It seems to be quite hard to find information on how to run an orchid node to begin with. But I don’t currently see a way around these risks if you allow others to use your private connection. You’re basically punching a hole through your defenses and giving people free reign to do with your connection what they please. Just like a traditional VPN they emerge onto the internet at the VPN exit point, which in this case would be your own system on your own network.
I noticed for Mysterium that the docker setup requires you to give the container NET_ADMIN permissions too. I can’t find much info on how to setup an orchid node, but I imagine it won’t be much different.
These are basically just VPNs tied to a crypto access control and payment system. But they don’t provide a way around taking on the responsibility and risk of running a VPN. It really doesn’t sound like something you want to run on your own network or even under your own personal legal entity.