Geph is a VPN built from the ground up to resist ISP-level censorship. Unlike VPNs that at best play unsustainable cat-and-mouse games with censors, Geph’s architecture and protocols are specifically engineered to be nearly invisible against ISPs and network adversaries.
Over the past 5 years, we have connected millions of users behind strict national firewalls, consistently achieving our service SLA despite targeted attacks by national censorship systems in China and Iran.
We also have a blind signature authentication system that cryptographically guarantees servers can never associate browsing activity with user identities, even if fully compromised.
Everything, including this website, is open source on GitHub.
When connecting, users present a cryptographic proof of valid Plus or Free subscription rather than identifying credentials. This ensures servers can verify authorization while remaining completely blind to user identity. Learn more about the protocol here!
Yes and no — Geph uses a two-hop architecture where users connect to exit nodes through bridge relays. Censors can and do block all the exit servers, but blocking bridges is much harder.
This is because a hard-to-block bootstrap protocol assigns different bridges to different users and continuously rotates them, making enumeration infeasible. Since 2019, we've observed automated enumeration attempts by China’s GFW, but they have consistently failed to disrupt service. Read our architectural overview on GitHub to learn more!
Yes, but not for long! We are actively developing integration with Earendil by achieving full protocol decentralization. This will completely eliminate our infrastructure as a central point of failure.
Geph is entirely supported by our Plus users, rather than NGOs and the like, ensuring our long-term independence and sustainability.