Discord's new end-to-end encryption protocol now goes live, after months of previewing

The new E2EE protocol is now the platform's default.

Reading time icon 2 min. read


Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Key notes

  • Discord’s new DAVE protocol enables end-to-end encryption for voice and video calls.
  • It uses WebRTC for media encryption and MLS for secure group keys.
  • Some risks remain, like metadata exposure and device compromise.
Discord Dave protocol

Discord, the popular instant messaging platform, has finally introduced its latest end-to-end encryption protocol for audio and video calls, DAVE. The announcement came just months after previewing the new encryption tech for better privacy, yet still maintains performance and low latency.

The new, open-source DAVE protocol makes sure that only participants in a call have access to its content, with Discord itself unable to decrypt media. Media, such as audio or video, is encrypted with this key and sent via WebRTC to the group, with the frames being encrypted, packetized, and broadcasted.

“Today, we’ll start migrating voice and video in DMs, Group DMs, voice channels, and Go Live streams to use E2EE. You will be able to confirm when calls are end-to-end encrypted and perform verification of other members in those calls,” says the company in the announcement, making the protocol the platform’s default.

Then, on the receiving end, WebRTC collects the packets, decrypts them using the sender’s key, and reconstructs the media for playback.

Last year, the popular platform tested the Messaging Layer Security (MLS) E2EE protocol to prevent intermediaries, like Discord itself, from accessing all content. These experiments aimed to protect user privacy at scale but won’t apply to Stages, which use different systems.

The MLS is now used by DAVE for scalable group key exchanges, besides verification methods like Voice Privacy Codes to allow you to confirm your identities.

The protocol still does come with a few limitations, though. Discord also said that there are still some risks including metadata exposure (such as call details), potential software vulnerabilities, compromised user devices, and denial-of-service attacks—especially when it’s intentionally disrupted.

User forum

0 messages