VPN provider Mullvad has introduced a new project called GotaTun, which implements the WireGuard VPN protocol in Rust and runs in user space. The project, available on GitHub under the BSD license, has already been deployed in a VPN client for the Android platform. Mullvad plans to migrate its desktop and iOS applications to GotaTun next year.
GotaTun is a fork of BoringTun, a toolkit developed by Cloudflare for the WARP application. GotaTun offers full support for Android, performance optimizations, and additional privacy features.
This new project also integrates DAITA (Defense Against AI-guided Traffic Analysis) technology to protect against traffic analysis based on machine learning systems. GotaTun also includes a Multihop-mode for accessing VPN servers through multiple transit nodes, optimizing traffic routes.
GotaTun improves performance with multi-threaded processing and zero-copy memory handling, minimizing buffering and using the originally provided buffer. Mullvad made the switch to GotaTun from the wireguard-go implementation for enhanced reliability, after user reports of crashes in the Android client decreased significantly.
The decision to use Rust for the implementation was driven by the fact that Mullvad’s VPN application is already written in Rust. The integration of GotaTun into the Android client has led to a significant improvement in reliability, reducing the crash metric from 0.40% to 0.01%.