[ImPleadThe5th]

Can anyone explain to me (someone not so network security savvy) if there are any privacy or security concerns using a wire guard provider like this?

As I understand it, with traditional VPNs, you basically have to trust third-party audits to verify the VPN isn't logging all traffic and selling it. Does the WireGuard protocol address theses issues? Or is there still the same risk as a more traditional VPN provider?

[jscd]

This is not providing the same functionality as a "traditional VPN," in the sense that it does not do anything to your traffic going to the wider internet. With popular VPN services, they are an encrypted tunnel for all your internet traffic (some use the same protocol, WireGuard), but at the end of the tunnel they decrypt the message and send it to whatever website you requested, which is exactly what can cause those privacy issues you describe.

In this case, though, it creates an encrypted tunnel _only between your own devices_. This allows you to connect to all your devices, home desktop, phone, laptop, as if they were on the same network, allowing you to do fairly sensitive things like remote desktop without having to expose your machine to the public internet or deal with firewall rules in the same way.

Assuming this project is legitimate, then the only traffic this service would even touch would be those between your own devices, nothing related to public internet requests. And, on top of that, the requests should be encrypted the entire way, inaccessible to any devices other than the ones sending and receiving the requests.

There are many caveats and asterisks I could add, but I think that's a fairly straightforward summary.

[pcarroll]

To clarify, one of the big advantages of a Mesh VPN is that the traffic does not flow through the VPN provider at all. WireGuard encrypts the traffic from device interface to device interface. The connections are point-to-point and not hub-and-spoke. This is both faster and more secure.

If a direct connection cannot be established due to a very restrictive firewall or a messed-up ISP modem, it will fall back to a relay server. But in that case, the relay relays the traffic, but it does not have the keys to read it.

You can learn more here: https://www.wireguard.com/

TL;DR WireGuard itself is a relatively small project at roughly 4,000 lines of code. It has been thoroughly audited and is even built into the Linux kernel.