When using Shadow Router, you become a client and an End Node. The diagram above explains how we bypass the port-forwarding requirements for this, as well as our encryption methods used.
We ensure that no traffic is known by the master node, as well as the fact that it is end to end encrypted. We also check End Nodes for legitimacy constantly using a number of methods.
Our system runs quite similar too Shadow Socks, however it is our own brand of Socks5 with Encryption. All of our system is made with Java so it can run on any machine, except IOS...
We ensure that users don't connect too fake Master Nodes using our verification system.