalize testing. The plan is to release the first release candidate soon.

Resilient indexing: Blokli

A specific architectural change in v4 is that the indexer has been moved out into a dedicated system, blokli, which can be run independently from a HOPRd relay and edge node.

Before v4, each hoprd node included its own indexing component, which required every node runner to have access to a reliable Gnosis Chain RPC endpoint. This proved to be a limiting factor for network growth and user UX because it adds an additional heavy external requirement to an otherwise lightweight hoprd node. While it might be reasonable to expect HOPR relay node operators to have access to a high quality RPC endpoint, this cannot be expected of the edge nodes which make up the core of Gnosis VPN running on end user devices. It is important to nudge those users away from using centralized RPC providers and important for Gnosis VPN’s overall resilience to have access to a resilient gateway to Gnosis Chain.

Now with blokli in the picture, a hoprd relay node runner can choose to still run their own blokli indexer provided they have access to a reliable Gnosis Chain RPC endpoint, or alternatively use a blokli instance available in the network. Moreover, edge clients will by default always use an auto-discovered blokli instance. This removes the need for a lengthy initial indexing stage and allows edge clients to be in sync with the network state on every startup very fast.

We will provide more information on the technical inner workings of blokli in a future quarterly update once the initial stable release is out. Until then development progress and releases can be followed on Github: GitHub - hoprnet/blokli: Indexes on-chain events related to HOPR smart contracts and provides the HOPR Indexer API · GitHub

GnosisVPN Client

We focused on the deliverables A1 (Remove dedicated HOPR node requirement), A2 (Provide VPN app which handles all configuration and logic), D1 (Local VPN entry) and partially also on other features which are meant for later milestones.

Linux Desktop support has been added in GnosisVPN client v0.56.6, with the recent version being available on Github as a .deb package: https://github.com/gnosis/gnosis_vpn/releases/tag/v0.56.7

Building out the initial Linux Desktop support has been important for us as it highlights the architectural differences between Linux and macOS which needed to be addressed. The .deb package support is only the first step, we will consider more package types and Linux distributions as we move forward given the input from the GnosisVPN community.

The macOS Desktop client and installer have also been further improved based on early user feedback and extensive internal testing.

The removal of needing a dedicated HOPR node is an important UX milestone as it makes the VPN usable to users who have not been HOPR node runners before. Combined with the desktop UI and installer the client is now installable and usable by any non-technical user with a few other UX limitations still to be ironed out. From a privacy perspective it’s important that the client enables local entry into the HOPR network, meaning all VPN traffic already leaves the machine over the HOPR network, maximizing anonymity for the client.

As always progress can be followed on the Github repository: GitHub - gnosis/gnosis_vpn-client: Gnosis VPN system service · GitHub

New releases are published in the dedicated top-level Github repository: https://github.com/gnosis/gnosis_vpn/releases

MVP

We set out to complete the MVP of the GnosisVPN client in December 2025. The release v0.56.6, which was published on 12th of December 2025, marked the successful release of the MVP version as targeted in the original GIP timeline.

Outlook

We are in the middle of integration of all the aforementioned changes across the GnosisVPN stack and starting to do extensive testing both internally and externally. Over the next quarter we will focus on testing and stabilizing these changes such that stable versions can be released.

Everything is progressing according to our projected timelines. We look forward to hearing your feedback!

3 Likes

When do you distribute GNO to HOPR node runner, pls?

Hi @xomtre
That’s a good question, we will decide how and when to distribute the GNO closer to the date of the VPN go-live as that is the time when I expect us to have bandwidth demand.
For example, it as of now it is unclear if we have most bottlenecks on exit nodes or on mix nodes. There are good reasons to not want to run an exit node (primarily because it publicly exposes your IP to Gnosis VPN users which carries at least some legal risks). However, there will also be exit node incentives in HOPR token (which we have not fully designed yet) and thus it is hard to tell if most of the current mix nodes choose to run an exit or just a mix node.
That means we need to closely observe the dynamics of the network and nodes closer to the launch time and with actual traffic to make sure that we incentivize the things that the product really needs most.
But don’t worry, this has not been forgotten!

1 Like

GIP-122 Quarterly Update #4

Introduction

As part of GIP-122, we committed to giving quarterly updates on the development and launch of Gnosis VPN. We are pleased to present the fourth overview of our progress so far. Deliverable identifiers refer to the list provided in GIP-122.

HOPRd v4

The next major milestone for the HOPR protocol is v4, a backwards-incompatible update of the protocol and network which is needed to deliver essential improvements to the networking protocols, on-chain smart contracts, and higher-level HOPR Session protocol. These improvements also support and unlock deliverables A1 (Remove dedicated HOPR node requirement), B3 (Short time-to-first-use), C1 (HOPR network supports thousands of mix nodes), and D1 (Local VPN entry).

As of now the work on v4 is feature-complete given the scope we planned for. However, more work is going into v4, including:

  • further optimizing the packet processing pipeline (the hot path every packet takes from being received and being sent out again. It’s critical to ensure this pipeline is performant and reliable.)
  • improving path finding
  • and general bug fixing based on the usage and tests of the GnosisVPN client.

We expect this to take a while until we feel the release is stable and ready for full production deployment.

General purpose indexing with blokli

In our last report we introduced blokli, our dedicated indexer which had just been deployed, for now in a hosted centralized fashion. It has been in constant use since then and has significantly improved our ability to debug issues and support GnosisVPN client fast startup. However, there are more indexing needs across the HOPR ecosystem (e.g., the staking hub, HOPR admin and network dashboard), all of which require particular data points and which are currently gathered using different providers of variable reliability. Since blokli already has all the functionality in place to cover these additional data points, we have begun extending to track them also, eliminating the need for additional third-party dependencies.

This work is ongoing. We ultimately envision blokli being the only indexing component needed within the HOPR ecosystem and for it to run in a decentralized fashion. As we are still extending blokli’s feature set, we have not yet published a stable release.

We will provide more information on the technical inner workings of blokli in a future quarterly update once the initial stable release is out. Until then, development progress and releases can be followed on Github: https://github.com/hoprnet/blokli

GnosisVPN Client Improvements

In addition to work on HOPR, we have of course dedicated significant time to improving the Gnosis VPN Client. Many thanks to the Gnosis ecosystem members who have already helped to test! Improvements this quarter include:

  • Reduced time to first use on first launch: We have decreased the time it takes a user from installing the app until first use of the VPN further. This is an ongoing effort though, we plan to decrease it further, which will improve overall user experience.
  • Linux Support: We improved the Linux support further, now both Debian and Ubuntu are supported platforms. Moreover, the installation is more reliable and the internal routing setup has been improved to not leak DNS requests.
  • MacOS Support: On Macs the client is now using performance CPU cores when possible for cryptographic operations which has direct positive impact on the overall sustained client bandwidth. Moreover, the installation is also more reliable and the internal routing has been streamlined and is set up faster.
  • More Exit Options: We have added more locations to allow users from different regions to have a better user experience through less distance to the exit locations. For now, all exits and respective individual relay nodes are operated by us in order to improve our ability to debug, test and rapidly deploy new versions.
  • Sustainable Client Bandwidth: We have increased the bandwidth a client can use when the VPN is active drastically. This makes for a better user experience when browsing the web. This is an ongoing effort though, we plan to decrease it further, which will improve overall user experience.
  • Many bugs fixed: Besides the previously mentioned changes we have squashed many other smaller and larger bugs which were identified through user testing, too many to list here.

First GnosisVPN Client Users

The goal of the last quarter was to get the GnosisVPN client into an end-user usable state which included onboarding flow, funding and eventually sustained usage. We have therefore begun onboarding our first users in two ways: via 1-on-1 calls and an unsupervised onboarding tool created specially for this process which allows users to record feedback and report bugs.

The sessions and the tool are designed to give a better understanding of the client UX and help us identify bugs. We set out to reach 100 MAUs in this milestone, which we successfully reached as of this report.

The current usage numbers can be viewed on our Dune dashboard: https://dune.com/hopr/gnosisvpn-active-users

Over the coming months we will focus on onboarding more users, in larger batches, while improving the client based on the user feedback we receive. The initial user testing has already helped us improve the UX a lot, which made it worth the effort. If you’d like to participate, please fill in the form here.

As always progress can be followed on the Github repository: https://github.com/gnosis/gnosis_vpn-client
New releases are published in the dedicated top-level Github repository: https://github.com/gnosis/gnosis_vpn/releases

Funding

As part of the ongoing funding for this GIP, HOPR received 1.2m USDC in exchange for 45,686,117 HOPR tokens. The transactions can be found here and here.

Outlook

The next milestone will coincide roughly with DappCon 2026 in Berlin. We aim to have published HOPRd v4 into production by then, as well as having improved the GnosisVPN client even further. We plan to onboard users on-site at DappCon as well, so if you see any HOPR or GnosisVPN branded team members floating around, feel free to get in touch and ask for access.

Everything is progressing according to our projected timelines. We look forward to hearing your feedback!

7 Likes

GIP-122 Quarterly Update #5

Introduction

As part of GIP-122, we committed to giving quarterly updates on the development and launch of Gnosis VPN. We are pleased to present the fifth overview of our progress so far. Deliverable identifiers refer to the list provided in GIP-122.

HOPRd v4

In the previous update we reported that HOPRd v4 was feature complete for the scope we had planned, with further work still needed around optimization, path finding, and stabilization. This quarter we continued that work and focused on integrating the v4 changes more deeply across the GnosisVPN stack.

The most important work this quarter was around path planning, transport performance, telemetry, and channel lifecycle management. These areas are directly relevant to deliverables A1 (Remove dedicated HOPR node requirement), B3 (Short time-to-first-use), C1 (HOPR network supports thousands of mix nodes), C2 (HOPR network provides enough bandwidth to handle Gnosis VPN requirements), and D1 (Local VPN entry).

On the protocol and networking side, we continued improving graph-based path planning and peer discovery. HOPRd now exposes more useful network graph and status information, which helps automated routing decisions and debugging. The path-planning work also now propagates path costs end-to-end, which is important for selecting valid routes that are suitable for sustained GnosisVPN traffic.

We also continued optimizing the packet processing pipeline. Several changes reduced overhead in the transport path and session handling, including improvements to packet encoding and decoding, session configuration, and egress handling. These improvements are not immediately visible to users as individual features, but they are essential for making GnosisVPN more stable and performant as more users are onboarded.

Finally, we improved telemetry and status reporting across HOPRd. More session and component-level metrics are now exposed via OpenTelemetry and related interfaces. This gives us much better visibility into client behavior, route quality, session stability, and channel state, all of which are important while we continue testing with real users.

Edge client and channel lifecycle

A significant amount of work also went into the edge-client layer, which is the part of the system that allows GnosisVPN users to connect without running a full HOPR node. This remains a key component of deliverable A1.

The major change this quarter was the introduction and adoption of a unified channel lifecycle strategy. This brings channel opening, funding, closing, and finalization into a single configurable strategy instead of relying on separate pieces of logic. The same work also improves how channel capacity is calculated and how the client reacts to changes in balances, ticket prices, and winning probabilities.

This is important for two reasons: First, it reduces the amount of manual setup and intervention required from users. Second, it gives the client better information about funding levels needed to support real VPN traffic. Together, these changes move GnosisVPN closer to the intended user experience: a VPN client which handles the HOPR-specific complexity internally, rather than exposing it to the user.

We also improved Safe and wxHOPR handling. The client now supports a simpler single-address funding flow, with automatic movement of wxHOPR into the Safe. This is a major UX improvement because it removes another piece of manual channel and balance management.

General purpose indexing with blokli

Our dedicated indexer, blokli, continues to be an important part of the GnosisVPN architecture. In earlier updates we explained that moving indexing into a dedicated component helps edge clients avoid a lengthy local indexing process and improves time-to-first-use. This quarter we continued extending blokli beyond its initial GnosisVPN-focused use case.

A major focus was reliability and observability. blokli now exposes more metrics, including support for OpenTelemetry export, and has better generated metrics documentation. This improves our ability to monitor deployed infrastructure and diagnose issues during user testing.

We also improved Safe-related indexing and inspection. blokli now supports more detailed reporting on Safe internal transaction status and reasons for reversion, improved Safe queries, and better compatibility checks between clients and servers. These are important because GnosisVPN relies on accurate chain state and funding information, but the user should not need to understand or debug that chain state themselves.

In parallel, blokli’s local development and testing setup was improved to match the deployed network more closely. This makes it easier to test funding, ticket price, and winning probability behavior before changes are shipped into production-like environments.

Development progress and releases can be followed on Github: GitHub - hoprnet/blokli: Indexes on-chain events related to HOPR smart contracts and provides the HOPR Indexer API · GitHub

GnosisVPN client improvements

We continued improving the GnosisVPN client, with a focus on security, routing, funding, diagnostics, and general reliability. These changes are directly relevant to deliverables A2 (Provide VPN app which handles all configuration and logic), B3 (Short time-to-first-use), C2 (HOPR network provides enough bandwidth to handle Gnosis VPN requirements), and D1 (Local VPN entry).

Improvements this quarter include:

  • Traffic leak protection: We added a connection-time kill-switch to prevent traffic leaks before the VPN is fully connected and until it is disconnected. This is an important step for making the VPN safer to use as a default network path.
  • Routing and DNS improvements: We overhauled routing logic, improved routing teardown, added DNS bypass handling for private ranges, and continued the move toward more robust Linux routing using netlink and nftables. These changes improve reliability and reduce the risk of DNS or routing leaks.
  • Simpler funding flow: We consolidated channel funding and introduced single-address funding support. The client can now move wxHOPR into the Safe automatically, reducing manual steps for users.
  • Better route and exit health: Connectivity checks and exit health were consolidated into a unified route health model. This helps the client make better decisions about usable routes and fallback behavior.
  • Session and SURB improvements: We added session pseudonym caching to reuse already warmed-up session SURBs on the exit. This helps reduce repeated setup work and contributes to better session startup behavior.
  • Improved diagnostics: The status command now works better offline and can show pending connections. We also added more detailed debugging output and improved formatting for balances and addresses.
  • More reliable shutdown and recovery: We fixed several worker, socket, routing, and setup edge cases which could previously lead to confusing states or unreliable shutdown behavior.

Many smaller bugs were also fixed across the client. These included fixes for funding status reporting, routing table restoration, macOS App Nap behavior, service directory setup, peer address handling, and better surfacing of initialization errors.

As always, progress can be followed on the Github repository: https://github.com/gnosis/gnosis_vpn-client

GnosisVPN app and user experience

In addition to the lower-level client work, we continued improving the desktop app. The focus this quarter was to make the app clearer, more responsive, and easier to use during onboarding and testing. Huge thanks to the members of Gnosis Ltd and the wider Gnosis community who participated in the first phase of user testing.

The app now includes in-app update check functionality, allowing users to see when a newer version is available. This is important while the client is still moving quickly and while we are onboarding users in larger groups.

We also redesigned exit node switching. The previous dropdown has been replaced with a clearer modal flow, including confirmation, inline warnings, and a “Don’t ask again” option. The app also now handles Auto mode more intelligently, using health information to select and sort nodes.

Funding and usage visibility were improved as well. The app now includes a dedicated funding screen, better balance display, QR and copy improvements, and clearer information about data usage, wxHOPR, and remaining credit. This is important because funding is still one of the most unfamiliar parts of the VPN experience for users who are not already deeply familiar with HOPR.

Several changes also make the app feel more responsive. The app now reacts immediately to connect and disconnect events, shows clearer synchronization progress, and displays recovery countdown information when needed. We also improved tooltips, version display, Linux tray icons, and general UI layout details.

Together, these changes make the product easier to test and bring us closer to the Version 1 goal of a market-ready client for users who should not need to understand the underlying HOPR mechanics.

Packaging, testing, and release infrastructure

We also spent time improving the release and testing infrastructure around GnosisVPN. This is less visible than app changes, but it is important for scaling testing and onboarding.

For Linux users, we introduced a signed APT repository and bootstrap installer for Debian and Ubuntu. This makes installation and updates easier and more reliable than manually downloading packages from Github releases. We also improved package signature verification documentation and release artifact publishing.

Across the GnosisVPN repositories, we added snapshot and nightly builds, improved CI workflows, and migrated more builds to Depot runners. We also added more hardening to workflows, including pinned action SHAs, security audit workflows, Codeowners, container scanning, and more restrictive GitHub Actions permissions.

We also continued expanding automated testing. In particular, system tests now start the client and verify download and IP lookup behavior through GnosisVPN against the deployed network. This gives us better coverage of real-world behavior and helps us catch regressions before users encounter them.

New releases continue to be published in the dedicated top-level Github repository: https://github.com/gnosis/gnosis_vpn/releases

Funding

As part of the ongoing funding for this GIP, HOPR received 1.2m USDS in exchange for 73,201,396.3971578118 HOPR tokens. The transactions can be found here and here.

Outlook

We are now preparing the final stretch before showcasing Gnosis VPN at DappCon 2026 in Berlin. This will be an important opportunity to put the application in front of more future users, collect feedback, and identify further product improvements. If you’re attending DappCon, please visit our booth and try out the latest version of the VPN.

Testing has dropped to a slower pace while we implement the feedback from the first round, but is planned to pick up again strongly after DappCon. Current usage can be seen on the dashboard: https://dune.com/hopr/gnosisvpn-active-users

Over the coming months we will focus on stabilizing the current client and app, improving onboarding, and continuing to test the full GnosisVPN stack with real users.

We will also keep working on routing, funding, telemetry, and release infrastructure so that the product can support larger user batches more reliably.

Everything is progressing according to our projected timelines. We look forward to hearing your feedback!

6 Likes