Hoody allows users to anonymously manage up to 5 devices, which means 5 Hoody Apps concurrently installed. The platform ensures that these devices cannot be linked back to the user's Hoody Key, as the Device IDs are generated by the users themselves and securely stored and encrypted using AES-256. Even Hoody cannot determine which devices are associated with a particular user.
Users can have up to 5 devices, and to start Hoody App on a new device when the limit is exceeded, they need to remove a device from the Dashboard, which will erase the database content permanently for security, there is currently no way to recover the user settings for this device after deletion.
The Device ID is a unique 32 bytes cryptographic identifier, generated when Hoody is installed and run for the first time. It acts as a password for your device.
32 bytes of entropy means there are 2^256 possible combinations. Even if an attacker could try 1 billion combinations per second, it would take roughly 10^61 years to guess your Device ID. That's 10 followed by 61 zeros, years! For comparison, the age of the universe is estimated to be around 10^10 years. So, guessing or brute-forcing a 32 bytes random key is practically impossible.
Your unhashed Device ID is stored exclusively on your device, ensuring that only you have access to it. It's not publicly visible for security purposes.
The Device ID is always passed to the browser after the # in the URL. This ensures that the server can't read it, as anything after the # is not sent to the server and stays client-side only.
Never share your Device ID with anyone, as it could grant them control over your App settings, such as your VPN Location.
Devices can be renamed in the Dashboard for easy recognition. Hoody can't be made aware of this Alias due to encryption. By default, when installing Hoody on a new device, an automatic random Alias such as Anonymous GD91AC
will be generated.
Upon starting Hoody for the first time, the user is prompted to register their newly generated Device ID within the dashboard. This process helps establish a secure connection between the user's device and the Hoody API while maintaining the user's anonymity.
The Database storing Device settings is not hosted on the same servers as the User Keys Database, to avoid correlation using timing attacks.
The Device Database contains the user's settings, such as the VPN Location, Browsing containers, Per-App VPN settings, and virtually all other settings for this specific Device. It is stored encrypted on Hoody servers under an individually encrypted blob in a SQLite database, which is backed up every minute securely. The database itself is additionally encrypted using AES-256 with a frequently changing encryption key that only Hoody Network knows.
Hoody API uses TLS + X25519 (sealed-boxes) to encrypt all communication.
When a query is made from a DeviceID, a dedicated Worker thread is started.
The user sends their encryption key, asymmetrically encrypted using Hoody Public Key. Hoody never keeps the encryption key in its main process, not even in RAM.
The Worker thread is kept alive for 30 seconds and extended each time a new API request is made by the Hoody App. When the Worker thread dies, the encryption key is lost as it's only stored in the program memory.
If a malicious actor were to seize some of our servers, they wouldn't be able to decrypt any of the user's settings and try to guess which user is who.
Hoody App runs a Daemon which is installed on the device. Users can control their devices directly from the Hoody Dashboard. This DeviceID system allows for remote management, which is very practical. For example, you can directly control your Main Windows PC VPN Location from your phone if you share the Hoody Key. You can learn more about Hoody Keys here.
When a Hoody account is extended in duration, it is the user himself that instructs its devices to be extended as we have no knowledge of which Device IDs should be extended. 5 signatures (ED25519) are issued by Hoody Network which allow for current devices registered to be renewed. This process is done automatically in the user's dashboard when credit is added.