#!/bin/bash set -euo pipefail # ============================================================================== # Nym Mixnet Installation # ============================================================================== # Next-generation mixnet for metadata-resistant communication # - Protects against global passive adversaries # - Uses mix nodes to shuffle and delay traffic # - Decentralized with cryptocurrency incentives # - More advanced privacy than Tor for messaging # ============================================================================== # Colors readonly GREEN='\033[0;32m' readonly YELLOW='\033[1;33m' readonly BLUE='\033[0;34m' readonly RED='\033[0;31m' readonly NC='\033[0m' log() { echo -e "${GREEN}[INFO]${NC} $*"; } warn() { echo -e "${YELLOW}[WARN]${NC} $*"; } error() { echo -e "${RED}[ERROR]${NC} $*"; } section() { echo -e "${BLUE}=== $* ===${NC}"; } section "Nym Mixnet Installation" echo "" # Note: NymConnect desktop app has been deprecated/moved # The nym-socks5-client CLI is the recommended approach now echo "Installing nym-socks5-client (CLI SOCKS5 proxy)..." echo "" echo "Note: NymConnect desktop app has been deprecated." echo "The CLI client is the recommended and maintained option." echo "" CHOICE="2" # Detect architecture ARCH=$(uname -m) case "$ARCH" in x86_64) ARCH="x86_64" ;; aarch64) ARCH="aarch64" ;; *) error "Unsupported architecture: $ARCH" exit 1 ;; esac log "Architecture: $ARCH" # Get latest release version log "Fetching latest Nym release..." LATEST_VERSION=$(curl -fsSL https://api.github.com/repos/nymtech/nym/releases/latest | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/') if [ -z "$LATEST_VERSION" ]; then warn "Could not determine latest version, using fallback" LATEST_VERSION="nym-binaries-v2024.13-magura" fi log "Latest version: $LATEST_VERSION" # NymConnect desktop app has been deprecated # Keeping this function for reference but it's no longer called install_nymconnect() { warn "NymConnect desktop app has been deprecated by Nym" warn "Please use nym-socks5-client CLI instead" log "For GUI, consider using a SOCKS5 proxy manager with nym-socks5-client" return 0 } install_socks5_client() { section "Installing nym-socks5-client CLI" # Check for existing installation if command -v nym-socks5-client &>/dev/null; then log "nym-socks5-client appears to be installed: $(nym-socks5-client --version 2>/dev/null || echo 'version unknown')" read -p "Reinstall? [y/N] " -n 1 -r echo [[ ! $REPLY =~ ^[Yy]$ ]] && return fi log "Downloading nym-socks5-client..." cd /tmp # Try to download the client binary CLIENT_URL="https://github.com/nymtech/nym/releases/download/${LATEST_VERSION}/nym-socks5-client" curl -fsSL -o nym-socks5-client "$CLIENT_URL" || { warn "Direct download failed, trying tarball..." # Try tarball TARBALL_URL=$(curl -fsSL https://api.github.com/repos/nymtech/nym/releases/latest | grep "browser_download_url.*socks5.*${ARCH}.*tar" | head -1 | cut -d '"' -f 4) if [ -n "$TARBALL_URL" ]; then curl -fsSL -o nym-socks5.tar.gz "$TARBALL_URL" tar xzf nym-socks5.tar.gz mv nym-socks5-client nym-socks5-client 2>/dev/null || true fi } if [ ! -f nym-socks5-client ]; then error "Could not download nym-socks5-client" log "Please download manually from: https://github.com/nymtech/nym/releases" return 1 fi chmod +x nym-socks5-client sudo mv nym-socks5-client /usr/local/bin/ log "nym-socks5-client installed!" } case "$CHOICE" in 1) install_nymconnect ;; 2) install_socks5_client ;; 3) install_nymconnect install_socks5_client ;; *) error "Invalid choice" exit 1 ;; esac echo "" section "Installation Complete!" echo "" cat << 'EOF' Nym Mixnet has been installed. Here's how to use it: NYMCONNECT (GUI): Launch: nymconnect - Click "Connect" to start the SOCKS5 proxy - Proxy runs on: 127.0.0.1:1080 - Configure apps to use this SOCKS5 proxy NYM-SOCKS5-CLIENT (CLI): # Initialize (first time only): nym-socks5-client init --id my-client # Run: nym-socks5-client run --id my-client # Proxy runs on: 127.0.0.1:1080 CONFIGURE APPLICATIONS: Set SOCKS5 proxy to: 127.0.0.1:1080 Firefox: Settings > Network > Manual Proxy > SOCKS Host: 127.0.0.1, Port: 1080 curl: curl --socks5-hostname 127.0.0.1:1080 https://example.com SSH: ssh -o ProxyCommand='nc -x 127.0.0.1:1080 %h %p' user@host WHAT NYM PROTECTS: - Traffic timing analysis (messages are mixed and delayed) - Metadata (who talks to whom) - Network surveillance (even global passive adversaries) WHAT NYM DOES NOT PROTECT: - Content (use E2E encryption like Signal on top) - Exit node can see traffic (like Tor) - Very slow compared to regular internet USE CASES: - Anonymous messaging - Privacy-critical communications - When Tor isn't paranoid enough RESOURCES: - https://nymtech.net/ - https://docs.nymtech.net/ EOF echo ""