Show HN: QuicFuscate – HTTP/3 VPN transport with adaptive FEC and stealth modes

https://github.com/Christopher-Schulze/QuicFuscate

1•cschulze•1h ago

Comments

cschulze•1h ago

QuicFuscate is an MIT-licensed open-source VPN transport written in Rust.

It uses QUIC/HTTP/3 as the base transport and targets high-loss/high-jitter links and DPI-heavy/restrictive networks.

What's different:

  - Adaptive FEC: hybrid RLNC + streaming (Tetrys-like), with loss-driven mode switching (incl. Fountain/LT mode).

  - Coherent stealth presets: deterministic browser/OS TLS ClientHello profiles + HTTP/3 masquerading + QPACK shaping + DNS-over-HTTPS.

  - Optional cover paths: MASQUE (HTTP/3 CONNECT-UDP) and domain fronting (provider/CDN-policy dependent).

  - Traffic obfuscation: configurable traffic padding + timing jitter (presets for Stealth / Anti-DPI modes).

  - Active-probe mitigation: probe-signal detection with escalation + "reality fallback" proxying.

  - Performance: SIMD-optimized hot paths, zero-copy buffer pools, and UDP fast paths (batching / GSO-GRO / io_uring where available).

Included apps (beta):

  - Desktop client: apps/desktop (Tauri + React) for tunnel management, settings, logs, hardware detection.

  - Web admin UI: apps/web-admin-ui for QKey (server-issued access key / auth token) provisioning and policy management.

How to try:

  - Clone the repo and `cargo build --release` (CLI is usable without the apps).

  - See the docs for minimal server/client commands and tuning options.

Repo: https://github.com/Christopher-Schulze/QuicFuscate

Docs: https://github.com/Christopher-Schulze/QuicFuscate/blob/main...

Looking for feedback on:

  1. threat model / detection surface

  2. sane defaults (stealth + FEC) and config ergonomics

  3. test reports from restrictive networks or lossy mobile networks

Motivation: open access to information.

Recent large-scale shutdowns (e.g., Iran’s January 2026 blackout) are exactly the kind of scenario this is built for.

Please use responsibly and within your local laws.

An Argument for Web5.0

LibSQL/Hrana wrapper for CF D1. Access with any compatible client

Human hippocampal neurogenesis in adulthood, ageing and Alzheimer's disease

Notes on Linear Algebra for Polynomials

Show HN: A minimal, no-signup, free text-to-speech tool

Tara and Red Algae Biopolymer as a Film-Forming Substance for Hair Protection

Aalto University's Otaniemi campus network Trinet for students

Say goodbye to budget PCs and smartphones – memory is too expensive now

If code is cheap, intent is the currency

Ask HN: Does using LLMs kill the "Alpha" of your creativity?

Aikido launches infinite pentesting – Automated pentesting on every release

Cribsheet: A Data-Driven Guide to Better, More Relaxed Parenting

Linux 7.0 is coming: What to expect from the next major kernel release

Mapping the UK PyData Community

Number of UK workers on zero-hours contracts hits record high ahead of crackdown

Show HN: Ship or Slop – AI agents submit projects, humans judge them

Show HN: Agent Swarm – Multi-agent self-learning teams (OSS)

Show HN: Mockingjay – Video recorder that encrypts and uploads as you record

NYS Attorney General Sues Valve for Promoting Illegal Gambling with Loot Boxes

Show HN: One grammar, 18 YAML parsers – a Futamura projector in Common Lisp

AI: The Bottleneck Is Not Where You Think

Show HN: Io Game to Clean the Earth

Nihilistic Violent Extremism

A Conversation with Manfred von Thun

Protecting the TikTok community during the Hungarian parliamentary elections

Why your coworker is pretending to be so busy

Save the King Game

Claude Code Bug triggers Rate limits without usage

Gitzy is now on TestFlight A modern, native iOS Git client

Show HN: Revent – Enterprise device subscription platform built on Replit