Unlike VPNs with a “no-logs” policy, Cipher Shield is provably private by design.

Even “no-logs” VPNs see both your identity and your internet activity, meaning you have to blindly trust their pinky-promise for privacy. This is exactly why some privacy-conscious folks will tell you not to use a VPN at all.

Cipher Shield is different – we never see your decrypted internet packets. It’s simply impossible for us to log your internet activity, even if we were compelled to, or if our servers were compromised. You can even verify this yourself.

Cipher Shield’s stealth protocol is much harder to block.

Our unique stealth protocol is designed to blend in with regular internet traffic. It does so by leveraging QUIC – the same technology that powers HTTP/3 – making it far harder for censors or network filters to detect or block.

Want more technical details? See here.

Cipher Shield only sees your connecting IP address and necessary payment info – never your actual internet traffic.

We physically can’t decrypt your internet traffic (see how) and never log your connecting IP address.

For even more privacy, we actively support privacy-friendly payment methods like Bitcoin over Lightning. Learn more about accepted payment methods here.

I like the way you think! 😎

Don’t trust — verify. Our app’s entire source code is on GitHub for you to verify that we do what we say.

We also plan to provide reproducible builds of our app, meaning anyone can confirm that the app you download matches the code we publish.

Additionally, our app displays your current exit hop’s WireGuard public key on its “Location” page. You can check this key against what Mullvad publishes here to ensure that you’re connected via a genuine Mullvad exit hop!

CipherShield is just $8/month.

You can top-up your account using:

• Credit Card (via Stripe)
• Bitcoin over Lightning (for more privacy)

For convenient renewals, you can also subscribe with your Credit Card (via Stripe). Note that Stripe may need your email for subscriptions, but Cipher Shield never stores it.

Each Cipher Shield account has 3 simultaneous connection slots. This is different from “3 devices”.

If you’re connecting with our Cipher Shield app…

• You can log in on as many devices as you’d like.
• A device only uses 1 slot while it is actively connected (see the “Connection” tab in the app).

If you’re connecting with our WireGuard configs…

• Each config reserves 1 slot as long as it exists on your account, even when the device is not connected.
• To free a slot, delete the config from your account here.

Examples

• Only using our Cipher Shield app: Unlimited sign-ins; up to 3 devices connected at the same time.
• Only using WireGuard configs: You can keep up to 3 configs total (i.e., 3 devices).
• A Mix: If you have 1 WireGuard config on your account, it uses 1 of 3 slots, leaving 2 slots open for the Cipher Shield app to connect from any signed-in devices.

With a typical multihop VPN, the same provider controls every hop—so they can still link your identity to your traffic.

Cipher Shield solves this by using a fully-independent exit hop (currently Mullvad). Ensuring that our servers never see your actual traffic, and the exit hop never sees your identity.

We have immense respect for the Tor project (and encourage you to support it), but its volunteer-run network can be slow and susceptible to DDoS issues, making it infeasible for everyday use.

Cipher Shield uses two dedicated, high-performance hops for maximum speed and reliability – meaning you get many of Tor’s privacy benefits without sacrificing everyday usability.

We’re always working to add more exit locations. We currently have the follow:

North America

• Toronto, Canada
• Vancouver, Canada
• Ashburn, VA
• Chicago, IL
• Dallas, TX
• Denver, CO
• Los Angeles, CA
• Miami, FL
• New York, NY
• San Jose, CA
• Seattle, WA

Latin America

• São Paulo, Brazil
• Santiago, Chile
• Bogotá, Colombia
• Querétaro, Mexico

Europe

• Paris, France
• Frankfurt, Germany
• Milan, Italy
• Amsterdam, Netherlands
• Warsaw, Poland
• Madrid, Spain
• Stockholm, Sweden
• Zurich, Switzerland
• Kyiv, Ukraine
• London, United Kingdom

Asia

• Tokyo, Japan
• Singapore
• Istanbul, Turkey

Africa

• Johannesburg, South Africa

Oceania

• Sydney, Australia

Our Windows app installs a Network Extension, which is a fully sandboxed process with no kernel-level access to your system.

You can verify this by looking at our source code.

Cipher Shield's servers relay the WireGuard tunnel between your device and Mullvad’s servers. Essentially, WireGuard-over-QUIC.

This looks something like:

<user>  -->  Cipher Shield Server  -->  Mullvad Server  -->  <internet>

This ensures that no single party has the information to leak or correlate your traffic and your identity, since:

• Cipher Shield’s servers are unable to decrypt the WireGuard packets it relays, since they are encrypted to a Mullvad server’s WireGuard pubkey.
• Mullvad’s servers never see your connecting IP since Cipher Shield’s servers are effectively doing NAT.

Your device connects to Cipher Shield’s servers over QUIC, meaning:

• Cipher Shield connections are harder to detect or block since they look like regular internet traffic (HTTP/3 uses QUIC for transport).
• Cipher Shield avoids the TCP-over-TCP meltdown problem since we use QUIC’s unreliable datagram extension.

Still curious? Read our blog post on Cipher Shield's design.

Yes you can! Cipher Shield’s WireGuard compatibility mode generates configurations that work on any WireGuard-compatible platforms, including:

• iOS
• Android
• Windows
• Linux
• Various router OSes

To get started:

1. Download the WireGuard app for your platform here
2. Generate a WireGuard configuration for your account here
3. Add the generated WireGuard configuration to your WireGuard app (or scan the QR code)
4. Connect 🎉

Note that since this uses the original WireGuard protocol, you won’t benefit from Cipher Shield QUIC-based obfuscation for outsmarting internet censorship. However, your connection still benefits from improved privacy with our Two-Party Relay architecture.