Impervious
Search…
VPN
The VPN API allows for encrypted Wireguard VPNs.
Overview
The VPN API allows for encrypted Wireguard VPNs to be established and shared amongst other Impervious nodes. Currently, this is the most involved API as it requires some initial Wireguard setup. Potential applications of this include encrypted client to server communication, Internet Access, server to server communications, and selling anonymous VPNs. With this API, any Impervious node can become a VPN provider and sell access to the VPN for users to connect to.
This allows point to multiple secure communications on a common subnet, currently it only supports a subnet size of /24. Do not attempt any other subnets as the code only counts clients from .2 to .254. Future updates will include more flexibility.
Of your subnet, x.x.x.1 is reserved for your node.
Make sure your node has a publicly accessible IP address, or at a minimum a routable subnet one's client can reach.
In the Impervious node's
config.yml file, set the price in Satoshi's per hour. Eg. 100 sats per hour. Note: In future releases, we'll add the ability to change the time (i.e. 100 sats per minute or day or minute).A Client node with an active connection to the VPN will receive a notification every ten minutes warning them of time left via the websockets API. If they fail to pay you, the internal timer will expire and remove them from the VPN.
Read the Wireguard config manual for what the parameters in the the Impervious Node's config file mean. https://www.wireguard.com/quickstart/​
Impervious node must run on Linux.
1
apt install wireguard
2
ip link add dev wg0 type wireguard
3
ip address add dev wg0 192.168.44.1/24
4
ip link set up dev wg0
5
umask 077
6
wg genkey | tee privatekey | wg pubkey > publickey
Copied!
A good starting point for the server:
/etc/wireguard/wg0.conf
1
[Interface]
2
PrivateKey = asdfasdfasdfasdfasdfasdfasdfasdfadfasdfasdf=
3
Address = 192.168.44.1/24
4
ListenPort = 51820
Copied!
To activate the config, or to clean out old clients use:
1
systemctl restart [email protected]
Copied!
proto/imp/api/vpn/vpn.proto
Allows for an Encrypted Wireguard VPN between Impervious nodes
VPN
VPN service allows for an Encrypted Wireguard VPN between Impervious nodes.
Method Name
Request Type
Response Type
Description
RequestQuote
RequestQuoteRequest
RequestQuoteResponse
RequestQuote requests a quote from another node.
AcceptContract
AcceptContractRequest
AcceptContractResponse
AcceptContract accepts and pays for a specific contract.
RefreshContract
RefreshContractRequest
RefreshContractResponse
RefreshContract accepts and pays for a specific contract refresh on an existing VPN.
HTTP bindings
Method Name
Method
Pattern
RequestQuotePOST/v1/vpn/quoteAcceptContractPOST/v1/vpn/contractRefreshContractPOST/v1/vpn/refresh AcceptContractRequest
Represents a request to Accept (Pay For) a VPN Quote
Field
Type
Label
Description
pubkey
string
​
The public key of the far end LND node running IMP
nonce
string
​
the identifier from a requested VPN quote
price
string
​
the agreed upon price from the VPN quote
AcceptContractResponse
Represents a response back from an accepted VPN Quote
Field
Type
Label
Description
id
string
​
returned message ID
RefreshContractRequest
Represents a request to extend/refresh an expiring VPN Connection (i.e. purchase more time)
Field
Type
Label
Description
pubkey
string
​
The public key of the far end LND node running IMP
nonce
string
​
the identifier of the VPN connection
price
string
​
the agreed upon price from the VPN quote
RefreshContractResponse
Represents a reponse back from a refreshed VPN connection
Field
Type
Label
Description
id
string
​
returned message ID
RequestQuoteRequest
Represents a request to receive a VPN quote from a far end node
Field
Type
Label
Description
pubkey
string
​
The public key of the far end LND node running IMP
RequestQuoteResponse
Represents a response back from a VPN Quote Reqeust
Field
Type
Label
Description
id
string
​
returned message ID
Scalar Value Types
.proto Type
C++
Java
Python
Go
C#
PHP
Ruby
double
double
double
float
float64
double
float
Float
float
float
float
float
float32
float
float
Float
int32
int32
int
int
int32
int
integer
Bignum or Fixnum (as required)
int64
int64
long
int/long
int64
long
integer/string
Bignum
uint32
uint32
int
int/long
uint32
uint
integer
Bignum or Fixnum (as required)
uint64
uint64
long
int/long
uint64
ulong
integer/string
Bignum or Fixnum (as required)
sint32
int32
int
int
int32
int
integer
Bignum or Fixnum (as required)
sint64
int64
long
int/long
int64
long
integer/string
Bignum
fixed32
uint32
int
int
uint32
uint
integer
Bignum or Fixnum (as required)
fixed64
uint64
long
int/long
uint64
ulong
integer/string
Bignum
sfixed32
int32
int
int
int32
int
integer
Bignum or Fixnum (as required)
sfixed64
int64
long
int/long
int64
long
integer/string
Bignum
bool
bool
boolean
boolean
bool
bool
boolean
TrueClass/FalseClass
string
string
String
str/unicode
string
string
string
String (UTF-8)
bytes
string
ByteString
str
[]byte
ByteString
string
String (ASCII-8BIT)
Last modified 9mo ago