- Published on
OpenSats is funding 8 more open-source projects in the bitcoin ecosystem.
BIP 324
v2 transport, v2 P2P transport, encrypted P2P
An encrypted, authenticated transport for the Bitcoin peer-to-peer protocol, replacing the older plaintext format.
BIP 324 is an encrypted transport for the Bitcoin peer-to-peer protocol. Before it, nodes talked to each other in plaintext over TCP, which let any on-path observer see which transactions a node was relaying and which blocks it had seen. BIP 324 wraps the same message protocol in a ChaCha20-Poly1305 authenticated encryption layer with an Elligator Squared Diffie-Hellman key exchange.
The new transport does not authenticate the peer's identity, because Bitcoin nodes do not have a stable identity to authenticate. It only stops a passive observer from reading the traffic and a trivial active attacker from tampering with it. A fully malicious peer is still untrusted, and the normal validation rules continue to do the real work of keeping Bitcoin secure.
Support for BIP 324 landed in Bitcoin Core 26.0, and has since rolled out to other full-node implementations. Nodes negotiate the new transport on a best-effort basis and fall back to the plaintext protocol when the other side does not support it.