Proxy really only applies to
- A client
- A joining node
Then the network of vaults establishes. So every vault knows it’s sections/groups IP:port and its neighbors IP:port. Clients go through a proxy the whole time and their IP is scrubbed on hop 1. Vaults IP is scrubbed on hop 1 as well, but they do communicate directly with each other via IP:port (encrypted communications though).