VeilNet Conflux is the core connectivity engine that powers all secure communication in the VeilNet ecosystem. It runs on any machine or server to establish post-quantum encrypted tunnels, forward traffic intelligently, discover local networks, and maintain a stable, high-performance overlay across the Internet. Conflux is designed for the AI era: adaptive, autonomous, and capable of supporting rapidly changing workloads without configuration or manual routing.
Conflux is not built on WireGuard, and it does not rely on static peer meshes. Instead, it creates a dynamic, intelligent network fabric using reinforcement-learning-based path selection and post-quantum cryptography. This gives it unmatched reliability, compatibility, and security compared to other connector software.
Functionalities of VeilNet Conflux #
As a decentralised secure network, VeilNet Conflux has more responsibility compared to conventional connectors from other overlay network providers. It not only establishes secure tunnels to other instances, but also:
- Routing: There is no central coordination server in VeilNet, and it does not maintain a mesh network. VeilNet Conflux instances will learn and adapt to network conditions and find optimal paths via a modified Reinforcement Learning routing algorithm based on signatures rather than IP addresses. When network condition changes and the existing path fails, VeilNet Conflux will automatically find a new path to self-recover.
- Authentication: VeilNet Conflux is not based on WireGuard. Hence, it does not use any public key as a peer identity. VeilNet Conflux randomly generates a unique instance ID and queries a series of Identity signatures when joining the network. VeilNet Conflux instance authenticates each other based on that information and Dilithium Digital Signature on a per-packet basis.
- Forwarding: VeilNet Conflux instance automatically discovers host networks and makes them available for other instances when it operates in Portal mode. Only authenticated instances will be able to access them. Unauthenticated instances, such as instances from a different user, will not have any information regarding the forwardable host networks.
- Load Balancing: VeilNet Conflux creates an independent, secure channel for different destinations (based on IP). Therefore, it has a built-in coroutine-level load balancing for IP packets to different destinations. Each secure channel, named as a stream, has its own queue, encryption routine and a bundle of WebRTC data channels for transmission. This allows VeilNet Conflux to achieve less than 1ms overhead.
Operation Modes of VeilNet Conflux #
Rift Mode #
VeilNet Conflux operates in Rift mode, will forward all traffic from the host device to VeilNet. It is similar to a conventional “VPN Client”, but it does not connect to a fixed server; but establishes secure connections with any other VeilNet Conflux instances connected to the same VeilNet Plane (Subject to access control).
Portal Mode #
VeilNet Conflux operates in Portal mode, will serve as a gateway to external networks, such as the internet. A Team can be associated with VeilNet Conflux operating in Portal mode to enable access control. Please note that the VeilNet Conflux instance operates in Portal mode under the community plane and may forward data for other users destined to the Internet only.
Type of VeilNet Overlay Network #
Virtual LAN – Virtual Air Gap #
If all VeilNet Conflux instances operate in the Rift mode, this forms a virtual LAN that only communication between hosts is possible. There will be no connection to the external network.
Overlay Virtual Private Network #
If at least one VeilNet Conflux instance operates in Portal mode, this forms an overlay VPN that allows all VeilNet instances access to external networks reachable by the Portal. There is no designated “exit node” because the VeilNet Conflux instance will learn the optimal path via its Reinforcement Learning algorithm.