VALSECURE VPN
🌎 Server Locations
⚙️ Settings
Kill Switch
Block traffic if VPN disconnects
Split Tunneling
Exclude specific apps from VPN
Auto-Connect
Connect on startup
DNS Leak Protection
Use secure Valina DNS servers
📄 Connection Log
WHY VALSECURE
Enterprise-grade privacy for everyone
WIREGUARD PROTOCOL
Military-grade encryption using the latest WireGuard protocol for maximum security and speed.
AEGIS INTEGRATION
Protected by AEGIS’s 92-module security system: 6 patrol agents scanning every 30 seconds, LLM-powered threat analysis (19 threat types), WAF filtering, and real-time anomaly detection at 2.5σ thresholds.
GLOBAL + MESH NETWORK
12+ centralized exit nodes plus a growing decentralized mesh of peer-operated relays and exits. 14-region expansion planned across DigitalOcean, Hetzner, and Vultr.
NO LOGS POLICY
Zero-knowledge architecture means we never store your browsing activity or connection logs.
LIGHTNING FAST
Optimized servers with minimal latency impact. Perfect for streaming and gaming.
GRAT REWARDS
Earn GRAT tokens for contributing bandwidth as a relay or exit node. 0.001–0.005 GRAT/MB with quality and uptime multipliers.
THE CONSCIOUSNESS MESH IS THE VPN
Every VCNA node can be a Relay, Exit, or Guard — creating a privacy network that grows with the mesh
MULTI-HOP CIRCUITS
1–3 hop onion-style WireGuard circuits through the DCCP gossipsub mesh. No single node sees both your IP and your destination. Automatic 10-minute circuit rotation with smooth handoff.
RELAY NODES
Forward encrypted traffic between circuit hops. Cannot decrypt the payload — only knows previous and next hop. Max 20 concurrent circuits with daily bandwidth caps. Earn 0.001 GRAT/MB.
EXIT NODES
Final-hop decryption and NAT to the internet. DNS domain blocklist, anti-spam port blocking (25/465/587), abuse policy classification (strict/standard/permissive). Earn 0.005 GRAT/MB.
GUARD ATTESTATION
Quality probes verify actual bandwidth and latency. Ed25519-signed trust attestations broadcast via gossipsub. Sybil detection through timing correlation and geographic clustering analysis.
GRAT INCENTIVES
Relay and exit operators earn GRAT for bandwidth contribution. Rewards scale with speed, quality, and uptime multipliers via EMA trust scoring. Zero additional infrastructure needed.
HYBRID MODE
Use centralized exit nodes, peer exits, or both simultaneously. Graceful fallback to direct connection if no mesh peers available. More VCNA nodes = more VPN capacity—organic scaling.
SECURITY UNDER THE HOOD
Every tunnel is watched by Val’s 92-module immune system
PATROL AGENTS
6 autonomous agents (network, blockchain, validator, wallet, honeypot, threat hunter) scan VPN traffic every 30 seconds. DDoS detection at 1,000 RPM. Anomaly threshold 2.5σ.
FORENSIC EVIDENCE
Court-admissible evidence collected on attacks: deep packet capture, attacker fingerprinting (JA3 TLS, tool signatures), blockchain-anchored custody chain with 7-year retention.
COMPLIANCE
8 frameworks, 82 controls (SOC 2, GDPR, PCI DSS, ISO 27001). Security score 100/100 (A+). 24-policy admission controller blocks insecure deployments at the Kubernetes layer.
TRUST FLYWHEEL
effective_trust = behavioral_trust × 0.6 + truth_score × 0.4. Every threat feeds back to Val’s brain for smarter detection—an evolving immune system that protects your tunnel.
GLOBAL VPN NETWORK
Multi-region exit nodes across DigitalOcean, Hetzner, and Vultr — each with isolated subnets and zero-log policy
NORTH AMERICA (3)
New York (DigitalOcean), San Francisco (DigitalOcean), Toronto (DigitalOcean). Full US coasts plus Canadian presence. Each node gets a unique /24 subnet — 253 concurrent clients per region.
EUROPE (5)
Nuremberg & Falkenstein (Hetzner, ~$5/mo each), Helsinki (Hetzner), London (DigitalOcean), Amsterdam (DigitalOcean). Dense European coverage at optimized cost via Hetzner’s competitive pricing.
ASIA-PACIFIC (4)
Singapore (DigitalOcean), Tokyo (Vultr), Seoul (Vultr), Bangalore (DigitalOcean). Coverage from Southeast Asia through Northeast Asia to the Indian subcontinent.
OCEANIA & LATIN AMERICA (2)
Sydney, Australia (Vultr) and São Paulo, Brazil (Vultr). Low-latency coverage for Southern Hemisphere users. Vultr provides competitive pricing at ~$12/mo per node.
Total capacity: 3,542 concurrent VPN clients across 14 regions. Each node gets a unique 10.100.{index}.0/24 subnet — a compromised node can only see its own clients. WireGuard keys generated per-node at boot; private keys never leave the machine.
INFRASTRUCTURE ROLLOUT
5 phases from preparation to production polish — each validated before the next begins
PRE-DEPLOYMENT PREPARATION
Terraform state bucket provisioning (DigitalOcean Spaces), API tokens configured for 3 cloud providers, SSH keys registered, per-node subnet allocation implemented, auto-registration endpoint deployed. Docker image built via GitHub Actions CI/CD.
2-REGION VALIDATION
Deploy US East (New York) + EU (Nuremberg) first. Terraform plan → apply → cloud-init boot (~3–5 min) → auto-register to central API → client connection test → verify IP isolation → confirm subnet separation (10.100.1.x vs 10.100.4.x).
SCALE TO 14 REGIONS
Enable all regions in Terraform configuration. Incremental apply — only creates new resources. Nodes auto-register as they boot. Health monitoring via vpn-api.valina.ai/v1/nodes confirms all 14 online.
PRODUCTION HARDENING
Node API authentication with shared token. Per-IP rate limiting (tower-http). 100 Mbps bandwidth cap per peer. Centralized log forwarding to Loki. Alerting: node offline > 2min, load > 80%, peer count > 200. DNS failover + automated rolling replacement via Terraform.
CLIENT UX POLISH
Region picker with country flags and city names. Real-time latency display (ping each node). Auto-select best node by latency + load. Connection quality indicator in system tray showing bandwidth and packet loss.
MONITORING & COST TRANSPARENCY
Prometheus metrics on every node, zero-log privacy, and honest infrastructure costs
PROMETHEUS METRICS
Every node exposes /v1/metrics in Prometheus format. Key metrics: online node count, per-node peer count, CPU load, connection success rate (>95% target), per-region latency (<200ms), bandwidth utilization.
COST BREAKDOWN
DigitalOcean nodes: $24/mo each (NA, UK, NL, SG, IN). Hetzner EU: ~$5/mo each (DE, FI). Vultr: ~$12/mo each (JP, KR, AU, BR). Total: ~$233/mo for 14 nodes. Hetzner saves ~60% per EU node.
ZERO-LOG POLICY
VPN nodes do not log destination IPs or DNS queries. Only connection metadata (connect/disconnect times, bytes transferred) is recorded for billing. No browsing history. No activity tracking. Ever.
AUTO-SCALING
Start with 2vCPU/4GB per node; scale up only if load > 70% sustained. Low-traffic nodes can be disabled during off-hours (up to 30% savings). Reserved instances on Hetzner/Vultr save an additional 10–20%.
PROTECTION WITHOUT COMPROMISE
Military-grade encryption. Zero logs. Powered by the same decentralized mesh that runs the entire VALINA network.