Nym’s zero-knowledge network: No logging promises needed
Turning a VPN no log’s policy into a network design and guarantee

What is Nym’s no log’s policy? Actually, Nym has something much better than a “policy”: it provides a zero-knowledge network in which users don’t have to place their trust in anyone. Privacy and anonymity for everyone is ensured by the design for the Nym network itself. Nym doesn’t and can’t know anything about what you do!
This is because the network is designed in a decentralized way so that there is no point which has access to information connecting you personally to your traffic or its destination, and Nym Technologies has access to none of it. There is, in short, no single point of failure. Communicate online through a network that is anonymous all the way down, even to the link between payments to network use!
What is a VPN’s no logs policy?
No log’s policies have become a standard mark for whether a VPN is trustworthy or not – and many aren’t! A no log’s policy essentially promises users that their personal data will not be recorded or “logged” by the VPN company. Keeping traffic records of user activity is unfortunately a common business model of many disreputable VPNs which earn a revenue by selling metadata to third parties.
This is where the problem lies: VPNs need to promise privacy-preserving conduct because they can, in principle, keep full traffic logs of what users do through their VPN servers. VPNs that promise not to keep traffic logs have been shown, after cooperation with authorities, to actually have been keeping logs all along!
While no log’s policies are a move in the right direction, they are ultimately inadequate: users must trust the VPN company won’t mishandle their data, and in the end they will never know. NymVPN is fundamentally different: no promises are required with the guarantee of a private network design.
Nym can't log
Who sees what with NymVPN Fast mode
Who | IP of sender | IP of recipient |
---|---|---|
Normal VPN | ||
Nym | ||
NymVPN entry node | ||
NymVPN exit node |
Who can see what
Who | IP of sender | IP of recipient |
---|---|---|
Normal VPN | ||
Nym | ||
Nym entry node | ||
NymVPN mix nodes (3) | ||
NymVPN exit node |
Explanation
-
The entry gateway can see a user’s IP address but not that of their destination (4 distinct servers intervene between the entry gateway and public web).
-
The three mix nodes in the middle cannot see either the IP addresses of the sender and recipient, meaning they are fully blind to the full route of a user’s traffic.
-
The exit gateway can see the IP address of the web destination but not the IP of the sender (4 distinct mixnet servers separate the two).
Conclusion
VPN no log’s policies boil down to a promise to users: the VPN provider pledges that they will not keep records of your traffic as it passes through their servers. In the end, most VPNs can only cloak your IP address from the public web if they are first given access to all of it through their usually centralized servers which replace your IP address with their own.
This is the problem for digital privacy: if your full traffic records are recorded on these servers, then your privacy can be undermined by data breaches or governmental overreach and surveillance.
Nym thinks that relying on the promise of a private company to not keep logs of our online activities isn’t enough to protect our privacy. To take online privacy to the next level, Nym has designed a network where NymVPN can’t log by network design. So let’s stop looking for promises from centralized VPN companies and invest in decentralized technology that protects online privacy for everyone by default.

Nym's zk network: FAQs
How do zk‑nyms ensure that login and payment remain unlinkable to real identity?
How do zk‑nyms ensure that login and payment remain unlinkable to real identity?
Zero‑knowledge credentials allow users to prove membership or balance without revealing wallet info or payment metadata—making activity unlinkable on-chain or to usage.
Could zk‑nyms be extended to anonymous governance voting or credentialed access?
Could zk‑nyms be extended to anonymous governance voting or credentialed access?
Yes—they can support private voting, anonymous identity attestations, or feature gating without publishing actual identities—maintaining privacy while enabling accountability.
Are zk‑nyms interoperable with existing blockchain credentials like ZKP-based identity systems?
Are zk‑nyms interoperable with existing blockchain credentials like ZKP-based identity systems?
Designed to integrate with Zcash and other ZK frameworks, zk‑nyms can work alongside credential systems to deliver broader anonymous authentication services.
How are zk‑nym credentials issued and revoked securely without identity leakage?
How are zk‑nym credentials issued and revoked securely without identity leakage?
Validators issue credentials after initial registration. Credentials can be revoked or renewed cryptographically without revealing past identities or linking sessions across issuances.
Share
Table of contents
Keep Reading...
Nym is more than a VPN
The first app that protects you from AI surveillance thanks to a noise-generating mixnet

Why NymVPN Anonymous mode provides the best privacy
Appreciating the value of technologically enhanced VPN privacy

Building a truly decentralized WireGuard VPN network
Understanding decentralized VPNs, multi-hop encryption, and their privacy tradeoffs