What is Sanctum?
Sanctum is a small, reviewable, capable, PQ-secure and fully privilege separated novel VPN daemon and protocol designed to run under OpenBSD, Linux and MacOS.
Sanctum is designed from the ground up with security in mind and will always be open and free, licensed under the ISC license.
Its unique privilege separation design in combination with strong modern sandboxing guarantee that all of its important assets are separated from processes that talk to the internet or handle non-cryptography related things.
Sanctum allows you to create different topologies, from traditional site-to-site L2/L3 tunnels, to more niche topologies such as one-way tunnels, full-mesh L2/L3 and even P2P E2EE tunnels between devices behind NAT using hole-punching and Sanctum's cathedrals for peer discovery.
Cathedral networks can be used to implement more secure replacements for things like Tailscale or Zerotier, where you are in control and where all traffic is properly cryptographically separated from each other.
A community driven cathedral network exists allowing you to test different setups or even freely use it, see The Reliquary.
Multi-process
Sanctum is built using a multi-process approach where each process is only doing one thing. This allows for more fine-grained sandboxing in relation to permissions or allowed system calls.
Packets flow between these processes in a well-defined manner making it impossible to move a packet straight from the red side to the black side without passing the encryption process and vice-versa.
Encryption
See the cryptography page for a detailed description of the cryptosystem in sanctum.
Talks
Source?
Latest release: sanctum 0.9.38
A mirror of the repository is available on github.
A library that implements the Sanctum protocol can be found here.
I want to contribute!
mail diffs to joris snabel-a sanctorum punkt se