unwat

I would like to confirm this information: Can an ordinary app see your real I address if you are using a VPN? Or will the app see just the VPN IP address?

      JohnPrivacy as long as the app is routed through the VPN and especially if connections without VPN are blocked, the app can only see your VPN IP.

        JohnPrivacy The VPN public IP is the IP that will be seen. Apps won't be able to see the ISP IP as all the traffic is sent to the VPN server. That is assuming you are not using split tunneling.

        If by real IP you mean the local IP (the IP between the phone and WiFi router), I am not entirely sure. The FAQ mentions that apps can not access the MAC address.
        https://grapheneos.org/faq#hardware-identifiers

          By real IP I mean the IP used to communicate with the VPN server, that is the IP address that would show up if I would not being using a VPN.

            JohnPrivacy Gotcha, then the real IP = the ISP public IP. What n3t_admin said is the answer your are looking for. Apps can't see your ISPs public IP if routed over a VPN.

              The option to randomise mac on every user switch would be excellent. And a security boost.
              Network should then reconnect on every user change.

              Is this planned ever to be a part of gos?

                user539 this would require an entire rework of the Wi-Fi implementation because Wi-Fi is shared across users. Since this change would require heavy modifications to the AOSP code, I don't really see a chance of this happening.
                The other possible problem this would introduce, is DHCP starvation, especially in SOHO-type networks. You could easily flood a /24 address range in a matter of a few hours just by switching between users.

                    unwat

                    That is true on regular Stock Android.

                    Not quite, because they use persistent per-network MAC randomization based on a keyed hash so forgetting the network doesn't cycle it. We're considering changing the per-network mode from this to a less persistent mode matching how people would expect it works. It's much less important since we add the per-connection MAC randomization mode which is used by default.

                      user539 That doesn't match how profiles work. They have a shared Wi-Fi connection underneath and multiple profiles can be running at the same time. It doesn't make sense to implement that.

                        n3t_admin Networks should gracefully handle running out of addresses to give out by reusing the least recently used ones. It doesn't cause any harm and clients will get another one if the one they had is taken. Routers unable to handle this are horribly broken and can't even handle being used in a small coffee shop as a network for customers which is embarrassingly bad.

                            GrapheneOS they should and you'd be surprised how often manufacturers completely ignore that. Although sometimes network admins are to blame when they decide that a 7 day lease is perfectly acceptable.