The 500 MiB thing is because the frontend is an Electron app. That's sadly how it is with Electron. The UI can of course be re-written into a language/framework that produces way smaller programs, but it's not currently really worth the tradeoff. Most people are not that constrained in disk or internet speeds. https://github.com/mullvad/mullvadvpn-app/issues/1572

The downloads folder access thing is because Apple made it so. If you run an installer from the downloads folder it will need access to the downloads folder. This has nothing to do with Mullvad, but is a permission check macOS puts on all software. The Mullvad VPN app has no code for doing anything in the Downloads folder specifically.

The Windows installer is 1/3 the size of the Mac one. It's just kinda surprising.

The macOS installer is a universal installer. Meaning it contains the entire app twice. Once for Intel and one for Apple Silicon. With a macOS installer for only one architecture its size would be cut in half. Windows don't have this problem.

This can be very confusing indeed, since there are multiple ways of doing multihop. Please see my description in https://news.ycombinator.com/item?id=31012071.

The guide at https://mullvad.net/en/help/wireguard-and-mullvad-vpn/ only talks about how the config files does it. Which is completely different from how the app does it!

Your description is correct for the configuration files, yes! But it's not correct for the app. There are multiple ways of doing multihop with Mullvad. The config files use a simple redirect where each server has a unique port it's reachable over on all other servers. That's what the config files are doing.

But the app actually has a wg tunnel inside another wg tunnel. If you (on Linux) run `wg` (as root) in a terminal when it's connected with multihop you will see that it has two peers set up for the `wg-mullvad` interface, one peer is routed through the other.

So the only thing that SE4 can see is encrypted WireGuard traffic headed for NL1.