DAMM · private VPN
One click. About 30 seconds.
You'll be online via Germany.
No signup. No email. No app to install beyond WireGuard from your app store.
Detecting your device…
Strong encryption (WireGuard · ChaCha20-Poly1305). Your traffic exits from a server in Germany. Your private key is generated in this browser tab — we never see it. Nothing breaks if you stop halfway.
Tell me more before I click
Why this exists. Sometimes networks decide what you can and can't reach. DAMM is a small, honest tunnel: your packets leave your device, ride encrypted to our machine in Germany, and from there go to wherever you wanted in the first place. The encryption is WireGuard's. The hosting is on our credit card. The code is open.
What we see. Your public key. The IP address you talk to us from. The amount of traffic you move (for capacity planning). When you connect. What we don't. Your private key (made in this browser, never sent). The contents of your traffic (encrypted by WireGuard). What sites you visit (we see the destination IPs, like any router; we don't log them).
Been here before? Use the power-user client to inspect, refresh, or replace a profile you already have. The wizard makes a fresh one each time.
Worried this might be a trap? Reasonable concern. Read the architecture map, the honest critique of our own design, and the runbook before clicking. None of those are marketing.
preparing your tunnel
Live debug log
your tunnel is ready · —
Move it into WireGuard
Show the WireGuard config
Treat this like a password — it includes your private key, made just now, only on this device.
Connection posture
- Encryption
- ChaCha20-Poly1305 (WireGuard default)
- Key rotation
- ~every 2 minutes, automatic
- Gateway
- —
- Endpoint
- —
- Tunnel address
- —
- Egress
- —
- Tier
- early-adopter
- Obfuscation
- T0 (bare WireGuard) — heavier transports coming
Wrong device detected? Pick another and redo.
How DAMM stays alive under pressure · Runbook · open source.