What WireGuard is
WireGuard is a VPN protocol designed by Jason Donenfeld and released in its first stable form in 2020. It was built with a single goal: replace the complex, configuration-heavy VPN protocols of the past (OpenVPN, IPsec/IKEv2) with something smaller, simpler, and faster.
It succeeded. By 2026, WireGuard is the default protocol for most commercial VPNs (ours included), is built into the Linux kernel since version 5.6, and has solid native or third-party implementations on every major platform.
The design philosophy
WireGuard's design choices are aggressive minimalism. Some examples:
- One cipher suite β WireGuard uses ChaCha20 for encryption, Poly1305 for authentication, Curve25519 for key exchange, BLAKE2s for hashing, and HKDF for key derivation. No negotiation, no algorithm options, no legacy modes. If a vulnerability is found in any of these, you replace the protocol version wholesale.
- UDP-only transport β no TCP option, no mode-switching. Faster and simpler.
- Stateless server, by design β the handshake is brief, no connection-tracking required for mainstream operation.
- Cryptokey routing β peers identified by public key, not by IP or credentials.
- ~4,000 lines of code β compared to OpenVPN's ~70,000 and IPsec's hundreds of thousands.
How it works (briefly)
WireGuard sits as a network interface (like
wg0) that your operating system treats as just
another route. When you send a packet to an IP in the
VPN's tunnel range, the kernel hands the packet to the
WireGuard module, which:
- Looks up which peer corresponds to that destination (cryptokey routing).
- Encrypts the packet using the peer's pre-established session keys.
- Wraps it in a UDP packet and sends it to the peer's endpoint.
The peer receives the UDP packet, decrypts it, and emits the inner packet to wherever it was originally destined.
The handshake (which establishes the session keys) uses the Noise Protocol Framework. It typically completes in a single round-trip β fast enough that mobile users barely notice when networks switch.
Performance
WireGuard is genuinely faster than OpenVPN in most scenarios:
| Metric | WireGuard | OpenVPN |
|---|---|---|
| Throughput (Gigabit link) | ~950 Mbps | ~250-400 Mbps |
| Handshake time | ~1 RTT (~5-50ms) | ~6 RTT (~50-500ms) |
| CPU usage at line rate | Low | High |
| Battery impact (mobile) | Low | Moderate |
The performance gap is real and consistent across benchmarks. For mobile users, the battery impact difference is especially noticeable β WireGuard's smaller handshake and more efficient crypto mean fewer wake-ups and less processor work.
Security
WireGuard's security has been the subject of multiple formal verification efforts and academic reviews. The design uses well-vetted cryptographic primitives, and the small code base makes vulnerabilities easier to spot. There have been no major security incidents in the protocol since release.
Known limitations:
- Peer identification by IP persistence: because WireGuard maps public keys to last-known IPs, a peer's traffic patterns are slightly more traceable than OpenVPN's. In commercial VPN deployments, providers typically handle this with dynamic IP assignment.
- No native authentication beyond public keys: for VPN providers, this means there's no username/password built into the protocol; user identity is handled at a different layer.
- MTU sensitivity: some networks with unusual MTU configurations require manual tuning.
WireGuard at ClownVPN
We use WireGuard as our default protocol on Android. The
choice was straightforward: faster, lower battery impact,
smaller attack surface. Our implementation uses
wireguard-go, the official Go implementation
maintained by the WireGuard team.
For users on networks that block UDP (some corporate environments, restrictive hotel WiFi), we fall back to OpenVPN over TCP. See our OpenVPN explainer for details on when the fallback kicks in.
Where to learn more
- wireguard.com β official site with technical papers.
- The WireGuard whitepaper β the original design document.
- /features/protocols/ β what we ship.