Security & trust
Zero-trace architecture, verifiable and documented.
CyveraVPN separates control and data planes, relies on ephemeral keys, and enforces a strict no-log policy. Every architecture decision is documented and auditable.
Guarantees
- No traffic or DNS logs. Ephemeral encrypted logs, purged under 12h.
- XChaCha20-Poly1305 encryption, WireGuard by default, TLS 1.3.
- Jurisdiction outside intelligence alliances. No mandatory retention.
- Public warrant canary, independent audits, open security bounties.
Pillar
No logging
- No traffic, DNS, or session metadata logs.
- Ephemeral technical logs encrypted, purged in under 12h.
- No behavioral telemetry. No trackers.
Pillar
Proven encryption
- WireGuard, OpenVPN, TLS 1.3, Perfect Forward Secrecy.
- AES-NI acceleration, XChaCha20-Poly1305 by default.
- Double-pass key wipe in memory.
Pillar
Privacy-first jurisdiction
- Hosted in privacy-friendly locations without retention laws.
- Entity registered outside 5/9/14 Eyes.
- Public and verifiable warrant canary procedures.
Pillar
Openness and audits
- Open-source clients audited annually.
- Independent pentests with published scopes.
- Security bounties, guaranteed responsible disclosure.