konduit/konduit-public
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

init: initial public repo with README and LICENSE

Browse Source
This commit is contained in:
Eugen Kaparulin
2026-06-06 16:32:50 +03:00
commit 852b6a0cd8
2 changed files with 191 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
LICENSE Normal file
View File

@@ -0,0 +1,83 @@
PolyForm Noncommercial License 1.0.0
Scope: This license applies to the konduit-client/ directory of the Konduit project.
All other parts of the Konduit project remain proprietary.
© Eugen Kaparulin. All rights reserved.
---
# PolyForm Noncommercial License 1.0.0
<https://polyformproject.org/licenses/noncommercial/1.0.0>
## Acceptance
In order to get any license under these terms, you must agree to them as both strict obligations and conditions to all your licenses.
## Copyright License
The licensor grants you a copyright license for the software to do everything you might do with the software that would otherwise infringe the licensor's copyright in it for any permitted purpose. However, you may only distribute the software according to Distribution License and make changes or new works according to Changes and New Works License.
## Distribution License
The licensor grants you an additional copyright license to distribute copies of the software. Your license to distribute covers distributing the software with changes and new works permitted by Changes and New Works License.
## Notices
You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms or the URL for them above, as well as copies of any plain-text lines beginning with Required Notice: that the licensor provided with the software. For example:
> Required Notice: Copyright Eugen Kaparulin (https://kaparulin.eu)
## Changes and New Works License
The licensor grants you an additional copyright license to make changes and new works based on the software for any permitted purpose.
## Patent License
The licensor grants you a patent license for the software that covers patent claims the licensor can license, or becomes able to license, that you would infringe by using the software.
## Noncommercial Purposes
Any noncommercial purpose is a permitted purpose.
## Personal Uses
Personal use for research, experiment, and testing for the benefit of public knowledge, personal study, private entertainment, hobby projects, amateur pursuits, or religious observance, without any anticipated commercial application, is use for a noncommercial purpose.
## Noncommercial Organizations
Use by any charitable organization, educational institution, public research organization, public safety or health organization, environmental protection organization, or government institution is use for a noncommercial purpose regardless of the source of funding or obligations resulting from the funding.
## Fair Use
You may have "fair use" rights for the software under the law. These terms do not limit them.
## No Other Rights
These terms do not allow you to sublicense or transfer any of your licenses to anyone else, or prevent the licensor from granting licenses to anyone else. These terms do not imply any other licenses.
## Patent Defense
If you make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your employer makes such a claim, your patent license ends immediately for work on behalf of your employer.
## Violations
The first time you are notified in writing that you have violated any of these terms, and you come into compliance within 30 days after your notification, your violations are forgiven automatically. If you violate these terms after such forgiveness of a violation, it is permanent.
## No Liability
***As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.***
## Definitions
The **licensor** is the individual or entity offering these terms, and the **software** is the software the licensor makes available under these terms.
**You** refers to the individual or entity agreeing to these terms.
**Your company** is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization. **Control** means ownership of substantially all the assets of an entity, or the power to direct its management and legal affairs.
**Your licenses** are all the licenses granted to you for the software under these terms.
**Use** means anything you do with the software requiring one of your licenses.
**Trademark** means trademarks, service marks, and similar rights.

108
README.md Normal file
View File

@@ -0,0 +1,108 @@
<div align="center">
# Konduit
**TCP-Native VPN. Works Where UDP Doesn't.**
[![License: Proprietary](https://img.shields.io/badge/license-Proprietary-red)](LICENSE)
[![Platform](https://img.shields.io/badge/platform-Linux%20%7C%20macOS%20%7C%20Android%20%7C%20iOS-lightgrey)]()
[![Status](https://img.shields.io/badge/status-Beta-orange)]()
</div>
---
Konduit is a modern VPN built around a single principle: **TCP transport that works when UDP is blocked.**
WireGuard is excellent — until your ISP throttles or blocks UDP. Konduit solves that without the complexity of OpenVPN or the fragility of UDP-wrapping hacks. It runs fully in userspace, requires no elevated privileges, and gets out of your way.
## Why Konduit?
Most VPNs treat TCP as a fallback. Konduit is designed for TCP from the ground up, which means:
- No HEAD-OF-LINE blocking from tunneling UDP into TCP
- Reliable behaviour on restrictive corporate and mobile networks
- WireGuard-level simplicity without the UDP dependency
## Features
- **TCP-native protocol** — designed for TCP, not retrofitted
- **Server-controlled routing** — administrators enforce routing policy; clients cannot bypass it
- **Userspace implementation** — no kernel modules, no root required
- **Hot config reload** — update server configuration without dropping connections
- **QR code provisioning** — scan once, connect instantly
- **Cross-platform** — Linux, macOS, Android, iOS
- **Modern cryptography** — X25519 key exchange, ChaCha20-Poly1305 data channel
- **Stealth mode** — port 443 deployment with decoy proxy for hostile network environments
- **Memory safe** — written entirely in Rust
## Download
Releases are published on the [Releases](../../releases) page.
### Linux (CLI)
```bash
# Download konduit-cli from the Releases page, then:
chmod +x konduit-cli
./konduit-cli connect --server vpn.example.com:443 --peer-id mydevice --psk YOUR_PSK
```
### macOS · Android · iOS
Coming soon.
## Architecture
```
Flutter UI (Dart)
flutter_rust_bridge (FFI)
Konduit engine (Rust)
├── TUN device (userspace)
├── TCP tunnel protocol
├── Key exchange (X25519)
└── Route manager
```
| Layer | Technology |
|---|---|
| UI | Flutter / Dart |
| Core engine | Rust (Tokio async) |
| FFI bridge | flutter_rust_bridge |
| Cryptography | ring / rustls |
| TUN device | tun crate (userspace) |
## Openness Model
The Konduit **client library** (`konduit-client`) is published here for transparency and security audit. It is licensed under the [PolyForm Noncommercial License 1.0.0](LICENSE) — free to read, study, and use for noncommercial purposes.
The VPN server, management UI, and stealth-mode protocol are proprietary. Keeping stealth mechanisms private makes automated DPI fingerprinting significantly harder. Source review under NDA is available for enterprise partners.
## Security
**No UDP dependency:** Konduit does not require UDP at any layer.
**Key storage:** Private keys are stored in the OS secure enclave on every platform (iOS Keychain, macOS Keychain, Android Keystore). They are never written to disk in plaintext.
**Stealth mode:** On port 443, failed or unrecognized handshakes are proxied transparently to a configurable decoy service. From the outside, the server is indistinguishable from a standard HTTPS endpoint.
## Support
**Bug reports:** Use the in-app reporting feature or open an issue in this repository.
**Security vulnerabilities:** Do not open a public issue. Contact the maintainer directly at the address shown in the application's About screen.
**Contributing:** Core development is handled internally. We do not currently accept external pull requests.
---
## About
Created by **Eugen Kaparulin**.
Official binaries distributed by **Konduit Oy**.
© Eugen Kaparulin. All rights reserved.
`konduit-client` is published under the [PolyForm Noncommercial License 1.0.0](LICENSE).
All other parts of Konduit are proprietary.