Nym node ‘Galaxy’ update has just completed

If you are running a Nym node, here’s what this means for you!

Author: Nym

November 9, 20234 mins read

If you are running a Nym node, here’s what this means for you!

The very latest Nym binaries update, Galaxy, was released this week. It follows a major step in project Smoosh, namely enabling Nym nodes to run open gateways. This change enables operators to shift from a restrictive ‘allow’ list of apps reachable via the mixnet, to instead implement a ‘deny’ list, effectively opening the mixnet to almost the entire internet.

Languages: Português // Русский // 中文 // Español // Bahasa Indonesia // 日本 // Française

The prior release, v2023.3-kinder, saw project Smoosh come to life, folding Nym network requester functionality into the Nym gateway binary. This update forms the basis of the exit gateway node — an essential part of the new ‘Smooshed’ setup in the mixnet.

The next step will be to ‘smoosh’ gateways and mixnodes, so operators can easily service any hop in the network, radically improving the redundancy of the mixnet.

Read on to find out all about the Galaxy update.

Exit gateways now run a ‘deny list’

NymConnect has, until now, run on a limited ‘allow list’ only letting through traffic from a very narrow number of applications. With the upcoming release of NymVPN — the evolution of NymConnect into a consumer product — this is changing to a ‘deny list’ in order to enable privacy for the broadest possible user base, with the widest available range of web services.

In short, this means that gateways will now block known malicious traffic, rather than only allowing the traffic of a select few services. This is a much more permissive setup to enhance appeal and accessibility for end users.

To protect operators, an exit policy has been introduced so known malicious actors are blocked by default. This is based on a combination of the Tor Null advisory block list and the Tor reduced exit policy.

Introducing Nym Operators Legal Forum

To further assist operators, Nym DevRels have started to compile a document for legal best practice and advice.

The document serves as the basis for a consultation with Nym node operators on any concerns, plus additional support and information operators might need throughout the change for ensuring maximum availability, usability and adoption.

Operators are invited to research their own jurisdictions and add their findings to this document.

To do so, create a pull request to the repository, then message DevRels to alert them in the new Nym Operators Legal Forum on Element. Note: only members of the general or node operator rooms may access the Legal Forum on Element.

While Nym core team cannot provide comprehensive legal advice across all jurisdictions, work is ongoing to build knowledge and experience with the help of the community and legal counsel.

That said, Nym core has now published preliminary findings from legal counsel on Nym exit gateways in two jurisdictions, Switzerland and the United States. These should not be viewed as comprehensive legal counsel and are presented unedited.

Given the legal similarity between Nym exit gateways and Tor exit relays, it is also recommended that operators acquaint themselves with Tor community exit guidelines.

Nym core team cannot provide operators with definitive answers regarding the potential risks of operating open gateways, but there is evidence of some considerations that may arise, from operating Tor exit relays:

From a technical perspective, Nym node operators may need to implement additional controls, such as dedicated hardware and IP usage, or setting up an HTML exit notice on port 80.
From an operational standpoint, node operators may be expected to actively manage their relationship with their ISP or VPS provider and respond to abuse requests using the proposed templates.
Legally, exit relays are typically considered “telecommunication networks” and are subject to intermediary liability protection. However, there may be exceptions, particularly in cases involving criminal law and copyright claims. Operators could seek advice from local privacy associations and may consider running nodes under an entity rather than as individuals.

Nym node operators are strongly encouraged to join operator channels on Element, Discord, and Telegram to share best practices and experiences.