Tips for Running an Exit Node in a Distributed Network
If you’re running an exit node for a distributed virtual private network - this is the place to start understanding your risks and liability.
What is a Distributed Network ?
A distributed network is a system over which network participants collaborate and share resources to achieve specific goals. TOR Network and torrents websites (The Pirate Bay, TorLock, etc) are peer to peer distributed networks that have developed alongside the internet.
With the advent of cryptocurrencies, new forms of distributed networks have sprung up to share resources when it comes to storage, computing power and privacy. But these networks are different, they are incentivised with a token that holds a store of value.
Exit nodes are most relevant when it comes to distributed or decentralized virtual private networks (dVPNs). This is particularly relevant as the encrypted traffic flows through the node, pinging the internet with the node runner’s IP address - which is often tied to their identity.
What are decentralised virtual private networks (dVPNs)?
Decentralised Virtual Private Networks are distributed systems of exit and relay nodes which help end users access services by passing encrypted traffic through them.
What is an Exit Node?
An exit node is a network participant that functions as a gateway for encrypted traffic to hit the Internet.
Running an exit node within distributed networks comes with a number of challenges. This arises from the friction of policy lagging behind technological developments.
You can see this in the several cases against TOR network, torrents and more.
Exit node runners are often confused with end users. This is because it’s their IP address that the destination server sees. (i.e. If an end user uses your node’s IP to download a movie, it’s the node runner’s IP address that is seen downloading this movie). As technology providers within the distributed VPN space, we have come together to build an evergreen resource to help guide node runners who are working to keep the internet free.
Why Run an Exit Node in a Distributed Network?
With cryptocurrency, you can make a contribution to freedom of speech and information, power a peer-to-peer distributed network, all while earning some side income.
What is a Relay Node?
Relay nodes in distributed systems are nodes which receive traffic and pass it along to another node, not a server. Relay nodes adds yet another layer of obfuscation for encrypted traffic, without making the owner of the relay node look like the source of the traffic.
Relay nodes are functionality that is coming soon in both Mysterium and Sentinel Network.
What can I do to protect myself as an Exit Node Runner in a distributed network?
In order to start the information sharing we have tried to collect good practices, advices for node runners, so they could stay safe and protected, when running a node:
1. Consider where you are running your node
There are several ways in which you can ensure that you are running a node safely. Here are a list of suggestions, they are by no means comprehensive:
- Make sure that running a node in your jurisdiction is legal
- Set up a separate company (this could even be a non-profit) to run the node (it could potentially grow to an actual business)
- Use a colocation data center
- Ask for a separate IP address for your node from ISP.
2. Separate your traffic from encrypted traffic flowing through your node
- Ensure that you do not run your own internet traffic through the same IP address on which you are running your node.
- Ask if your Internet Service Provider (ISP) allows you to run a node, and inform them of your plans to run a node in a distributed network. Not all ISPs look positively at node running activities. For a comprehensive list of ISP sentinment towards node runners have a look at https://wiki.vuze.com/w/Bad_ISPs or https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs. If your ISP isn’t on the list, here is a template email you can send to educate them on the function of node running in preserving human rights in a digital environment.
- Avoid keeping any sensitive or personal information on the computer hosting your node.
3. Register your IP address
Be as transparent as possible about the fact that you're running an exit node. Register your IP address with the Regional Internet registry (depending on your country, for example: ARIN, RIPE NCC, APNIC etc.). Doing this can help you to get any claims against you dismissed much faster.
4. Understand your rights, and your risks
Each jurisdiction has its own views on the legality of node running. Many western countries have regulations that exclude communication service providers from liability. Please add your country's regulations to this list:
- USA: DMCA 512;
- Germany: TMG 8 and 15.
- Netherlands: Artikel 6:196c BW
- Austria: ECG 13
- Sweden: 16-19 2002:562
We encourage you to share your experiences and local regulations regarding node running. It is important in order to push policy such that node runners cannot be held liable for traffic that passes through exit nodes.
You can always seek help and additional information from organizations fighting for internet freedom, such as Electronic Frontier Foundation or EDRi (or its national members, the list can be found here: https://edri.org/members/).
5. Be smart and critical if you receive a cease and desist claim
When running a node you might get attention from law enforcement or private litigants with “cease and desist” claims that you have breached intellectual property rights of a third party.
You should be aware that in some countries law firms send such claims without actually representing the owner of the intellectual property rights. They do so in the hopes of getting a settlement without going to court.
In the event of receiving a cease and desist claim, always inform any claimant that you are running a node and ask for proof that the claimant has the actual rights to represent the company he is claiming to be representative of. Also check the jurisdiction from which you are receiving the claim.
Answer any abuse complaints within a reasonable time span and be polite and professional. You can find drafts of possible answers at the following link: [link].
In a spirit of educating society about the importance of internet freedom we encourage you to send any claims you get to us at [address] and to the Lumen database (https://lumendatabase.org/), which collects and analyzes cease and desist letters concerning online content.
You can find a lot of helpful information on how to defend your rights at their site: https://www.lumendatabase.org/topics/14#QID586.
6. Do not log traffic going through your node
Do not log the traffic, which is going through your node. Not only does it give additional proof for you to show that you are acting only as a relay for information passing through your node, but also it protects the confidentiality of the user, using your node. Finally, traffic analysis can defeat your ability to show that you did not know what content is passing through your node and you might be held responsible for that content.
What is Mysterium Network?
Mysterium Network is building a distributed virtual private network. This means that exit nodes within Mysterium Network are run by everyday people who care about internet freedom. Find out more about Mysterium Network and the work we are doing to free the internet for all.
What is Sentinel Network?
Sentinel is a decentralized ecosystem which serves as a framework for individuals and organizations to build their own distributed and decentralized VPN applications. Find out more about the Sentinel Network and how you can contribute by providing bandwidth or building your own application.
This article is for informational purposes only and does not constitute legal advice. We are technical developers and can not give any legal advice or help with any legal issues. Our aim is to provide general information for node runners. Different factual situations and different legal jurisdictions will result in different suggestions or actions, which should be taken. Therefore, please do not act on this information alone and if you have any specific legal or other problems, issues, or questions, seek a complete review of your situation with a lawyer licensed to practice in your jurisdiction.