No-Logs & Infrastructure Verification
In May 2026, BendWith commissioned an independent security assessment conducted by Cure53. The primary objective was to audit the VPN server configurations, Vless & Hysteria protocol integrity, and verify our strict No-Logs claim. The auditors were granted full administrative access to our node configurations, transit logs, and memory dumps.
Auditors analyzed the active memory of our servers in Hong Kong, Taiwan, and Singapore. The audit confirmed that zero logs (IP addresses, browsing history, query parameters, or connection timestamps) are written to disk. All logging modules are completely disabled at the kernel level.
The implementation of Vless (with custom XTLS/VLESS obfuscation) and Hysteria (running QUIC transport) was analyzed for potential leaks. The cryptographic bindings were verified to be securely configured, leaving zero vectors for active traffic correlation or passive man-in-the-middle analysis.
All nodes run on specialized minimal Linux kernels. Memory dumps under stress-test scenarios showed that no encryption keys or temporary credentials are left exposed in system swap space or unallocated memory blocks.
The Cure53 assessment concluded that BendWith meets the highest industry standards for privacy-first VPN systems. The configuration setups effectively prevent any logs creation, and node tunneling protocols are robustly isolated from sniffing or tracking attempts.