TL;DR: WireGuard is a modern VPN protocol that combines speed, security and simplicity. It was written by Jason Donenfeld in the mid-2010s and merged into the Linux kernel in 2020. It has far less code than OpenVPN or IPsec, uses one fixed, modern set of cryptography (ChaCha20, Poly1305, Curve25519, BLAKE2s) and runs inside the operating-system kernel. In practice that means lower latency, higher throughput, less battery drain on your phone and near-instant reconnection when you switch networks. In LiMP, WireGuard is the default protocol, so you don't have to configure anything.
What a VPN protocol is
When you switch on a VPN, an encrypted "tunnel" is created between your device and a server: all your traffic is wrapped in encryption, and nobody along the way — not the Wi-Fi owner, not your internet provider, not an attacker on the same network — can read its contents. A VPN protocol is the set of rules by which that tunnel is built and maintained.
A protocol solves three problems. First, how to agree on a connection: how the client and server find each other, exchange keys and confirm they're talking to the right party (the handshake). Second, how to encrypt the data. Third, how to keep the channel alive through lost packets, a change of network or a temporary drop. How cleverly a protocol solves these problems directly affects what you feel in practice: how fast pages load, how long your battery lasts and whether the VPN "falls off" when your phone switches from Wi-Fi to mobile data. If you're just getting started, begin with a plain explanation of what a VPN is in simple terms.
Historically, users had two main protocols: OpenVPN and IPsec (often paired with IKEv2). Both are reliable and battle-tested, but both share one problem — they're big and complex. The more code a protocol has, the more computation per packet, the higher the latency, and the harder that code is to audit. WireGuard set out to solve exactly this.
The history of WireGuard
WireGuard was designed and written by Jason Donenfeld, a security researcher. The first public versions appeared in the mid-2010s, and the approach was unusual: instead of bolting new features onto heavy protocols, Donenfeld went the opposite way — build the smallest, simplest protocol possible that gives up nothing on security and is faster on top of it. The less code there is, the fewer places a bug can hide, and the easier it is to review the whole thing. WireGuard deliberately dropped dozens of configurable algorithms and kept one proven set.
The turning point was 2020: WireGuard was merged into the mainline Linux kernel. That's a rare and telling event — only code that has passed strict community review gets into the kernel. Linus Torvalds himself publicly praised the elegance of WireGuard's code against the "horror" of older solutions. After that the protocol was quickly ported to Windows, macOS, iOS, Android and routers, and VPN services made it their default one after another. By 2026, WireGuard is a mature, proven standard: behind the outward simplicity sit several years of work, independent audits and formal verification of the cryptography.
Why WireGuard runs faster
"Faster" here comes from three understandable engineering decisions.
A minimal codebase
WireGuard has far less code than OpenVPN and IPsec. Every network packet passes through the protocol's code, and the shorter and more direct that code is, the fewer operations the CPU performs per packet — higher throughput and lower latency. The older protocols accumulated functionality over years: many modes, backward compatibility, dozens of configuration options. All of that is valuable for compatibility, but every line is both a potential vulnerability and extra CPU work. WireGuard was born when the right cryptographic choices were already known, so it could start from a clean slate.
Modern, fixed cryptography
WireGuard uses one pre-chosen set: ChaCha20 for encryption, Poly1305 for integrity, Curve25519 for key exchange and BLAKE2s for hashing. These are modern, fast and well-studied primitives. ChaCha20 is especially efficient on mobile processors that lack hardware AES acceleration — exactly the smartphones where VPNs are used most. Unlike OpenVPN, which supports dozens of algorithm combinations and spends time negotiating which to use, WireGuard negotiates nothing — the set is fixed. That removes an entire negotiation step and closes off a whole class of downgrade attacks: there's nothing to negotiate, so there's nothing to weaken.
Running in kernel space
OpenVPN runs in "user space": every packet travels between the kernel and a separate program and back. Those context switches cost CPU time and add latency. WireGuard lives inside the kernel, next to the network stack, so there are no extra round trips. The result is noticeably lower latency (ping) and steadier, higher speed under load — in practice it feels like "the VPN isn't even on." The same factors save battery: less CPU work and no energy-hungry reconnections mean a phone with an always-on VPN lasts meaningfully longer than with older protocols. On mobile platforms like iOS, where kernel access is restricted, WireGuard runs through system network extensions, but the compactness and efficient cryptography carry over there too.
How WireGuard establishes a connection
WireGuard is built on the Noise cryptographic framework — a modern, well-studied set of patterns for secure key exchange. Each party (your device and the server) has a key pair: a public key and a private key. The parties exchange public keys in advance, and the private keys never leave the device. When you connect, a short handshake of a few messages takes place: the parties confirm each has the right private key, and together they compute a temporary session key that then encrypts the traffic. This session key is refreshed periodically — so even if someone theoretically obtained one key, they couldn't decrypt all past and future traffic. This property is called forward secrecy, and it's built in by default.
An important detail: WireGuard identifies the other party by its cryptographic key, not by IP address or port. So when your phone changes network and arrives from a different address, the server doesn't need to start over — it recognizes the familiar key and simply continues. That's the source of the instant roaming. Another feature is the "silence" principle: if there's no data on the tunnel, WireGuard sends almost no housekeeping packets, so it doesn't needlessly wake the phone's radio and saves battery. It runs over UDP — a fast transport without extra acknowledgements per packet, which also lowers latency. The flip side is that the recognizable UDP signature of WireGuard traffic is exactly what makes it visible to DPI systems, covered below.
Comparison: WireGuard, OpenVPN and IKEv2/IPsec
There are no "measured" gigabit or millisecond figures here — real values depend on your hardware, server and network. We're describing the behavior the protocols' architecture guarantees.
| Criterion | WireGuard | OpenVPN | IKEv2/IPsec |
|---|---|---|---|
| Codebase size | Very small | Large | Huge |
| Speed | Usually the highest | Lower, higher CPU load | High, close to WireGuard |
| Latency (ping) | Minimal (runs in kernel) | Noticeable (user space) | Low |
| Cryptography | Fixed modern set | Configurable, dozens of options | Configurable |
| Network change | Near-instant | Often a full re-establish | Very fast (MOBIKE) |
| DPI evasion / obfuscation | None out of the box | Yes, via plugins | Limited |
| Mobile battery use | Low | Higher | Low |
| Auditability | High | Medium | Low |
WireGuard wins on speed, latency, battery and code auditability; IKEv2/IPsec is close on speed and also survives network changes well, but its codebase is incomparably larger; OpenVPN loses on speed but remains indispensable where you need obfuscation — disguising VPN traffic as ordinary HTTPS to get past heavy censorship. The faster the tunnel recovers on a network switch, the smaller the chance that some traffic leaks onto the open network; a kill switch additionally covers that moment by blocking all internet until the tunnel is back.
Security and auditability
A small codebase is not only about speed but directly about security. A compact codebase can realistically be read and reviewed by hand by a single expert team in reasonable time; reviewing IPsec's huge codebase is a months-long task, and guaranteeing that no vulnerability remains in that volume is practically impossible. Less code means a smaller attack surface. WireGuard has passed several independent security audits, and its cryptographic properties have undergone formal verification — a mathematical way to prove the protocol behaves as intended. In protocols with a configurable set there's always a risk that an outdated cipher stays enabled, or that an attacker forces a weaker variant. In WireGuard there is no choice — only modern, proven algorithms; weak variants simply don't exist in the code. It's a rare case where a lack of flexibility is a virtue.
Limitations worth knowing
WireGuard isn't perfect. There aren't many weak spots, but they exist.
Obfuscation and DPI evasion
WireGuard doesn't disguise its traffic as something else. It has a recognizable "signature," and the deep packet inspection (DPI) systems used in heavily censored countries can detect and block a WireGuard connection. OpenVPN with obfuscation plugins can pretend to be ordinary HTTPS and gets through better in such conditions. If your main goal is bypassing advanced blocking, plain WireGuard may not be the best choice; for that case providers add separate obfuscation layers on top.
Static IP mapping
By default WireGuard assumes a fixed mapping between a client and its internal IP address inside the tunnel, and a server could in theory use that address to track a client over time. In practice it's a long-solved problem: VPN providers use dynamic NAT and their own IP-assignment mechanisms so that the mapping never becomes a user identifier. Both limitations are not about encryption security (that's excellent) but about adjacent tasks — censorship evasion and server-side privacy — and both are solved on the provider's side.
When WireGuard isn't the best choice
There are situations where you should deliberately not choose WireGuard, but for an ordinary user they almost never come up.
- Heavy censorship with advanced DPI. If you're on a network that actively blocks VPN traffic by signature, plain WireGuard without an obfuscation layer may not get through — OpenVPN with masking, or obfuscated modes on top of WireGuard, save the day.
- Old or exotic hardware. On devices without modern WireGuard support (very old routers, niche systems) you may have no choice.
- Corporate requirements for specific cryptography. Sometimes internal policy mandates particular or certified algorithms that aren't in the fixed set.
In all other cases, WireGuard remains the optimal choice on the balance of speed, security and convenience. If you're choosing a service from scratch, use the criteria from our guide on how to choose a VPN in 2026.
Checklist: when to choose WireGuard
- You use a VPN mainly on your phone and care about battery.
- Speed matters to you: streaming, video calls, downloads without an artificial ceiling.
- You often switch between Wi-Fi and mobile data and don't want a drop at every change.
- You want to keep the VPN on all the time without worrying about device load.
- You want modern, audited cryptography with no risk of weak settings.
- You prefer a solution where nothing needs manual setup.
- You are NOT on a network with aggressive DPI blocking of VPNs (there you need an obfuscation layer on top).
How to enable WireGuard
In modern VPN apps you usually don't need to enable WireGuard by hand — it's the default. In LiMP that's exactly the case: you install the app on iOS or Android, sign in, tap "Connect" — and the connection already runs over WireGuard, with no config files or keys. If you use a service where the protocol is selectable, look in the connection settings and choose WireGuard as the primary option, keeping OpenVPN as a fallback for networks with blocking. And don't forget about protection from ISP tracking — a modern protocol hides the contents and the addresses you connect to, but it's worth understanding how that works. We covered setting up an always-on VPN in detail for iPhone and for Android.
Conclusion
WireGuard is that rare case where "simpler" means "better" along several axes at once. A minimal codebase, fixed modern cryptography and kernel-level operation deliver high speed and low latency; identifying peers by keys gives instant reconnection and battery savings; and compactness plus audits give a high level of trust in its security. The protocol has honest limitations — no obfuscation out of the box and the static-IP nuance — but the first only matters on heavily censored networks and the second has long been solved on the provider's side. In LiMP this protocol already works for you by default: nothing to configure, everything out of the box on iOS and Android, no logs, for 100 ₽/month (billing is handled by OOO LIMP). If you want a fast, efficient and secure VPN with no technical hassle — check out the pricing page and connect.
FAQ
Can someone tell which sites I open just from my WireGuard traffic?
No. The contents and destination addresses are hidden inside the encrypted tunnel. An observer on the network only sees that you're connecting to a VPN server over UDP, not where your traffic goes next. From the signature they may tell it's WireGuard, but not what's inside.
How does ChaCha20 in WireGuard differ from AES in other protocols?
Both ciphers are considered strong. The difference is practical: AES is fast where there's hardware acceleration (many desktop CPUs), while ChaCha20 is faster on devices without it — on some mobile chips. Since VPNs are used mostly on phones, WireGuard's bet on ChaCha20 makes sense.
What is forward secrecy and why does it matter to me?
Forward secrecy means the session keys are temporary and refreshed periodically. Even if an attacker ever obtains a long-term key, they can't retroactively decrypt traffic captured earlier. In WireGuard this property is on by default.
Does double-VPN protect better thanks to WireGuard?
Double-VPN adds an extra hop and hides the connection chain, but it doesn't make the encryption itself mathematically stronger — strength comes from the algorithms, not the number of tunnels. For most users a single, properly configured WireGuard tunnel is more than enough.
Does WireGuard run in the kernel on iPhone?
No. On iOS kernel access is restricted, so WireGuard runs through a system Network Extension in user space. The architectural advantages — compactness and efficient cryptography — still carry over, though the "runs in the kernel" benefit is smaller on iOS than on Linux.
If WireGuard is so good, why do services still keep OpenVPN?
Mainly for bypassing blocks: OpenVPN can masquerade as ordinary HTTPS, which matters on networks with heavy DPI, and it also runs on old hardware without WireGuard support. So it's kept as a fallback rather than the primary option.
