It’s still an open question afaik
edit: I've worded this weird. I was typing on my phone at lunch stuff I'd just learned this morning which referenced this article saying running a log-less Wireguard might not be possible.
AirVPN in :
> "Wireguard, in its current state, not only is dangerous because it lacks basic features and is an experimental software, but it also weakens dangerously the anonymity layer."
and Perfect Privacy:
> "WireGuard has no dynamic address management, the client addresses are fixed. That means we would have to register every active device of our customers and assign the static IP addresses on each of our VPN servers. [...]"
Things may have changed, but it appears that running a log-less vpn provider is actually more complicated with Wireguard than at first glance. Namely the issues around DynamicIPs.
This is a really bizarre misunderstanding of the events.
Wireguard does not generate any log entries by default.
zx2c4 wrote a rootkit which makes it more difficult to retrieve connected users IPs from a running wireguard instance.
But the parent post is wrong, the defensive rootkit is not to prevent logging, it's to prevent extracting the configuration from the kernel. It effectively makes the WireGuard configuration write-only from the perspective of userspace. WireGuard does not do any access logging by default as far as I am aware.