Consider SoftEther, which is VPN over Ethernet wrapped in HTTPS. It's open-source. It has a server discovery site called VPNGate. You can host a server to let somebody else use, then use a server soneone else is hosting.
We're really only missing a few things before there's decentralized VPN over HTTPS that anyone in the world can host and use, and it would be resistant to all DPI firewalls. First, a user-friendly mobile client. Second, a way to broadcast and discover server lists in a sparse and decentralized manner, similar to BitTorrent (or we may be able to make use of the BT protocol as is), and we'd have to build such auto-discovery and broadcasting into the client. Third, make each client automatically host a temporary server and broadcast its IP to the public server lists when in use.
SoftEther isn't Tor, it's just like modernized client-server L2TP style VPN, same deal as WireGuard. The volunteer public gateway thing is completely optional and voluntary add-on.
The reason it exists is just that it predates WireGuard by ~decade.
The risk surely exists if you decide to run their gate service:
"After you activate the VPN Gate Service, anyone can connect a VPN connection to your computer, and access to any hosts on the Internet via your computer"
"When you are running the VPN Gate Relaying Function on your company's network, then any person's communication to Internet hosts will be relayed via your company's network."
It's no different from a coffee shop providing an open WiFi, or an ISP providing you with a fiber connection. What people do on it is their problem, not yours. Their web traffic is wrapped in another layer of HTTPS, not in plaintext you can read. Most traffic is not criminal traffic, you're not any more likely to be the exit node for a criminal than you are to purchase something from a criminal in real life. That waitress you just tipped at the restaurant? Might've been a murderer. In either case, you don't know that you've dealt with a criminal. You providing the exit node is like a transaction: you're "paying" for the VPN service by helping run the service.
The point of all this is to make it so that governments can't pin down the IP of any client without expending significant resources. It makes mass surveillance, control, and prosecution prohibitively expensive. Law enforcement would still be able to trace suspects through the hops with their rich arsenal of backdoors, exploits, and clues in the physical world, just not without significant effort and therefore expenses. So they will only be able to pursue criminals in a targeted manner, which is how law enforcement in a free society is supposed to work.
The decentralized VPN service can only work if clients are also servers, otherwise there will be too many people who use the service without contributing to it, resulting in a tragedy of the commons.
The regular SoftEther client server software doesn't have that feature. The VPN Gate features are the features of VPN Gate variant that you're trying to intentionally mixing up with. The regular server still comes with free dynamic DNS that does nothing other than letting you and your approved users access your own server from the Internet and nobody else.
Technically such a mobile client already "exists". I've been working on a cross-platform "super app", which is essentially just a Python REPL, but a key design is that components/controls of the UI framework that hosts it can be returned as a result.
