Tunnel™ Deep Dive

Decentralized Enterprise VPN Infrastructure

Explore Tunnel’s programmable tokenomics, deterministic multi-hop routing, and telemetry stack that deliver sovereign, verifiable connectivity for enterprises, operators, and privacy products.

Request investor briefingBack to Solutions

Architecture Overview

Programmable connectivity from client surfaces to token-governed economics.

Tunnel composes deterministic nodes, telemetry pipelines, and Polygon smart contracts to form a composable connectivity plane. Every layer is observable, policy-aware, and wired for progressive decentralisation.

Client Applications

Web · Desktop · Extension · Mobile · IoT

Unified TypeScript/Rust SDKs power multi-platform clients that give users, operators, and admins verifiable control over sessions, staking, and policy-aware routing decisions.

Responsibilities

  • Wallet-driven onboarding and stake management
  • Session orchestration with multi-hop preferences
  • Per-device kill switch, DNS, and routing controls
  • Operator dashboards with live route telemetry
  • SDKs and APIs for product embedding

Key Components

apps/web-clientapps/desktop-client (Tauri)apps/extension (Manifest V3)apps/mobile-clientsagents/iot-edge

Node Daemon

Multi-Hop Orchestrator & WireGuard Automation

Deterministic orchestrator composes tunnel routes, enforces preferences, instruments mixnet padding, and materializes WireGuard peers before emitting route quality telemetry.

Responsibilities

  • Node discovery and deterministic candidate scoring
  • Multi-hop route construction with latency/cost modelling
  • Mixnet padding policy enforcement and adaptive timers
  • WireGuard interface materialisation and lifecycle management
  • Session lifecycle events with NDJSON streaming

Key Components

services/node-daemonservices/multi-hop-orchestratorpackages/dvpn-sdkservices/node-telemetryruntime/wireguard-manager

Telemetry & Analytics

Route Quality · Node Metrics · Reputation

Fastify ingestion pipelines consolidate NDJSON streams, normalise route quality records, and surface operator and enterprise observability dashboards.

Responsibilities

  • Route quality scoring across latency, bandwidth, and cost
  • Node performance monitoring and SLA tracking
  • Economic telemetry for settlement & slashing triggers
  • Operator reputation feeds and anomaly alerts
  • Prometheus/OpenTelemetry export for enterprise SIEM

Key Components

services/telemetry-backendservices/telemetry-pipelineschemas/route-qualitypackages/telemetry-clientinfra/prometheus + grafana

Smart Contracts

Payments · Staking · Emissions · Governance

Polygon smart contracts govern emissions, collateral, and settlement while exposing programmable hooks for policy automation and treasury management.

Responsibilities

  • TNL ERC-20 token with voting extensions
  • Staking collateral enforcement and hybrid slashing
  • Session escrow settlement and payout splits
  • Emission controller tied to active node counts
  • Governor module for parameter proposals

Key Components

contracts/TunnelToken.solcontracts/StakingManager.solcontracts/PaymentProcessor.solcontracts/TokenomicsController.solcontracts/TunnelGovernor.sol

Governance & Operations

Progressive Decentralisation Roadmap

Operational runbooks, audits, and progressive decentralisation milestones ensure Tunnel transitions to community control without compromising reliability.

Responsibilities

  • Security audits and open-source releases (Milestone M1)
  • DAO onboarding and governance activation (Milestone M2)
  • Global node expansion with SLA telemetry (Milestone M3)
  • Community-led development contributions (Milestone M4)
  • Treasury autonomy and grant framework (Milestone M5)

Key Components

runbooks/security-auditsgovernance/proposalstreasury/playbooksdocs/decentralisation-roadmappolicies/compliance

Client Surfaces

Multi-platform access with shared SDKs and deterministic session control.

Web, desktop, extension, and edge agents share the same SDK foundations, providing consistent governance, telemetry, and staking flows across every entry point.

Web Client

Next.js portal for staking, node management, and observability dashboards shared across surfaces.

Platforms

  • Next.js 15
  • React 18
  • TypeScript
  • Tailwind

Features

  • Stake/unstake flows with governance voting
  • Operator registry, performance heatmaps, and node controls
  • Policy templates for enterprise routing preferences
  • Escrow settlement history and billing exports

Desktop Client

Tauri desktop experience delivering full-device routing, kill switch automation, and CLI companion commands.

Platforms

  • Tauri
  • Rust
  • React
  • WireGuard

Features

  • Device-wide VPN with multi-hop orchestration
  • Kill switch, DNS override, and firewall integration
  • CLI automation (`tunnel session plan`, `tunnel stake`, `tunnel route inspect`)
  • Telemetry overlays for latency, bandwidth, and route score

Browser Extension

Manifest V3 extension enabling per-site routing controls, secure wallet, and lightweight telemetry overlays.

Platforms

  • Chrome APIs
  • Vite
  • React

Features

  • Per-domain routing and geo controls
  • Logged-in wallet for staking and sessions
  • Enforced content security policies
  • Quick look telemetry indicators (latency, uptime)

Mobile & IoT Agents

Native mobile shells and IoT agents share Rust core libraries to extend Tunnel into remote teams and embedded deployments.

Platforms

  • SwiftUI
  • Kotlin
  • Rust
  • OpenWrt

Features

  • On-device session orchestration with policy inheritance
  • Push notifications for staking and governance events
  • Edge telemetry streaming for remote hardware
  • Zero-touch provisioning workflows

Telemetry & Analytics

Observability-grade pipelines underpin node incentives and enterprise trust.

Streaming telemetry captures route quality, node performance, and economic flows, surfacing the evidence operators and regulated customers require.

Route Quality

Aggregates per-hop performance to evaluate composite latency, bandwidth, and cost across multi-hop sessions.

Key Metrics

  • Composite score combining latency, bandwidth, and cost
  • Per-hop cumulative latency and country metadata
  • Route cost (wei) and emission-adjusted payouts
  • Mixnet padding adoption and session duration

Tooling

  • schemas/route-quality.ndjson
  • services/telemetry-backend
  • visualisations/grafana-panels
  • alerts/route-anomaly-workers

Node Performance

Monitors uptime, reliability, and SLA adherence for operator incentives and slashing conditions.

Key Metrics

  • Uptime percentage and jitter
  • Ingress/egress bandwidth trends
  • Staking collateral and penalty history
  • Packet loss, handshake failures, and retries

Tooling

  • metrics/node-metrics.ndjson
  • workers/slashing-evaluator
  • prometheus/node-exporter
  • dashboards/operator-reputation

Economic Telemetry

Tracks session fees, emission schedules, and treasury flows to maintain sustainable tokenomics.

Key Metrics

  • Daily emission vs. active node count
  • Session fee settlement, escrow balances, and payouts
  • Treasury inflows/outflows and buyback events
  • Governance proposal voting participation

Tooling

  • contracts/PaymentProcessor events
  • analytics/emission-controller
  • datawarehouse/treasury-ledger
  • reports/governance-analytics

Tokenomics & Governance

Programmable economics balance operator rewards with network security.

Tunnel’s Polygon contracts encode emissions, settlement, and governance primitives so incentives align with service quality and long-term decentralisation milestones.

Programmable Economics

Fixed 1B TNL supply with programmable emissions and automated settlement enables predictable operator incentives.

  • 20% node rewards pool with emission curve tied to active nodes
  • Session escrow splits fee revenue between operators and treasury
  • Hybrid slashing: 50% burn, 50% treasury reinforcement

Governance & Security

TunnelGovernor enforces proposal thresholds while staking collateral secures the network against downtime and malicious behaviour.

  • 5,000 TNL minimum stake with 7-day cooldown
  • On-chain voting for fees, emissions, and security parameters
  • Progressive decentralisation milestones with audit gates

Treasury & Incentives

Treasury programs recycle revenue into buybacks, grants, and ecosystem expansion to sustain node operator economics.

  • Buyback-and-stake programs funded via protocol fees
  • Ecosystem grants supporting client and node tooling
  • User acquisition incentives with proof-of-humanity

Roadmap

From audited foundation to decentralized, community-led operations.

Milestones chart Tunnel’s progression from security-audited launch readiness to full DAO governance with global operator coverage and advanced privacy features.

Milestone M1 — Foundation

Now → Q1 2025

Focus

  • Finalize smart contract audits and release open-source repositories
  • Ship telemetry backend with route quality dashboards
  • Complete desktop client GA with kill switch and policy controls

Deliverables

  • Audit reports for TunnelToken, StakingManager, PaymentProcessor
  • Telemetry ingestion pipeline with Grafana dashboards
  • Desktop GA release + CLI companion

Milestone M2 — Mainnet Rehearsal

Q2 2025 → Q2 2026

Focus

  • Onboard design partners and distributed operator cohorts
  • Activate emission controller and settlement workflows
  • Launch browser extension beta and mobile prototypes

Deliverables

  • Mainnet rehearsal with 100+ operators across 3 continents
  • Emission controller parameter tuning and treasury dashboards
  • Extension beta + mobile preview

Milestone M3 — Decentralised Operations

Post Q2 2026

Focus

  • DAO activation with on-chain governance and grant programs
  • IoT agent production rollout for branch and industrial networks
  • Advanced mixnet features: dummy traffic and timing obfuscation

Deliverables

  • Tunnel DAO launch and first proposal cycle
  • IoT agent GA with provisioning playbooks
  • Mixnet upgrade with obfuscation suite

Deployment Models

Flexible deployment paths for shared, dedicated, and sovereign footprints.

Choose between managed SaaS, single-tenant control planes, or sovereign deployments with air-gapped options and hardware-backed secrets.

SaaS Multi-Tenant

Shared control plane hosted by CUI Labs with operator telemetry and governance guardrails.

  • Managed staking, payouts, and telemetry dashboards
  • Policy templates for remote teams and regulated customers
  • SOC 2 Type II and ISO 27001-aligned operations

SLA: 99.5% uptime

Dedicated Single-Tenant

Isolated deployment with customer-managed keys, bespoke compliance gateways, and private telemetry pipelines.

  • Dedicated control plane and staking treasury
  • Integration hooks for enterprise SIEM and ticketing
  • Custom emissions policy and governance parameters

SLA: 99.95% uptime

Sovereign / On-Premise

Self-hosted orchestration on sovereign infrastructure with hardware-backed secrets and air-gapped options.

  • Hardware security modules for key custody
  • Offline settlement workflows with reconciled proofs
  • Compliance and regulatory reporting pack

SLA: Custom engagement