| hidden | layout | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
true |
|
The NYM mixnet technology ensures enhanced privacy and anonymity for online communications. It utilizes a decentralized network to encrypt and route data, ensuring that the origin and destination are concealed. By implementing the NYM mixnet, users can protect their online activities and sensitive information, safeguarding their privacy from surveillance and censorship. This advanced networking technology provides a secure environment for transmitting data and maintaining anonymity.
{% hint style="danger" %} Notice: This guide is out of maintenance, the following steps may not be correct {% endhint %}
{% hint style="danger" %} This project is in a testing phase, which means that it could fail on numerous occasions and in cases of use, be conscious of this before starting this guide {% endhint %}
{% hint style="warning" %} Difficulty: Intermediate {% endhint %}
The technology involves two key components: the Network Requester and the SOCKS5 Client. The Network Requester acts as an intermediary, encrypting and routing data through a decentralized mixnet network to enhance privacy and prevent surveillance. The SOCKS5 Client establishes a secure connection to the mixnet, enabling users to route network traffic and enjoy improved privacy.
Implementing these components empowers users to protect their online activities and sensitive information. Service providers, such as the network requester and mix nodes, offer services that leverage data mixing, identity protection, and traffic routing, further enhancing privacy in the NYM network.
Together, these components and service providers create a decentralized infrastructure within the NYM network, safeguarding user anonymity and protecting online activities.
- Others
- With user
admin, update and upgrade your OS
sudo apt update && sudo apt full-upgrade- Make sure that all necessary software packages are installed
sudo apt install pkg-config build-essential libssl-dev jq- Check if you already have Rustc
rustc --versionExample of expected output:
rustc 1.71.0 (8ede3aae2 2023-07-12)
- And cargo installed
cargo -VExample of expected output:
cargo 1.71.0 (cfd3bbd8f 2023-06-08)
{% hint style="info" %} If you obtain "command not found" outputs, you need to follow the Rustup + Cargo bonus section to install it and then come back to continue with the guide {% endhint %}
- Stay login with the user
admin, configure the firewall to allow incoming requests to the nym-socks5-client
sudo ufw allow 1080/tcp comment 'allow NYM socks5 client from anywhere'- Now we will go to the temporary folder to create the NYM binaries that we will need for the installation process
cd /tmp- Set a temporary version environment variable to the installation
VERSION=nym-binaries-v2024.13-magura- Clone the latest version of the source code from the GitHub repository and go to the nym folder
git clone --branch $VERSION https://github.com/nymtech/nym.git && cd nym- Enter the command to compile
cargo build --release{% hint style="info" %} This process can take quite a long time, 10-15 minutes or more, depending on the performance of your device. Please be patient until the prompt shows again {% endhint %}
{% hint style="info" %}
-> Don't worry about possible "warning:..." logs, it is aimed at application developers
-> If the prompt shows you this error:
error: rustup could not choose a version of cargo to run, because one wasn't specified explicitly, and no default is configured. help: run 'rustup default stable' to download the latest stable release of Rust and set it as your default toolchain.
You need to type rustup default stable and wait for the process to finish, then try again the command before
Also, that could help Upgrade Rust to the latest version {% endhint %}
{% hint style="success" %} If you come to update, this is the final step, go back to the Upgrade section to continue {% endhint %}
- Create the user nym with this command
sudo adduser --gecos "" --disabled-password nym- Staying in the temporary folder, copy to the home nym user the "nym network requester" binary
sudo cp /tmp/nym/target/release/nym-network-requester /home/nym/- Assign the owner of the binary to the nym user
sudo chown nym:nym /home/nym/nym-network-requester- Switch to the user "nym"
sudo su - nym- Init the network requester for the first time with
gateway based selectionflag to choose a gateway based on its location relative to your device
./nym-network-requester init --id bitcoin --latency-based-selection{% hint style="info" %}
If you want to select the gateway that your network requester will be connected to, you could add the flag --gateway <gatewayID> replacing the <gatewayID> with someone on this list and delete the --latency-based-selection flag
{% endhint %}
Example of expected output ⬇️
_ __ _ _ _ __ ___
| '_ \| | | | '_ \ _ \
| | | | |_| | | | | | |
|_| |_|\__, |_| |_| |_|
|___/
(nym-network-requester - version 1.1.21)
Initialising client...
2023-06-17T20:28:30.210Z INFO nym_client_core::init::helpers > choosing gateway by latency...
2023-06-17T20:28:49.963Z INFO nym_client_core::init::helpers > chose gateway 2xU4CBE6QiiYt6EyBXSALwxkNvM7gqJfjHXaMkjiFmYW with average latency of 42.730304ms
Registering with new gateway
2023-06-17T20:28:50.244Z INFO nym_gateway_client::client > the gateway is using exactly the same protocol version as we are. We're good to continue!
2023-06-17T20:28:50.252Z INFO nym_config > Configuration file will be saved to "/home/nym/.nym/service-providers/network-requester/bitcoin/config/config.toml"
Saved configuration file to "/home/nym/.nym/service-providers/network-requester/bitcoin/config/config.toml"
Using gateway: 2xU4CBE6QiiYt6EyBXSALwxkNvM7gqJfjHXaMkjiFmYW
Client configuration completed.
Version: 1.1.14
ID: bitcoin
Identity key: 84K1SPBsSPGcCGQ6hK4AYKXuZHb5iU3zBc9gYb3cJp6o
Encryption: Cfc67agMVw6GRjPb7ZyEfZSwLeVSvYtqKCKmATewYJa5
Gateway ID: 2xU4CBE6QiiYt6EyBXSALwxkNvM7gqJfjHXaMkjiFmYW
Gateway: ws://194.182.172.173:9000
Address of this network-requester: 84K1SPBsSPGcCGQ6hK4AYKXuZHb5iU3zBc9gYb3cJp6o.Cfc67agMVw6GRjPb7ZyEfZSwLeVSvYtqKCKmATewujajT@2xU4CBE6QiiYt6EyBXSALwxkNvM7gqJfjHXaMkjhdjywS
{% hint style="info" %} Take note of your network requester address <requesteraddress> {% endhint %}
Example ->
Address of this network-requester: 84K1SPBsSPGcCGQ6hK4AYKXuZHb5iU3zBc9gYb3cJp6o.Cfc67agMVw6GRjPb7ZyEfZSwLeVSvYtqKCKmATewujajT@2xU4CBE6QiiYt6EyBXSALwxkNvM7gqJfjHXaMkjhdjywS
- Check the correct installation
./nym-network-requester -VExample of expected output:
nym-network-requester 1.1.24
- Exit from the nym user session
exitThe system needs to run the network requester daemon automatically in the background, even when nobody is logged in. We use "systemd", a daemon that controls the startup process using configuration files.
- As user
admin, create the service file
sudo nano /etc/systemd/system/nym-network-requester.service
- Paste the following configuration. Save and exit
# MiniBolt: systemd unit for nym network requester
# /etc/systemd/system/nym-network-requester.service
[Unit]
Description=Nym Network Requester
Requires=network-online.target
After=network-online.target
StartLimitInterval=350
StartLimitBurst=10
[Service]
ExecStart=/home/nym/nym-network-requester run --id bitcoin
User=nym
Group=nym
# Process management
####################
Restart=on-failure
RestartSec=30
KillSignal=SIGINT
# Hardening Measures
####################
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
{% hint style="info" %}
(Optional) You can add --fastmode attribute to the ExecStart parameter to enable this feature, this means the connection will not mixed up as much, but you will still be covered by the same privacy standard/minimum that NYM provides:
ExecStart=/home/nym/nym-network-requester run --id bitcoin --fastmode{% endhint %}
- Enable autoboot (optional)
sudo systemctl enable nym-network-requester- Prepare “nym-network-requester” monitoring by the systemd journal and check the logging output. You can exit monitoring at any time with Ctrl-C
journalctl -fu nym-network-requesterTo keep an eye on the software movements, start your SSH program (eg. PuTTY) a second time, connect to the MiniBolt node, and log in as "admin"
- Start the nym network requester service
sudo systemctl start nym-network-requesterExample of expected output on the first terminal with journalctl -fu nym-network-requester ⬇️
Jun 25 20:43:00 minibolt systemd[1]: Started Nym Network Requester.
Jun 25 20:43:00 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:00.402Z INFO nym_network_requester::cli::run > Starting socks5 service provider
Jun 25 20:43:00 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:00.592Z INFO nym_client_core::client::base_client::non_wasm_helpers > creating fresh surb database
Jun 25 20:43:00 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:00.644Z INFO nym_client_core::client::replies::reply_storage::backend::fs_backend::manager > Database migration finished!
Jun 25 20:43:00 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:00.718Z INFO nym_client_core::client::base_client > Starting nym client
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.104Z INFO nym_gateway_client::client > the gateway is using exactly the same protocol version as we are. We're good to continue!
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.104Z INFO nym_gateway_client::client > Claiming more bandwidth for your tokens. This will use 1 token(s) from your wallet. Stop the process now if you don't want that to happen.
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.104Z WARN nym_gateway_client::client > Not enough bandwidth. Trying to get more bandwidth, this might take a while
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.104Z INFO nym_gateway_client::client > The client is running in disabled credentials mode - attempting to claim bandwidth without a credential
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.155Z INFO nym_client_core::client::base_client > Obtaining initial network topology
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.581Z INFO nym_client_core::client::base_client > Starting topology refresher...
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.581Z INFO nym_client_core::client::base_client > Starting received messages buffer controller...
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.581Z INFO nym_client_core::client::base_client > Starting mix traffic controller...
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.581Z INFO nym_client_core::client::base_client > Starting real traffic stream...
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.581Z INFO nym_client_core::client::base_client > Starting loop cover traffic stream...
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.581Z INFO nym_network_requester::core > The address of this client is: Zq2pc3b7tiSWbjdgvQi9Xw5WLvmVVzfTouSvy8DUws9.HCThYe3mTBHPZDayqH46p73iYLMe3GNEKrgVtoPjjdte@BTZNB3bkkEePsT14GN8ofVtM1SJae4YLWjpBerrKust
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.581Z INFO nym_network_requester::core > All systems go. Press CTRL-C to stop the server.
Jun 25 20:43:01 minibolt nym-network-requester[1774351]: 2023-06-25T18:43:01.582Z INFO nym_network_requester::allowed_hosts::standard_list > Refreshing standard allowed hosts
[...]
{% hint style="info" %}
All network requester specific configurations can be found in /home/nym/.nym/service-providers/network-requester/bitcoin/config/config.toml. If you do edit any configs, remember to restart the service
{% endhint %}
- Stay logged in with
adminuser, go to the temporary folder
cd /tmp- Copy to the home nym user the "nym socks5 client" binary
sudo cp /tmp/nym/target/release/nym-socks5-client /home/nym/- Assign the owner of the binary to the nym user
sudo chown nym:nym /home/nym/nym-socks5-client- Switch to the user "nym"
sudo su - nym- Init the nym socks5 client for the first time with
gateway based selectionflag to choose a gateway based on its location relative to your device and replace <requesteraddress> with the obtained in the Run NYM network requester step before
{% code overflow="wrap" %}
./nym-socks5-client init --id bitcoin --latency-based-selection --provider <requesteraddress>{% endcode %}
{% hint style="info" %}
If you want to select the gateway that your socks5 client will be connected to, you could add the flag --gateway <gatewayID> replacing the <gatewayID> with someone on this list and delete the --latency-based-selection flag
{% endhint %}
Example of expected output ⬇️
_ __ _ _ _ __ ___
| '_ \| | | | '_ \ _ \
| | | | |_| | | | | | |
|_| |_|\__, |_| |_| |_|
|___/
(nym-socks5-client - version 1.1.21)
Initialising client...
2023-06-17T20:32:16.857Z INFO nym_client_core::init::helpers > choosing gateway by latency...
2023-06-17T20:32:36.948Z INFO nym_client_core::init::helpers > chose gateway FQon7UwF5knbUr2jf6jHhmNLbJnMreck1eUcVH59kxYE with average latency of 44.796394ms
Registering with new gateway
2023-06-17T20:32:37.195Z INFO nym_gateway_client::client > the gateway is using exactly the same protocol version as we are. We're good to continue!
2023-06-17T20:32:37.200Z INFO nym_config > Configuration file will be saved to "/home/nym/.nym/socks5-clients/bitcoin/config/config.toml"
Saved configuration file to "/home/nym/.nym/socks5-clients/bitcoin/config/config.toml"
Using gateway: FQon7UwF5knbUr2jf6jHhmNLbJnMreck1eUcVH59kxYE
Client configuration completed.
Version: 1.1.14
ID: bitcoin
Identity key: GwFEXSpQP1VFZwDdYRkuRTUpQ28v3zvZbq3mtQnNELwr
Encryption: EeAiN8mySPwcFco1hgipD86ymzK8UfShjgdMKkKvbk3a
Gateway ID: FQon7UwF5knbUr2jf6jHhmNLbJnMreck1eUcVH59kxYE
Gateway: ws://116.203.182.89:9000
SOCKS5 listening port: 1080
Address of this client: GwFEXSpQP1VFZwDdYRkuRTUpQ28v3zvZbq3mtQnNELwr.EeAiN8mySPwcFco1hgipD86ymzK8UfShjgdMKkKvghste@FQon7UwF5knbUr2jf6jHhmNLbJnMreck1eUcVH59usta
- Check the correct installation
./nym-socks5-client -VExample of expected output:
nym-socks5-client 1.1.24
- Exit from the nym user session
exitThe system needs to run the network requester daemon automatically in the background, even when nobody is logged in. We use "systemd", a daemon that controls the startup process using configuration files.
- As user
admin, create the service file
sudo nano /etc/systemd/system/nym-socks5-client.service- Paste the following configuration. Save and exit
# MiniBolt: systemd unit for nym socks5 client
# /etc/systemd/system/nym-socks5-client.service
[Unit]
Description=Nym Socks5 client
Requires=network-online.target
After=network-online.target
StartLimitInterval=350
StartLimitBurst=10
[Service]
ExecStart=/home/nym/nym-socks5-client run --id bitcoin --host 0.0.0.0
User=nym
Group=nym
# Process management
####################
Restart=on-failure
RestartSec=30
KillSignal=SIGINT
# Hardening Measures
####################
LimitNOFILE=65536
[Install]
WantedBy=multi-user.target
{% hint style="info" %}
(Optional) You can add --fastmode attribute to the ExecStart parameter to enable this feature, this means the connection will not mixed up as much, but you will still be covered by the same privacy standard/minimum that NYM provides:
ExecStart=/home/nym/nym-socks5-client run --id bitcoin --fastmode(Optional) You can add --open-proxy true attribute to the ExecStart parameter to enable this feature, this means that there will be no restriction on which sites can be accessed using your network requester, so it is not recommended to share your service provider's address with anyone:
ExecStart=/home/nym/nym-socks5-client run --id bitcoin --fastmode --open-proxy true-> This one before is necessary to add if you want to use it to proxy Bitcoin Core {% endhint %}
- Enable autoboot (optional)
sudo systemctl enable nym-network-requester- Prepare “nym-socks5-client” monitoring by the systemd journal and check the logging output. You can exit monitoring at any time with Ctrl-C
journalctl -fu nym-socks5-clientTo keep an eye on the software movements, start your SSH program (eg. PuTTY) a second time, connect to the MiniBolt node, and log in as "admin"
- Start the nym socks5 client service
sudo systemctl start nym-socks5-clientExample of expected output on the first terminal with journalctl -fu nym-socks5-client ⬇️
Jun 25 21:19:30 minibolt systemd[1]: Started Nym Socks5 client.
Jun 25 21:19:30 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:30.577Z INFO nym_client_core::client::base_client > Starting nym client
Jun 25 21:19:30 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:30.947Z INFO nym_gateway_client::client > the gateway is using exactly the same protocol version as we are. We're good to continue!
Jun 25 21:19:30 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:30.947Z INFO nym_gateway_client::client > Claiming more bandwidth for your tokens. This will use 1 token(s) from your wallet. Stop the process now if you don't want that to happen.
Jun 25 21:19:30 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:30.947Z WARN nym_gateway_client::client > Not enough bandwidth. Trying to get more bandwidth, this might take a while
Jun 25 21:19:30 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:30.947Z INFO nym_gateway_client::client > The client is running in disabled credentials mode - attempting to claim bandwidth without a credential
Jun 25 21:19:30 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:30.987Z INFO nym_client_core::client::base_client > Obtaining initial network topology
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_client_core::client::base_client > Starting topology refresher...
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_client_core::client::base_client > Starting received messages buffer controller...
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_client_core::client::base_client > Starting mix traffic controller...
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_client_core::client::base_client > Starting real traffic stream...
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_client_core::client::base_client > Starting loop cover traffic stream...
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_socks5_client_core > Running with Mix packets
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_socks5_client_core > Starting socks5 listener...
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_socks5_client_core::socks::server > Listening on 127.0.0.1:1080
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_socks5_client_core > Client startup finished!
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_socks5_client_core > The address of this client is: GjcMYVkzBmX51e4ZGPknAAgc7Zdk5pn3d9jaAmKMszK9.C82LFDSF6MXfJcZb4rxt3vJSrDBMmSPi2BoAPerthFsg@FYnDMQzT49ZGM23gVqpTxfih14V6wuedNXirekmtIshr
Jun 25 21:19:31 minibolt nym-socks5-client[1776937]: 2023-06-25T19:19:31.394Z INFO nym_socks5_client_core::socks::server > Serving Connections...
[...]
- Ensure the service is working and listening at the default
1080port
sudo ss -tulpn | grep nym-socks5Expected output:
tcp LISTEN 0 1024 0.0.0.0:1080 0.0.0.0:* users:(("nym-socks5-clie",pid=3610164,fd=16))
- Delete the NYM compilation folder to be ready for the next update and free up space
sudo rm -r /tmp/nym{% hint style="info" %}
All socks5-client-specific configurations can be found in /home/nym/.nym/socks5-clients/bitcoin/config/config.toml. If you do edit any configs, remember to restart the service
{% endhint %}
{% hint style="info" %} You can get more information about the complete documentation here {% endhint %}
So far, we have been routing all clearnet network traffic through Tor. However, it is also possible to proxy outbound clearnet connections (IPv4/IPv6) using the NYM mixnet. Doing this can reduce the traffic volume on the Tor network.
- With user
admin, edit thebitcoin.conffile
sudo nano /data/bitcoin/bitcoin.conf- Modify the following line. Save and exit
# Proxify clearnet outbound connections using NYM SOCKS5 proxy
proxy=127.0.0.1:1080
- Restart bitcoind to apply changes
sudo systemctl restart bitcoind- Check the correct proxy change network connection
bitcoin-cli getnetworkinfo | grep -A 3 ipvExpected output:
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:1080",
--
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:1080",
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
NymConnect is an easy-to-use interface that enables you to connect other applications to the NYM mixnet for enhanced privacy. This desktop application allows you to effortlessly run the NYM SOCKS5 client without the need for manual commands.
Simply download the NYM Connect app for your operating system and click the prominent green button in the center of the screen. By default, the app automatically connects to a random gateway from a predefined list and utilizes a random service provider of this list.
These service providers grant access to specific applications such as Keybase, Telegram, Electrum, Monero Wallet, and Blockstream Green Wallet. However, it is worth noting the benefits of configuring your service provider with an "open proxy/exit policy" enabled.
The previously configured Nym SOCKS5 client can run in the background as a daemon, commonly used in server operating systems without a desktop interface. Meanwhile, NYM Connect is typically utilized in desktop versions of operating systems.
{% hint style="info" %} If you wish to choose your gateway from the provided list or configure your service provider, you can do so by accessing the settings menu. Simply click on the hamburger icon located in the top-left corner -> Settings -> Select your gateway / Select your service provider using <requesteraddress> before configured {% endhint %}
Follow the Electrum Wallet desktop guide. You have 2 options:
- If you don't have your node and you want to proxy all connections (The Electrum Servers of the wallet & third-party server connections) using the NYM mixnet
Use this example of a shortcut for Linux to select a public server automatically proxying using NYM mixnet:
./electrum-4.4.5-x86_64.AppImage -p socks5:localhost:1080Or directly on the interface; on the top menu, go to Tools --> Network --> Proxy tab, check "Use proxy", select "SOCKS5"
Host: 127.0.0.1 or localhost
Port: 1080
Electrum SOCKS5 proxy configuration
Electrum servers connected using NYM mixnet
- If you have your node and you only want to proxy all third-party connections (price servers, Whirlpool, etc.) using the NYM mixnet
Use this example of a shortcut for Linux to select your private server (your MiniBolt Electrum server), proxying through NYM mixnet:
{% code overflow="wrap" %}
./electrum-4.4.5-x86_64.AppImage -1 -s 192.168.1.147:50002:s -p socks5:localhost:1080{% endcode %}
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
Follow the Desktop wallet: Sparrow Wallet until the (Optional) Set up a Tor proxy for external services, which could be used for these 2 cases of uses:
- If you don't have your node and you want to proxy all connections (The Electrum Servers of the wallet & third-party server connections) using the NYM mixnet
URL: select one of the public serveres provided for Sparrow
Swich "Use proxy"
Proxy URL: 127.0.0.1 -> Port: 1080
- If you have your node and you only want to proxy all third-party connections (price servers, Whirlpool, etc.) using the NYM mixnet
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
Follow the Sparrow server bonus guide, which could be used for these 2 cases of uses:
- If you have your node and you only want to proxy all third-party connections (price servers, Whirlpool, etc.) using the NYM mixnet
Go to Preferences -> Server -> Private Electrum
URL: select your MiniBolt IP address or localhost (127.0.0.1) if running on the same device, and select 50001 (mainnet) / 60001 (testnet) (TCP) or 50002 (mainnet) / 60002 (testnet) (SSL) port
Select "yes" to use SSL, if you use 50002 (mainnet) / 60002 (testnet) SSL connection
Select "yes" to use use proxy -> Proxy URL: 127.0.0.1 -> port 1080
Sparrow server using Electrum Server testnet mode in localhost and proxy NYM mixnet
- Press "Test" or "Done" and wait to connect
{% hint style="success" %} You have Sparrow server configured to proxy third parties servers connection using NYM mixnet {% endhint %}
- If you don't have your node and you want to proxy all connections (The Electrum Servers of the wallet & third-party server connections) using the NYM mixnet
Go to Preferences -> Server -> Public Electrum
URL: select one of the public serveres provided for Sparrow
Select "yes" to use use proxy -> Proxy URL: 127.0.0.1 -> port 1080
{% hint style="success" %} You have Sparrow server configured to proxy public Electrum servers and third parties servers connection using NYM mixnet {% endhint %}
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
Download the Blockstream Greenwallet app for your OS and install it.
Go to App Settings -> Navigate to Network -> switch "Connect through a proxy"
Proxy host: 127.0.0.1
Proxy port: 1080
Screenshot showing a proxy connection using NYM mixnet
Download the Bitbox app for your OS and install it.
Go to Settings -> Advanced settings -> Enable Tor proxy, check "Enable Tor proxy" and type 127.0.0.1:1080 -> Set proxy address
Go to "Connect your full node" -> Check the pre-setted Electrum servers Bitbox app or choose one of your elections, Go to Add a server:
- Enter the endpoint:
electrum.blockstream.info:50002 - Click on the "Download remote certificate" button
- Click on the "Check" button, click OK
- Finally, click on the "Add" button and click again on the "Check" button, and "OK"
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
Download the Nunchuk wallet desktop version for your OS and install it.
Go to Settings -> Network Settings -> Enable Tor proxy, check "Enable Tor proxy" and type in the "Proxy address" box:127.0.0.1 and in the "Port" box: 1080. Above, enable "Connect to Electrum server", select "Mainnet server", keep the public Nunchuk address server by default, or click on the "Reset" button. Leave the rest of the boxes blank and finally click on "Save network settings".
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
Download the Keybase app for your OS and install it
Go to Settings -> Advanced -> Navigate to "Proxy settings", and check "SOCKS5", type this info:
Proxy Address: 127.0.0.1
Proxy Port: 1080
{% hint style="success" %} Save proxy Settings {% endhint %}
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
Download the Telegram app for your OS
Use this link to automatically save the configuration, click on "Enable" or go to Settings -> Advanced -> Connection type -> Check "use custom proxy"
{% hint style="success" %} Save and close all banners to go back to the running app {% endhint %}
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
Download Firefox | Librewolf | Mullvad or any Firefox-based browser for your OS
Go to General -> Network Settings -> Settings...
Fill the form with the next data:
{% hint style="success" %} Press OK and start the navigation {% endhint %}
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
At the moment, the Android app is undergoing constant development, and the download link on the GitHub repository is being regularly updated, with some updates being non-functional. The following link is not available on GitHub, but it is a static and functional link, although it is also a pre-alpha version and may have bugs on certain occasions.
Download here or in the future, download here
{% hint style="info" %} You could use NYM proxy with the Telegram app for example ⬇️ {% endhint %}
Scan this QR code, click on "Connect proxy" or manually, go to Settings -> Data and Storage -> Proxy Settings -> switch "Use proxy"
Keep selected "SOCKS5 proxy"
Server: 127.0.0.1
Port: 1080
{% hint style="success" %} Save, switch "Use proxy" again {% endhint %}
{% hint style="warning" %} Notice: This app consumes significant data and battery when connected to the mixnet network. Please be aware that prolonged usage may result in increased data usage and reduced battery life. This is primarily due to the constant emission of false packets by the app {% endhint %}
{% hint style="info" %}
If you have installed the NYM socks5 client installed in a machine inside of your local network, you can point the service to its IP address instead of localhost (127.0.0.1), e.g. 192.168.1.94:1080
{% endhint %}
{% tabs %} {% tab title="Nostr-NYM Proxy" %} Proxy for using Nostr over Nym mixnet. Nostr-nym is a proxy for using Nostr through the Nym Mixnet. It stands between Nostr users and a specific Nostr relay, preferably on the same machine as the relay, allowing users to connect to this relay without leaking their IP address to it
GitHub {% endtab %}
{% tab title="NYM Nostr client" %}
A Nostr client connected to a Nostr-NYM Proxy
Link | GitHub
{% endtab %}
{% endtabs %}
{% tabs %} {% tab title="NYM Swap" %} [Unofficial] Swap different tokens <> NYM token
Link {% endtab %}
{% tab title="NYM Network Explorer" %} Explorer to get information on the NYM network components
Link {% endtab %} {% endtabs %}
- First, ensure that you have the latest Rustc version following the Upgrade section of the Rustup + Cargo bonus guide, or simply exec:
rustup updatecommand with theadminuser - Follow again the entire Compile NYM binaries from the source code section until the "Enter the command to compile" step (inclusive), once you do that, continue with the next steps below:
- With
adminuser, stopNYM socks5 client & NYM Network requester
sudo systemctl stop nym-network-requestersudo systemctl stop nym-socks5-client- Replace the network requester binary
sudo cp /tmp/nym/target/release/nym-network-requester /home/nym/- Change to the nym user
sudo su - nym- Check the correct update
./nym-network-requester -VExample of expected output:
nym-network-requester 1.1.24
- Init again the network requester to update the
config.tomlfile if needed
./nym-network-requester init --id bitcoin --latency-based-selection- Exit from the
nymuser session
exit- Start network requester again
sudo systemctl start nym-network-requester- Replace the socks5 client binary
sudo cp /tmp/nym/target/release/nym-socks5-client /home/nym/- Change to the nym user
sudo su - nym- Check the correct update
./nym-socks5-client -VExample of expected output:
nym-socks5-client 1.1.24
Example of expected output:
- Init again the socks5 client with the same command, this updates the
config.tomlfile if needed
{% code overflow="wrap" %}
./nym-socks5-client init --id bitcoin --latency-based-selection --provider <requesteraddress>{% endcode %}
- Exit from the
nymuser
exit- Start socks5 client again
sudo systemctl start nym-socks5-client- Delete the NYM compilation folder to be ready for the next update and free up space
sudo rm -r /tmp/nym- With user
admin, stop network requester and socks5 client services
sudo systemctl stop nym-network-requestersudo systemctl stop nym-socks5-client- Disable autoboot (if enabled)
{% code overflow="wrap" %}
sudo systemctl disable nym-network-requester && sudo systemctl disable nym-socks5-client{% endcode %}
- Delete network requester and socks5 client services
sudo rm /etc/systemd/system/nym-network-requester.servicesudo rm /etc/systemd/system/nym-socks5-client.service- Delete nym user. Don't worry about
userdel: nym mail spool (/var/mail/nym) not foundoutput, the uninstall has been successful
sudo userdel -rf nym| Port | Protocol | Use |
|---|---|---|
| 1080 | TCP | Socks5 client default port |