NYM network: getting started
NYM network is a mixnet currently integrated with and marketed as a VPN. It is similar in function to Tor, with the primary use case being accessing clearnet resource with enhanced anonymity.
Users can connect to their network via wireguard VPN client, or they can choose to use the mixnet directly using "anonymous" mode for stronger privacy but higher latency.
Nym mixnet is a bit tricky to analyze in terms of security and privacy; there are a lot of moving parts, including blockchain-incentivized node operators. In general, complexity is the enemy of security, but a lot of this is built from sound foundations, like onion routing. Anyway, I'm not here to take on that task, just to post a how-to to help get started.
NYM VPN
The NYM website shows clients for all major OSes, I have not tried all of them because lazy. Here is an overview of using Nym on linux. I also tried on iOS and Windows, nothing additional to add there.
linux
The installer tries to add this to your menu, but you can also run it like this:
/usr/bin/nym-vpn-app &
If everything went well, you should see the GUI shown above. Verify your IP address after connecting.
If it didn't work, my first guess why would be because the installer installs assuming you're running systemd. If you're not, first of all congratulations! Secondly, simply running the app as is won't work. That's because it'll only start the client, assuming the daemon is already running as system service.
If that's you, you'll need to first run the daemon as root user via sudo or doas, then run the client as a normal user - like so:
sudo /usr/bin/nym-vpnd & # daemon
/usr/bin/nym-vpn-app & # client
But if you are running systemd then you can simply manage the VPN daemon the usual way:
sudo systemctl status nym-vpnd # show current status
sudo systemctl stop nym-vpnd # stop the service
sudo systemctl start nym-vpnd # start the service
and for the client, you can use the provided nym-vpnc to do all the client things that the GUI does, like connect, disconnect, status,...
gateways
By default the servers you use for entrance to and exit from Nym network are company-run servers in Switzerland. You can choose whatever you like however. But be aware that, just like if you're choosing Tor nodes you don't want to choose specific machines and create a single point of failure - choose a country or large city. You can reset them by first getting a list of all the servers you're interested in, e.g.
# just show me Toronto exit nodes
nym-vpnc gateway list mixnet-exit | grep Toronto
It's a very big list
Use nym-vpnc gateway set to change these, to whatever you like from the gateway list.
DNS
You can set your DNS servers using the GUI or via nym-vpnc
split-tunneling
Nym actually has a detailed post I recommend reading on split tunneling.
Be sure you're aware of the degrading of your strong privacy by sending some traffic through an encrypted VPN tunnel, and other traffic straight out from your ISP to clearnet. There are multiple risks to this, one of which is de-anonymization due to an adversary possibly correlating the traffic of both together.
Here is an example where I've started VLC, and want to access a network stream. In the GUI you just select vlc. Using the command line:
iOS and Windows
Honestly not even sure what to write. I installed from appstore and blindly downloading a Windows installer and praying (usual technique) and it worked. The Window install went off fine as well - all worked as desired on both.
