It is estimated to have 690 million registered users and more than 200 million monthly active users worldwide — and as of March, Discord says every voice and video call on that platform is now encrypted end-to-end by default.
DAVE protocol: an engineering foundation
Discord’s migration to default end-to-end encryption (E2EE) for voice and video was accomplished by extending the open-source encryption protocol called DAVE. First introduced in September 2024, DAVE was developed with assistance and auditing from Trail of Bits and was built to secure audio and video calls, group chats, voice channels, and Go Live streams. The protocol uses WebRTC encoded transforms, Messaging Layer Security (MLS) for scalable group key exchanges, and ephemeral identity keys to improve privacy while minimizing call disruptions and latency when participants join or leave.
Coverage across platforms — and the one clear exception
Discord says the encryption layer now covers direct messages (DMs), group DMs, voice channels, and Go Live streams across the ecosystem where Discord clients run: desktop, mobile, web browsers, PlayStation, Xbox, and through Discord SDKs. The only explicit exception called out is Stage channels, which Discord describes as designed for large public broadcasts rather than private conversations and therefore remain outside of DAVE’s protection.
Rollout completed in March; fallbacks removed
Discord completed the technical implementation in March and reports that extensive at-scale testing gave the company confidence to formally announce the deployment. With that confidence, Discord has begun removing client code that supported unencrypted fallback behavior — a concrete change that should make unencrypted voice and video paths progressively unavailable as clients update.
Technical trouble spots and a concrete fix with Mozilla
Extending DAVE to all supported platforms presented specific engineering challenges, with Discord stressing the need to achieve low-latency levels so the migration would be effectively unnoticeable to users. One compatibility example Discord highlighted was an issue with Firefox. Rather than implement a browser-limiting workaround, Discord engineers worked directly with Mozilla to resolve the problem — a partnership that the company cites as an example of how it addressed cross-platform compatibility.
Why text remains outside DAVE — and no plans to change
Discord says there are currently no plans to extend DAVE to cover text-based communications on the platform. The reason offered is the magnitude of engineering challenges: Discord’s text features were "built from the ground up around non-encrypted messaging assumptions," and those foundational design choices would obstruct a straightforward migration to end-to-end encrypted text today.
What this means for technologists, end users, and policymakers
- Technologists and security teams: Expect voice, video, and stream traffic to be end-to-end encrypted by default now, and plan for the removal of unencrypted fallback code when assessing client configurations and threat models. The use of MLS and ephemeral identity keys means group key exchange behavior and session lifecycle will change compared with non-E2EE deployments.
- End users, creators, and communities: Most private voice and video interactions — DMs, group DMs, voice channels, and Go Live streams — will now be protected by default, but Stage channels remain unencrypted by design. Console users on PlayStation and Xbox and browser users (including Firefox) have been included in the rollout.
- Policymakers and regulators: The deployment narrows the set of unencrypted real-time communications on Discord but leaves Stage channels and text features out of E2EE for now — a distinction Discord has framed as technical rather than policy-driven.
Discord’s shift makes end-to-end encryption the default for the platform’s real‑time audio and video features, completed in March and supported by an expanded DAVE implementation and audited work from Trail of Bits. The remaining, explicit open questions are operational rather than rhetorical: Stage channels stay outside E2EE because of their broadcast design, and Discord says it currently has no plans to migrate text features that were built with non‑encrypted assumptions.
