For me, (one of) the moments was when there figured out how to do remote attestation of the server to check that what it was running was what you expected, so you could check its privacy yourself.

Rather a neat subversion of the common corporate use of remote attestation, to preserve user privacy and security rather than curtail it.

Thank you! You are of course referring to System Transparency. I feel obligated to point out that we have yet to fully implement that idea. I've been working on it, and the related projects Sigsum and Tillitis, for the past six years. There have been lots of detours, but we are making progress towards the vision outlined in the blog post I wrote in 2019: https://mullvad.net/en/blog/system-transparency-future

Two years ago we moved the OSS projects System Transparency and Sigsum to its own organization: Glasklar Teknik AB (glasklarteknik.se).

The OSS and OSHW project TKey was moved to Mullvad's other sister company Tillitis AB (tillitis.se)