The SGX TCB isn’t large enough to protect the really critical part of a private VPN: the source and destination of packets. Nothing stops them from sticking a user on their own enclave and monitoring all the traffic in-and-out.
Also, the README is full of AI slop buzzwords, which isn’t confidence-inspiring.
Also, it requires me to trust Intel—an American company, to not have a backdoor in the SGX. That amounts to exactly no trust at all, so it’s a pass from me, and probably any non-US citizen.
Defense in depth only works if you put up meaningful security measures. As numerous people including GP has pointed out, you still retain the means to log user traffic. That's not meaningfully secure than the alternatives.
More importantly, trusting random strangers is much better than trusting a known hostile actor. During the Freenode fiasco, you have repeatedly demonstrated yourself to be untrustworthy and vengeful. Everyone saw your petty revenges against people who dared voice the slightest of criticisms. Why on earth should anyone trust that you'll uphold your customer's privacy no matter what?
I think you should look into the narrative before parroting falsehoods. Further, I’m not sure what came off as a “revenge” in my response unless facts are being interpreted as such.
This is the best critique of VP.net's approach in this thread. The purpose of the enclave approach is that you can be sure they're not logging your traffic. This is an advantage over competitors. But, as you say, this does not actually work. When you connect to the VPN, you don't know whether your traffic really gets mixed with other people's traffic. If it doesn't get mixed, then no matter what the trusted enclave code does, they still know all the input and output traffic belongs to you.
Also, the README is full of AI slop buzzwords, which isn’t confidence-inspiring.