Windscribe (VPN Service)

mangomango · December 5, 2025, 4:28pm

What does having client-side or server-side AmneziaWG support entail ?

ignoramous · December 5, 2025, 6:01pm

If ty89’s analysis (above) is correct, this is a misleading statement (hopefully, not made in an official capacity?)

I looked through their codebases, and I see 2 kinds of credentials: OpenVPN and WireGuard.

The former is kind of a like a pre-shared auth.

With the latter, what I’ve found is: The clients generate the private key on their own (and from my review) they don’t send it to Windscribe’s API endpoints (which you say are proxied via Cloudflare). Only the corresponding public key is sent (android, ios, desktop).

What you’re saying is, when the client doesn’t generate the credential/keypair (the browser config generator?), only then is it generated server-side (proxied behind Cloudflare)? Sounds more like a usability thing to me. That said, it is possible to generate credentials for WireGuard right in the browser (literally 4 lines of code).^[1] Can you point to the code you’re seeing that does what you claim (you can consider using archive.is or equivalent to link to the javascript file, if possible)?

downloads/src/warp.js at 0c1d783ba7dda9b9392ad0abb3a401c720930423 · celzero/downloads · GitHub ↩︎

ty89 · January 30, 2026, 10:28am

Users preferring plain Wireguard client instead of the app have to generate the config via website. Wireguard config was being generated server-side and downloaded through Cloudflare when I looked into this a few months ago. The page for config generation is only acessible for paid accounts, however any paying user can verify this using their browser’s network inspector.
Interestingly, after generating that config I didn’t see a way to delete it for the purpose of revoking that private key.

ignoramous · January 30, 2026, 11:20pm

Thanks.

Since your analysis is a “few months old”, are you in a position to run this flow anew or grab hold of the client-side javascript file?

Like I said above, the generation of keys server-side by Windscribe seems like a usability thing to me. The keypair for WireGuard can be generated in the web browser, but I guess Windscribe may have reasons to not trust the web browser (bots, automation etc) for key generation and enrollment.

mangomango · January 31, 2026, 11:30pm

You can delete your VPN credentials in your account settings.

If you have a doubt about one of your connection.

“This will delete all generated VPN credentials and all static IP devices and port forwards (if you have any).”

Topic		Replies	Views
Windscribe VPN Tool Suggestions	2	601	October 20, 2024
Windscribe with Control D Questions	7	1146	July 26, 2025
Looking for my first paid VPN. Trying to figure out how Proton compares to Questions software	19	2618	January 11, 2024
Recommendations for the Best Residential VPN for Occasional Use Questions	9	3217	February 13, 2025
Best VPN? ProtonVPN? Questions software	8	1654	July 16, 2024

Windscribe (VPN Service)

Related topics