179 lines
5 KiB
Bash
Executable file
179 lines
5 KiB
Bash
Executable file
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
# ==============================================================================
|
|
# Nym Mixnet Installation
|
|
# ==============================================================================
|
|
# Next-generation mixnet for metadata-resistant communication
|
|
# - Protects against global passive adversaries
|
|
# - Uses mix nodes to shuffle and delay traffic
|
|
# - Decentralized with cryptocurrency incentives
|
|
# - More advanced privacy than Tor for messaging
|
|
# ==============================================================================
|
|
|
|
# Colors
|
|
readonly GREEN='\033[0;32m'
|
|
readonly YELLOW='\033[1;33m'
|
|
readonly BLUE='\033[0;34m'
|
|
readonly RED='\033[0;31m'
|
|
readonly NC='\033[0m'
|
|
|
|
log() { echo -e "${GREEN}[INFO]${NC} $*"; }
|
|
warn() { echo -e "${YELLOW}[WARN]${NC} $*"; }
|
|
error() { echo -e "${RED}[ERROR]${NC} $*"; }
|
|
section() { echo -e "${BLUE}=== $* ===${NC}"; }
|
|
|
|
section "Nym Mixnet Installation"
|
|
echo ""
|
|
|
|
# Note: NymConnect desktop app has been deprecated/moved
|
|
# The nym-socks5-client CLI is the recommended approach now
|
|
echo "Installing nym-socks5-client (CLI SOCKS5 proxy)..."
|
|
echo ""
|
|
echo "Note: NymConnect desktop app has been deprecated."
|
|
echo "The CLI client is the recommended and maintained option."
|
|
echo ""
|
|
CHOICE="2"
|
|
|
|
# Detect architecture
|
|
ARCH=$(uname -m)
|
|
case "$ARCH" in
|
|
x86_64) ARCH="x86_64" ;;
|
|
aarch64) ARCH="aarch64" ;;
|
|
*)
|
|
error "Unsupported architecture: $ARCH"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
log "Architecture: $ARCH"
|
|
|
|
# Get latest release version
|
|
log "Fetching latest Nym release..."
|
|
LATEST_VERSION=$(curl -fsSL https://api.github.com/repos/nymtech/nym/releases/latest | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/')
|
|
|
|
if [ -z "$LATEST_VERSION" ]; then
|
|
warn "Could not determine latest version, using fallback"
|
|
LATEST_VERSION="nym-binaries-v2024.13-magura"
|
|
fi
|
|
|
|
log "Latest version: $LATEST_VERSION"
|
|
|
|
# NymConnect desktop app has been deprecated
|
|
# Keeping this function for reference but it's no longer called
|
|
install_nymconnect() {
|
|
warn "NymConnect desktop app has been deprecated by Nym"
|
|
warn "Please use nym-socks5-client CLI instead"
|
|
log "For GUI, consider using a SOCKS5 proxy manager with nym-socks5-client"
|
|
return 0
|
|
}
|
|
|
|
install_socks5_client() {
|
|
section "Installing nym-socks5-client CLI"
|
|
|
|
# Check for existing installation
|
|
if command -v nym-socks5-client &>/dev/null; then
|
|
log "nym-socks5-client appears to be installed: $(nym-socks5-client --version 2>/dev/null || echo 'version unknown')"
|
|
read -p "Reinstall? [y/N] " -n 1 -r
|
|
echo
|
|
[[ ! $REPLY =~ ^[Yy]$ ]] && return
|
|
fi
|
|
|
|
log "Downloading nym-socks5-client..."
|
|
|
|
cd /tmp
|
|
|
|
# Try to download the client binary
|
|
CLIENT_URL="https://github.com/nymtech/nym/releases/download/${LATEST_VERSION}/nym-socks5-client"
|
|
curl -fsSL -o nym-socks5-client "$CLIENT_URL" || {
|
|
warn "Direct download failed, trying tarball..."
|
|
# Try tarball
|
|
TARBALL_URL=$(curl -fsSL https://api.github.com/repos/nymtech/nym/releases/latest | grep "browser_download_url.*socks5.*${ARCH}.*tar" | head -1 | cut -d '"' -f 4)
|
|
if [ -n "$TARBALL_URL" ]; then
|
|
curl -fsSL -o nym-socks5.tar.gz "$TARBALL_URL"
|
|
tar xzf nym-socks5.tar.gz
|
|
mv nym-socks5-client nym-socks5-client 2>/dev/null || true
|
|
fi
|
|
}
|
|
|
|
if [ ! -f nym-socks5-client ]; then
|
|
error "Could not download nym-socks5-client"
|
|
log "Please download manually from: https://github.com/nymtech/nym/releases"
|
|
return 1
|
|
fi
|
|
|
|
chmod +x nym-socks5-client
|
|
sudo mv nym-socks5-client /usr/local/bin/
|
|
|
|
log "nym-socks5-client installed!"
|
|
}
|
|
|
|
case "$CHOICE" in
|
|
1) install_nymconnect ;;
|
|
2) install_socks5_client ;;
|
|
3)
|
|
install_nymconnect
|
|
install_socks5_client
|
|
;;
|
|
*)
|
|
error "Invalid choice"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
echo ""
|
|
section "Installation Complete!"
|
|
echo ""
|
|
|
|
cat << 'EOF'
|
|
Nym Mixnet has been installed. Here's how to use it:
|
|
|
|
NYMCONNECT (GUI):
|
|
Launch: nymconnect
|
|
- Click "Connect" to start the SOCKS5 proxy
|
|
- Proxy runs on: 127.0.0.1:1080
|
|
- Configure apps to use this SOCKS5 proxy
|
|
|
|
NYM-SOCKS5-CLIENT (CLI):
|
|
# Initialize (first time only):
|
|
nym-socks5-client init --id my-client
|
|
|
|
# Run:
|
|
nym-socks5-client run --id my-client
|
|
|
|
# Proxy runs on: 127.0.0.1:1080
|
|
|
|
CONFIGURE APPLICATIONS:
|
|
Set SOCKS5 proxy to: 127.0.0.1:1080
|
|
|
|
Firefox:
|
|
Settings > Network > Manual Proxy > SOCKS Host: 127.0.0.1, Port: 1080
|
|
|
|
curl:
|
|
curl --socks5-hostname 127.0.0.1:1080 https://example.com
|
|
|
|
SSH:
|
|
ssh -o ProxyCommand='nc -x 127.0.0.1:1080 %h %p' user@host
|
|
|
|
WHAT NYM PROTECTS:
|
|
- Traffic timing analysis (messages are mixed and delayed)
|
|
- Metadata (who talks to whom)
|
|
- Network surveillance (even global passive adversaries)
|
|
|
|
WHAT NYM DOES NOT PROTECT:
|
|
- Content (use E2E encryption like Signal on top)
|
|
- Exit node can see traffic (like Tor)
|
|
- Very slow compared to regular internet
|
|
|
|
USE CASES:
|
|
- Anonymous messaging
|
|
- Privacy-critical communications
|
|
- When Tor isn't paranoid enough
|
|
|
|
RESOURCES:
|
|
- https://nymtech.net/
|
|
- https://docs.nymtech.net/
|
|
|
|
EOF
|
|
|
|
echo ""
|