Privacy-Model

NØNOS implements a multi-layered privacy model that protects user identity, browsing behavior, and data at every level of the stack.

Privacy Architecture

┌─────────────────────────────────────────────────────────────────────┐
│                    NØNOS PRIVACY LAYERS                             │
└─────────────────────────────────────────────────────────────────────┘

    ┌─────────────────────────────────────────────────────────────┐
    │  Layer 4: Application Privacy                               │
    │  • Tracker blocking • Fingerprint protection • Cookie mgmt  │
    └─────────────────────────────────────────────────────────────┘
                                  │
    ┌─────────────────────────────────────────────────────────────┐
    │  Layer 3: Identity Privacy                                  │
    │  • ZK Identity proofs • Ephemeral pseudonyms • Key rotation │
    └─────────────────────────────────────────────────────────────┘
                                  │
    ┌─────────────────────────────────────────────────────────────┐
    │  Layer 2: Content Privacy.                                  │
    │  • Cache mixing • AES-GCM encryption • Unlinkable requests  │
    └─────────────────────────────────────────────────────────────┘
                                  │
    ┌─────────────────────────────────────────────────────────────┐
    │  Layer 1: Network Privacy (via Anyone Network)              │
    │  • Onion routing • Multi-hop relay • IP masking             │
    │  (Handled by separate Anyone Network, not NONOS nodes)      │
    └─────────────────────────────────────────────────────────────┘

Zero-Knowledge Identity

What It Does ?

ZK Identity allows you to prove membership in a group without revealing which member you are.

How It Works

┌──────────────────────────────────────────────────────────────────────┐
│                     ZK IDENTITY SYSTEM                               │
└──────────────────────────────────────────────────────────────────────┘

    Identity Creation                    Identity Proof
    ─────────────────                    ──────────────

    ┌─────────────┐                      ┌─────────────┐
    │   Secret    │                      │   Secret    │
    │  (private)  │                      │  (private)  │
    └──────┬──────┘                      └──────┬──────┘
           │                                    │
           ▼                                    ▼
    ┌─────────────┐                      ┌─────────────┐
    │   Poseidon  │                      │   Poseidon  │
    │    Hash     │                      │    Hash     │
    └──────┬──────┘                      └──────┬──────┘
           │                                    │
           ▼                                    ▼
    ┌─────────────┐                      ┌─────────────┐
    │ Commitment  │ ◄── Same  Value ──►  │  Proof I'm  │
    │  (public)   │                      │  in Merkle  │
    └──────┬──────┘                      │    Tree     │
           │                             └──────┬──────┘ 
           ▼                                    │
    ┌─────────────┐                             │
    │   Merkle    │                             │
    │    Tree     │ ◄───────────────────────────
    │  (on-chain) │
    └─────────────┘

    Result: Prove you're a valid member without revealing WHICH member

Technical Details

Component

Implementation

Purpose

Hash Function

Poseidon

ZK-friendly hash

Tree Type

Sparse Merkle

Efficient membership proofs

Tree Depth

20 levels

Supports 2²⁰ identities

Proof Size

~256 bytes

Compact verification

Privacy Properties

Anonymity: Cannot link proof to specific identity
Unlinkability: Multiple proofs cannot be connected
Non-repudiation: Valid proofs prove membership
Revocability: Identities can be removed from tree

Cache Mixing

Problem: Cache Timing Attacks

Without protection, caching reveals browsing patterns:

UNPROTECTED CACHE:
  Request "site-A.com/page" → Cache MISS → Attacker knows: "New visit"
  Request "site-A.com/page" → Cache HIT  → Attacker knows: "Repeated visit"

  Pattern emerges: User visits site-A daily at 9am

Solution: Encrypted, Mixed Caching

┌──────────────────────────────────────────────────────────────────────┐
│                        CACHE MIXING                                  │
└──────────────────────────────────────────────────────────────────────┘

    Your Request                    Other Users' Requests
          │                                │
          ▼                                ▼
    ┌─────────────────────────────────────────────────────────┐
    │                     MIXING POOL                         │
    │                                                         │
    │   Request A ──┐                                         │
    │   Request B ──┼──► Shuffle + Encrypt ──► Cache Store    │
    │   Request C ──┘                                         │
    │                                                         │
    └─────────────────────────────────────────────────────────┘
                              │
                              ▼
    ┌─────────────────────────────────────────────────────────┐
    │                   ENCRYPTED CACHE                       │
    │                                                         │
    │   AES-GCM(key₁, data₁)  AES-GCM(key₂, data₂)  ...       │
    │                                                         │
    │   • Each entry encrypted with unique key                │
    │   • Keys derived from content + randomness              │
    │   • No plaintext metadata                               │
    │                                                         │
    └─────────────────────────────────────────────────────────┘

Result: Observer cannot determine:
  - Which cached content you accessed
  - When you accessed it
  - How often you access it

Technical Implementation

// Cache key derivation
cache_key = HKDF(
    content_hash,     // What's being cached
    random_nonce,     // Prevents pre-computation
    "nonos-cache"     // Domain separation
);

// Cache entry
encrypted_data = AES-GCM(
    key = cache_key,
    nonce = random_12_bytes,
    plaintext = content,
    aad = timestamp    // Prevents replay
);

Tracking Protection

Blocked Trackers

NØNOS blocks tracking at multiple levels:

Level

Protection

Examples Blocked

Network

DNS-level blocking

Analytics domains, ad networks

HTTP

Header stripping

Referrer, cookies, fingerprinting headers

Script

Pattern matching

Tracking pixels, beacon scripts

Storage

Isolation

Cross-site cookies, localStorage

Fingerprint Protection

Browser fingerprinting techniques blocked:

┌────────────────────────────────────────────────────────────────────┐
│                 FINGERPRINT PROTECTION                             │
├────────────────────┬───────────────────────────────────────────────┤
│ Canvas             │ Randomized rendering output                   │
│ WebGL              │ Standardized vendor/renderer strings          │
│ Audio              │ Noise injection in audio context              │
│ Screen             │ Reported standard resolution                  │
│ Fonts              │ Generic font enumeration                      │
│ User-Agent         │ Normalized, rotating user agent               │
│ Timezone           │ Configurable (default: UTC)                   │
│ Language           │ Configurable (default: en-US)                 │
│ Hardware           │ Generic CPU/memory reporting                  │
└────────────────────┴───────────────────────────────────────────────┘

Network Privacy

Important: Traffic routing (onion/multi-hop routing) is handled by Anyone Network, a separate project. NONOS nodes provide cryptographic privacy services for the browser, NOT traffic routing.

How Network Privacy Works

The NØNOS browser achieves network privacy through integration with Anyone Network:

┌──────────────────────────────────────────────────────────────────────┐
│                     NETWORK PRIVACY ARCHITECTURE                     │
└──────────────────────────────────────────────────────────────────────┘

    ┌──────────────────────────────────────────────────────────────────┐
    │  NOXONE BROWSER                                                  │
    │  └─► NONOS Daemon (ZK identity, cache mixing, tracker blocking)  │
    └──────────────────────────────────────────────────────────────────┘
                                  │
                                  ▼
    ┌──────────────────────────────────────────────────────────────────┐
    │  ANYONE NETWORK (separate project)                               │
    │  └─► Onion routing, multi-hop relay, IP masking                  │
    └──────────────────────────────────────────────────────────────────┘
                                  │
                                  ▼
    ┌──────────────────────────────────────────────────────────────────┐
    │  DESTINATION                                                     │
    └──────────────────────────────────────────────────────────────────┘

Encryption Layers

Layer

Protocol

Purpose

Transport

Noise (XX pattern)

P2P link encryption (NONOS)

Routing

Onion encryption

Multi-hop privacy (Anyone Network)

Content

AES-GCM

Cache encryption (NONOS)

Threat Model

What NØNOS protects against

Threat

Protection Level

How

Website tracking

Strong

Tracker blocking, fingerprint protection

Cross-site linking

Strong

ZK identity, cache mixing

Browser fingerprinting

Strong

Fingerprint protection, normalized values

Cache timing attacks

Strong

Encrypted cache with mixing

Identity correlation

Strong

ZK proofs, ephemeral pseudonyms

ISP surveillance

Strong

Via Anyone Network integration

What NONOS Does NOT Protect Against

Threat

Limitation

Recommendation

Traffic routing

NONOS doesn't route traffic

Use Anyone Network for IP privacy

Compromised device

Cannot protect local data

Secure your device

User error

Logging into accounts de-anonymizes

Separate identities

Advanced timing attacks

Requires additional protection

Use Anyone Network

Privacy Configuration

Default Settings (Recommended)

[privacy]
# NONOS Privacy Services
zk_identity = true
cache_mixing = true
tracker_blocking = true
fingerprint_protection = true

# Data retention
local_history = false
cache_duration_hours = 24

# Note: Traffic routing is configured in Anyone Network settings

Performance Mode

[privacy]
# Balanced privacy/performance
zk_identity = true
cache_mixing = false        # Disable for faster caching
tracker_blocking = true
fingerprint_protection = true

Comparison to Other Solutions

Feature

NØNOS

Tor

VPN

Regular Browser

No central authority

✓

✗

ZK identity proofs

✓

✗

Tracker blocking

✓

✗

Partial

Cache privacy

✓

✗

Economic incentives

✓

✗

Performance

Good

Slow

Fast

Learn More: See Cryptographic Primitives for implementation details.

PreviousArchitecture Overview NextIntroduction to NØNOS Nodes

Last updated 1 month ago

Was this helpful?

hashtagPrivacy Architecture

hashtagZero-Knowledge Identity

hashtagWhat It Does ?

hashtagHow It Works

hashtagTechnical Details

hashtagPrivacy Properties

hashtagCache Mixing

hashtagProblem: Cache Timing Attacks

hashtagSolution: Encrypted, Mixed Caching

hashtagTechnical Implementation

hashtagTracking Protection

hashtagBlocked Trackers

hashtagFingerprint Protection

hashtagNetwork Privacy

hashtagHow Network Privacy Works

hashtagEncryption Layers

hashtagThreat Model

hashtagWhat NØNOS protects against

hashtagWhat NONOS Does NOT Protect Against

hashtagPrivacy Configuration

hashtagDefault Settings (Recommended)

hashtagPerformance Mode

hashtagComparison to Other Solutions

Privacy Architecture

Zero-Knowledge Identity

What It Does ?

How It Works

Technical Details

Privacy Properties

Cache Mixing

Problem: Cache Timing Attacks

Solution: Encrypted, Mixed Caching

Technical Implementation

Tracking Protection

Blocked Trackers

Fingerprint Protection

Network Privacy

How Network Privacy Works

Encryption Layers

Threat Model

What NØNOS protects against

What NONOS Does NOT Protect Against

Privacy Configuration

Default Settings (Recommended)

Performance Mode

Comparison to Other Solutions