← Back to Blogs
HN Story

The Deterministic IP Trap: How Mullvad's Exit IPs Can Be Used for Fingerprinting

May 16, 2026

The Deterministic IP Trap: How Mullvad's Exit IPs Can Be Used for Fingerprinting

For many, a VPN is the ultimate shield for online anonymity. By masking your real IP address with one provided by the service, you effectively decouple your physical location and identity from your web traffic. However, a recent technical analysis of Mullvad VPN has revealed a surprising flaw: the way the service assigns exit IPs can actually be used to track users across different servers, creating a unique "fingerprint" based on the IP address you are assigned.

The Mechanism of Exit IP Assignment

Mullvad differs from many VPN providers by offering multiple exit IPs per server. This vertical scaling prevents any single IP from being over-utilized, which reduces the likelihood of being blocked by websites that employ aggressive rate-limiting or IP-based blocking.

Under normal circumstances, one might expect these IPs to be assigned randomly upon each connection. Instead, the assignment is deterministic. The exit IP is picked based on the user's WireGuard public key, which typically rotates every 1 to 30 days (unless a third-party client is used, in which case it remains static).

The Fingerprinting Vector: A Mathematical Flaw

A security researcher recently put this to the test by mapping the exit IP ranges for several servers. By testing thousands of public keys, they discovered a startling pattern: users were not being assigned a random combination of IPs across different servers. Instead, they were being assigned IPs that occupied the same relative position (or percentile) within their respective server's IP pool.

For example, if a user is assigned an IP that is the 81st percentile of the pool on a server in Sydney, they will also be assigned an IP in the approximately 81st percentile of the pool on a server in New York.

The Root Cause: Seed-Based RNG

The researcher hypothesized that Mullvad is using a seed-based Random Number Generator (RNG) where the user's public key serves as the seed. In languages like Rust (which Mullvad uses for its backend), a call to random_range(0..bound) using a static seed will produce a result that scales linearly with the bound.

Essentially, the RNG generates a float value between 0 and 1, and then multiplies that float by the pool size to determine the IP index. Because the same float is generated for a specific seed (the user's key) regardless of the pool size, the user's "relative position" remains constant across all servers.

Correlating Identities

This deterministic behavior allows for a correlation attack. If an observer (such as a forum moderator or a data broker) has access to IP logs from multiple sessions, they can calculate the float value associated with those IPs.

If two different Mullvad exit IPs from two different servers resolve to the same narrow float range, there is a very high probability that they belong to the same user account. While this doesn't reveal the user's real-world identity (since Mullvad claims not to store user logs), it allows for the persistent tracking of a single "identity" across different VPN servers, effectively defeating one of the primary reasons for using a VPN.

Community Reaction and Official Response

The discovery sparked significant debate on Hacker News, with users weighing in on the trade-offs between privacy and usability. Some argued that VPNs are inherently limited and that users seeking true anonymity should use Tor. Others viewed this as a critical failure for a privacy-focused service.

Notably, the co-founder and co-CEO of Mullvad responded to the discussion, admitting that some of the described behavior was intended and some was not. He stated:

"Some aspects of the described behavior are as we intended and some are not. The cause is not exactly as described in the blog post... we are already testing a patch of the unintended behavior on a subset of our infrastructure."

Conclusion and Mitigation

While Mullvad is working on a fix, the current state of the algorithm makes it possible to correlate users across servers. For those who prioritize maximum privacy, the following steps are recommended:

  • Force Rotate Your Public Key: Log out of the Mullvad app to trigger a key rotation.
  • Limit Server Switching: Avoid switching servers frequently within a single session if you are attempting to avoid correlation.
  • Understand the Tooling: Recognize that a VPN provides privacy from your ISP, but it does not necessarily provide absolute anonymity from the sites you visit.

References

HN Stories