Nah. It’s trickery happens at the IP layer, where MITM stuff works at layers 3 & 4. It sets up whatever it’s doing for an anonymizing encrypted channel and hooks that to a tap device. Then it can just setup a route table or firewall rule that tells the kernel to take all packets from the internal interface and shovel them into the tap interface. Which hands them to the daemon doing the encryption and that sends them out the external interface, possibly for a little onion routing, and then off to the real destination from the exit node. Return packets take the reverse route, and neither client nor server sees anything hinky going on. It just looks like a normal internet connection.
That said, I don’t know what this thing is using for peer-to-peer VPN. I can think of a way to build this with off the shelf software, but I wouldn’t want to put it on my network: Looking at their website, it’s pretty short on details, other than mentioning what appears to be a proprietary OS and something something blockchain something.
Edit: the OS and software is definitely proprietary and they’re a bunch of blockchain solves everything wankers. Don’t touch this thing until it’s been thoroughly worked over by security researchers. They rolled their own crypto and system software. Which means they fucked it up, but no one knows how yet (and especially not them).
