Welcome to the Surf Shield GitHub organization. We build high-performance, drop-in VPN SDKs and open-source reference clients powered by the Rust-based Leaf proxy engine.
Our mission is to provide developers and network operators with the "pick and shovel" infrastructure needed to bypass Deep Packet Inspection (DPI) and national firewalls without having to build complex OS-level routing from scratch.
We provide production-ready, Apache 2.0 licensed clients. You can fork them, apply your branding, inject your Panel API key, and launch your own VPN service in a weekend.
- 📱 leaf-android: A modern Android VPN client built with Kotlin & Jetpack Compose. Includes a Quick Settings tile,
leafvpn://deep links, an in-memory log viewer, and 8-language localization. Wraps Android's nativeVpnServicewith a robust kill-switch. - ☕ sample-android-java: A legacy-friendly Android reference client built entirely in Java using standard XML layouts, perfect for teams maintaining older codebases or transitioning to the Surfshield ecosystem.
- 💻 leaf-desktop: A cross-platform desktop client built with Tauri 2, Vue 3, and Rust. Features a system tray, auto-updater,
.leafsuboffline file association, and persistent window state. Supports Windows, macOS, and Linux. - 🌐 kotlin-multiplatform-desktop: A unified Kotlin Multiplatform (KMP) desktop client utilizing Compose for Desktop, demonstrating how to integrate the JVM SDK seamlessly across Windows, macOS, and Linux from a single codebase.
Our SDKs handle the messy, OS-level networking so you don't have to.
- Zero-Downtime Hot Swapping: Automatically switches nodes and protocols in the background without dropping the OS-level TUN device or leaking IP addresses.
- Network Survivability: If a user walks from a Wi-Fi zone to a 5G cellular network, the SDK catches the network flap, re-binds the sockets, and triggers a health-check automatically.
- Multi-Path Bonding: Supports MPTP to aggregate multiple TCP/UDP streams, saturating throttled networks.
Our SDKs and the underlying Leaf core support every modern trick in the book to evade DPI and SNI filtering:
- Protocols: Trojan, VMess, VLESS, Shadowsocks, Stealth, HTTP, SOCKS.
- Transports: WebSocket, HTTPUpgrade, HTTP/2 (H2Mux), gRPC, xHTTP, QUIC, FakeTCP.
- Obfuscation: REALITY protocol and TLS ClientHello Fragmentation (randomized packet splitting to break passive SNI inspection).
The clients in this organization are designed to seamlessly integrate with the Surf Shield Orchestration Panel—a closed-core, multi-tenant backend that handles:
- Node Load Balancing: Dynamic configuration generation.
- Crypto Billing: Native integration with NOWPayments for automated deposits and payouts.
- User Quotas: Per-gigabyte traffic tracking and active session limits.
Learn more about the backend at surfshield.org.
- Documentation: https://surfshield.org/docs
- Email: support@surfshield.org
- Issues: Please open an issue in the respective repository. For security disclosures, email us directly.