Full Report
Discord created a new end to end encryption protocol they call DAVE. This will be used on DMs, group DMs, voice channels and live streams on Discord in the future. For key exchange, they use the Messaging Layer Security protocol. This protocol allows having a per sender encryption key for all members of a group. Whenever a member of the group leaves or joins, the key exchange must be done again to prevent some attacks, which is well-thought out. For identity and user verification, they use the MLS ciphersuite with ECDSA signatures. Each participant generates an identity key pair and shares this with other members on the call. Each device generates a private key so no synchronization isn't needed between devices. These are ephemeral and re-generated for each call. I love reading articles from big companies about security best practices. Since these companies have the money and time to put effort into it, the needle can really be moved with the effort!
Analysis Summary
# Industry News: Discord Launches "DAVE" Protocol, Bringing E2EE to 200 Million Users
## Summary
Discord has officially launched "DAVE," a custom-built end-to-end encryption (E2EE) protocol designed to secure audio and video communications across DMs, group calls, and live streams. By implementing the Messaging Layer Security (MLS) standard, Discord is significantly upgrading the privacy architecture for its 200 million monthly active users while maintaining its existing content moderation model for text-based messages.
## Key Details
- **Date:** September 17, 2024
- **Companies Involved:** Discord, Trail of Bits (External Auditor)
- **Category:** Product Update / Security Infrastructure Launch
## The Story
Discord is transitioning its massive real-time communication infrastructure to the DAVE (Discord Audio Video Encryption) protocol. Historically, while Discord used transport encryption, the media keys were accessible to the company to facilitate call routing and processing.
The new DAVE protocol utilizes the **Messaging Layer Security (MLS)** protocol for key exchange, allowing for efficient group state management. A critical feature of this implementation is "Post-Quantum resistance" logic where keys are rotated every time a member joins or leaves a call, ensuring that past and future media remains inaccessible to unauthorized parties. To ensure transparency, Discord has open-sourced the protocol's libraries and whitepaper, and successfully completed a secondary design and code audit with cybersecurity firm **Trail of Bits**.
## Business Impact
### For the Companies Involved
- **Brand Trust:** By implementing E2EE, Discord addresses long-standing privacy critiques, positioning itself as a mature platform capable of protecting sensitive user data.
- **Operational Complexity:** Managing E2EE at the scale of 200 million users introduces significant engineering overhead, particularly regarding device synchronization and web-client compatibility.
### For Competitors
- **Raising the Bar:** Competitive platforms like Slack, Telegram, and WhatsApp (which already has E2EE) are now in a tighter feature race. Use-cases that previously shifted to "more secure" apps may now stay within the Discord ecosystem.
- **Standardization Pressure:** Discord’s adoption of MLS signals a market shift toward standardized, scalable encryption frameworks rather than proprietary, "black box" solutions.
### For Customers
- **Improved Privacy:** Users gain "zero-trust" assurance that their private voice and video conversations cannot be intercepted by Discord or third-party bad actors.
- **Consistent User Experience:** The rollout is designed to be "transparent," meaning users should see no degradation in latency or call quality despite the added cryptographic layers.
### For the Market
- **Privacy as a Standard:** This move reinforces the trend of privacy becoming a non-negotiable feature for mainstream social and communication platforms, not just niche "secure" messaging apps.
## Technical Implications
Discord’s use of **MLS with ECDSA signatures** for identity verification is a sophisticated choice. By generating ephemeral, device-specific private keys for each call, they eliminate the need for complex cross-device key synchronization. Furthermore, the use of the **WebRTC encoded transform API** allows them to bring E2EE to browser-based clients, a historically difficult technical hurdle for real-time media encryption.
## Strategic Analysis
- **Market Positioning:** Discord is evolving from a "gamer chat app" into a robust, privacy-conscious communication infrastructure suitable for a wider array of professional and personal communities.
- **Competitive Advantage:** Open-sourcing the protocol and hiring Trail of Bits provides a level of verifiable security that many competitors lack, creating a "transparency moat."
- **Challenges:** Discord explicitly stated that **text messages will not be encrypted** to allow for content moderation. This "hybrid" security model may confuse some users or face criticism from privacy purists.
## Industry Reactions
- **Analysts:** Generally positive, noting that Discord is moving toward industry best practices by adopting MLS.
- **Security Experts:** Praise for the decision to open-source the protocol and provide a detailed whitepaper, which allows for continuous community peer review.
- **Market Response:** Viewed as a necessary evolution to compete for the "Gen Z" demographic that prioritizes digital privacy.
## Future Outlook
- **Phase 2 Expansion:** Expect support to extend to all legacy clients and potentially more complex "Go Live" scenarios in 2025.
- **Regulatory Scrutiny:** As with all E2EE rollouts, Discord may face pressure from governments regarding "lawful access," though their decision to keep text unencrypted acts as a strategic compromise.
## For Security Professionals
Practitioners should take note of Discord’s implementation of MLS. It serves as a high-profile case study for deploying group encryption at scale. The **Trail of Bits audit reports** and the **libdave** GitHub repository offer valuable insights into modern cryptographic implementation, particularly regarding the handling of per-sender encryption keys and ephemeral key management in high-concurrency environments.