tl;dr from https://yggdrasil-network.github.io/privacy.html and https://yggdrasil-network.github.io/faq.html
Q: Transport security?
A: End-to-end, but not "officially externally audited"™
Q: How to peer?
A: You can peer to any node with its clearnet ip/port or WiFi/LAN + multicast. If you don't want to be peered to, use a firewall.
Q: What identifies me?
A: Your IPv6 address in Yggdrasil is your identity. It's fixed, unless you change it. Change your address to prevent tracking. If you use Google/Facebook on Yggdrasil, it makes your more tracked (because IP no change).
Also, your peers know your link-layer address (clearnet ip addr/port).
Q: How to provide info about me?
A. Use NodeInfo
section in the configuration file. It's metadata of your identity.
Q: Who can I connect to?
A: Anyone inside the connected Yggdrasil network. Network partition exist, as any mesh network. Add a pubic peer to prevent that.
Q: Who can connect to me?
A: Same as above. Be careful when you open port on your Yggdrasil network interface. Some janky software listen on [::], which includes Yggdrasil.
Q: Can I be enumerated?
A: Currently yes (for debug). netmap Only your Yggdrasil address and network structure is enumerated.
Q: How to use?
A:
yggdrasil -genconf > a.conf
sudo yggdrasil -useconffile a.conf &
# in another terminal
sudo yggdrasilctl getSelf