VeilNet
DownloadLogin

Architecture Overview

[object Object]

VeilNet Architecture Overview

VeilNet is built on three core components—Master, Guardian, and Conflux—that work together to create a post-quantum secure, self-healing overlay network.

Master (NATS Super Cluster)

Master is a globally distributed NATS super cluster that serves as the control-channel message broker. All Conflux nodes and Guardian services use this infrastructure to:

  • Exchange control messages and coordinate routing
  • Propagate health signals across the network
  • Negotiate ephemeral multi-hop paths

Important: No user traffic flows through Master. It exclusively carries encrypted control and coordination events, keeping the control plane separate from the data plane.

Guardian (Stateful API Microservices)

Guardian is a set of API microservices that provide VeilNet's management, authentication, and orchestration capabilities. Unlike traditional cache-based stateless APIs, Guardian uses VeilNet's no-caching memory sync protocol to keep instances synchronized, enabling them to operate as stateful API servers while maintaining horizontal scalability.

Guardian provides:

  • Memory sync protocol: Real-time state propagation across instances
  • SQL ORM-backed persistence: Reliable data storage and retrieval
  • RESTful APIs: Management interfaces for realms, identities, policies, and billing

Conflux (Edge Node + Client Stack)

Conflux runs on user devices, servers, and containers to join them into a Realm. At its core, Conflux consists of:

  • System Service Wrapper: Integrates with the host operating system
  • Anchor Protocol: VeilNet's proprietary transport and control protocol that establishes encrypted, multi-hop, post-quantum secure channels
  • TUN Interface: Injects and captures IP packets from the host or container network

On top of the service layer, Conflux includes:

  • Flutter-based UI framework: Unified cross-platform user experience
  • Conflux App: Primary user-facing client application
  • Auth Portal: Handles login, social OAuth, and account management, all backed by Guardian

How It All Works Together

These components create an intelligent, post-quantum overlay network where:

  • Control realm (Master + Guardian): Manages coordination, authentication, and orchestration
  • Data realm (Conflux + Anchor + TUN): Handles all user traffic and network operations

The control and data realms are tightly integrated yet cleanly separated, enabling VeilNet to remain secure, adaptive, and easy to operate at scale.

Introduction to VeilNet

VeilNet is a post-quantum, self-healing overlay network that creates a secure, ephemeral, and intelligent communication layer across devices, clouds, and distributed systems. Unlike traditional VPNs or mesh overlays, VeilNet forms on-demand multi-hop paths, authenticates every packet with user and device identity, and continuously optimises routes in real time — delivering a simple, zero-configuration experience with future-proof security for both individuals and AI-driven infrastructures.

Why Not WireGuard?

WireGuard is not a good solution for cloud-native and distributed systems.