Signal has an option to use a relay server to avoid P2P connections.

Can a VPN be considered a relay server or is there a specific difference?

Will orbot hide my true IP address if handling WhatsApp calls for instance? My WhatsApp number and my actual sim are different. I'm purely concerned with network snooping not SS7 shenanigans.

    Toomanyuserprofiles Will orbot hide my true IP address if handling WhatsApp calls for instance? My WhatsApp number and my actual sim are different. I'm purely concerned with network snooping not SS7 shenanigans.

    If you are connected to a VPN, all traffic goes to the VPN. This also applies to peer-to-peer connections, such as torrent clients etc. As long as you are doing the standard GrapheneOS approach of blocking all connections without VPN (the default option), then you wont have any risk of IP leaks.

    Thanks for coming back to me. I read an article from the guardian project earlier which said people were exposing their IPs by torrenting over TOR. Ie, P2P connections.

    Then there's the Rob Braxman videos talking about the dangers of P2P. I appreciate he's a bit of a fear monger artist and not best loved by all GOS contributors.

    Are we saying that I can run WhatsApp through Orbot and my true IP address is hidden from the recipient?

    I'm sure I've read statements about P2P connections bypassing VPNs.

      Or maybe a better way of describing it would be carrying details of their original IP through their VPN.

      Android is different. The OS implements the killswitch, and like @final said, if you use the two toggles which are the default on GrapheneOS (not the case on Stock OS iirc), you have always-on VPN and you block anything not going over the VPN.

      Unless the VPN app you're using is buggy or malicious and letting traffic through your IP instead of the VPN's, the OS takes care of everything to make sure nothing leaks.

      If you don't trust the VPN app to not be buggy, you can use the built-in VPN feature of the OS and add your VPN there instead of using an app to connect to a VPN server.

      https://grapheneos.org/faq#vpn-support

      VPN configurations created with the built-in support can be set as the always-on VPN in the configuration panel. This will keep the VPN running, reconnecting as necessary and will force all connections through them. An app providing a VPN service can also be set as the always-on VPN via the entry in the Settings page. For app-based VPN implementations, there's also an additional "Block connections without VPN" toggle which is needed to prevent leaks when the app's VPN service isn't running.

        Thanks very much to you both. Supposing I was to adjust the question a bit and say I was worried about the recipient (or someone on their network) finding my true IP, as opposed to ISP meddling...

        Assuming my VPN connection is trustworthy and both toggles are on, is there no part of P2P networking that exposes my original, pre-VPN IP address?

          Toomanyuserprofiles Thanks for coming back to me. I read an article from the guardian project earlier which said people were exposing their IPs by torrenting over TOR. Ie, P2P connections.

          Stories of Tor users being deanonymized via peer to peer networks usually come from Desktop users who will download a torrent file on Tor software, then do the torrenting on a separate app, where they don't have a connection to the Tor Network. Tor is uncommon to be used on the entire OS for desktops except for Tor use purpose OS' like TAILS or Whonix, so for a lot of users Tor connectivity is only by the Tor Browser.

          Toomanyuserprofiles Then there's the Rob Braxman videos talking about the dangers of P2P.

          P2P has (easily mitigated) privacy disadvantages but also has advantageous uses. You're better off looking at a networking article explaining peer to peer networks and network topologies as a whole rather than any YouTuber who may say certain things mixed with well-known truths to promote a product.

          Toomanyuserprofiles Are we saying that I can run WhatsApp through Orbot and my true IP address is hidden from the recipient?

          Yes.

          Toomanyuserprofiles Assuming my VPN connection is trustworthy and both toggles are on, is there no part of P2P networking that exposes my original, pre-VPN IP address?

          Yes. As what matchboxbananasynergy
          has said VPNs on Android via the VPN implementation are OS-wide, if there's no connection to the VPN then internet connectivity to all apps stop.

          I am aware Orbot has a feature to select Tor connections on certain apps only, don't use it. Just use it as a VPN and you will be good to go.