Private Broadcast May Reveal Sender IP Address in Bitcoin Core 31.0
We have become aware of a privacy bug in the -privatebroadcast feature, newly
introduced in Bitcoin Core 31.0, that may cause the originator’s IP address to be
revealed to the receiving peer under certain network conditions. A fix is
forthcoming and will be released with 31.1. Users of -privatebroadcast are
advised to apply one of the workarounds below until 31.1 is released.
Affected users
This bug affects users where all the following are true:
The node is running Bitcoin Core 31.0 and -privatebroadcast is set.
Transactions are broadcast using the sendrawtransaction RPC.
Wallet RPCs (sendtoaddress, sendall, etc.) do not use private
broadcast and are not affected.
Tor is reachable for outbound connections.
Outbound IPv4 or IPv6 connections can be made directly. No -onlynet
restriction excludes them, and no -proxy=... value applies to them.
BIP324 v2 transport is not disabled with -v2transport=0.
Impact
When private broadcast selects an IPv4 or IPv6 peer that advertises
support for v2 (BIP324) transport, the initial connection is routed
through the Tor proxy as expected. If the v2 handshake fails on that
connection, Bitcoin Core retries it as v1. The v1 retry is not routed
through the Tor proxy and instead connects directly to the peer over
IPv4 or IPv6, exposing the originator’s IP address to the recipient.
Initial v1 connections (to peers that do not advertise v2) are
correctly routed through the Tor proxy and are not affected. The
bug is specific to the v1 reconnection that follows a failed v2
handshake. Connections to onion and I2P peers are also unaffected,
because they remain routed through their respective proxies on any v1
retry and therefore never expose a clearnet IP address.
This breaks the privacy guarantee stated in the 31.0 release notes:
“Their IP address (and thus geolocation) is never known to the recipients”.
How this can happen
A v2 handshake is unlikely to fail for a peer that actually supports v2
transport. The bug is most likely to be triggered by a malicious
peer deliberately closing the v2 handshake to force a v1 retry.
Workarounds
Until they can upgrade to 31.1, users of -privatebroadcast should apply one
of the following:
Disable the feature. Set -privatebroadcast=0.
Disable v2 transport. Set -v2transport=0. This causes all of the
node’s connections to use the unencrypted v1 protocol, which has the downside
that it becomes easier to fingerprint and censor on clearnet.
Route IPv4/IPv6 outbound through Tor. Set
-proxy=127.0.0.1:9050 (replace 9050 with your Tor SOCKS
port if different). This routes all outbound IPv4/IPv6 P2P
traffic through Tor exit nodes, which has the downside of making the node
easier to Sybil attack.
Credits
Credit to Eugene Siegel for discovering the bug.
https://bitcoincore.org/en/2026/06/06/privatebroadcast-ip-leak/
#Eenentwintig #Nieuws #News #BitcoinNews
EenentwintigNews / Eenentwintig Nieuwsfeed
npub10e…g0kj9
2026-06-11 18:00:04 UTC
Author Public Key
npub10en2rrs3t9qvgyxjj7c8ku8cmypvmrvrzzthpyd4zzqpwqfdkl7qqg0kj9Published at
2026-06-11 18:00:04 UTCEvent JSON
{
"id": "3ae3fc489cdc9a888e927669d3ccd4eeecfc1392898f33c8c9f676b93b7cb987",
"pubkey": "7e66a18e115940c410d297b07b70f8d902cd8d8310977091b5108017012db7fc",
"created_at": 1781200804,
"kind": 1,
"tags": [],
"content": "Private Broadcast May Reveal Sender IP Address in Bitcoin Core 31.0\n\nWe have become aware of a privacy bug in the -privatebroadcast feature, newly\nintroduced in Bitcoin Core 31.0, that may cause the originator’s IP address to be\nrevealed to the receiving peer under certain network conditions. A fix is\nforthcoming and will be released with 31.1. Users of -privatebroadcast are\nadvised to apply one of the workarounds below until 31.1 is released.\nAffected users\nThis bug affects users where all the following are true:\nThe node is running Bitcoin Core 31.0 and -privatebroadcast is set.\nTransactions are broadcast using the sendrawtransaction RPC.\nWallet RPCs (sendtoaddress, sendall, etc.) do not use private\nbroadcast and are not affected.\nTor is reachable for outbound connections.\nOutbound IPv4 or IPv6 connections can be made directly. No -onlynet\nrestriction excludes them, and no -proxy=... value applies to them.\nBIP324 v2 transport is not disabled with -v2transport=0.\nImpact\nWhen private broadcast selects an IPv4 or IPv6 peer that advertises\nsupport for v2 (BIP324) transport, the initial connection is routed\nthrough the Tor proxy as expected. If the v2 handshake fails on that\nconnection, Bitcoin Core retries it as v1. The v1 retry is not routed\nthrough the Tor proxy and instead connects directly to the peer over\nIPv4 or IPv6, exposing the originator’s IP address to the recipient.\nInitial v1 connections (to peers that do not advertise v2) are\ncorrectly routed through the Tor proxy and are not affected. The\nbug is specific to the v1 reconnection that follows a failed v2\nhandshake. Connections to onion and I2P peers are also unaffected,\nbecause they remain routed through their respective proxies on any v1\nretry and therefore never expose a clearnet IP address.\nThis breaks the privacy guarantee stated in the 31.0 release notes:\n“Their IP address (and thus geolocation) is never known to the recipients”.\nHow this can happen\nA v2 handshake is unlikely to fail for a peer that actually supports v2\ntransport. The bug is most likely to be triggered by a malicious\npeer deliberately closing the v2 handshake to force a v1 retry.\nWorkarounds\nUntil they can upgrade to 31.1, users of -privatebroadcast should apply one\nof the following:\nDisable the feature. Set -privatebroadcast=0.\nDisable v2 transport. Set -v2transport=0. This causes all of the\nnode’s connections to use the unencrypted v1 protocol, which has the downside\nthat it becomes easier to fingerprint and censor on clearnet.\nRoute IPv4/IPv6 outbound through Tor. Set\n-proxy=127.0.0.1:9050 (replace 9050 with your Tor SOCKS\nport if different). This routes all outbound IPv4/IPv6 P2P\ntraffic through Tor exit nodes, which has the downside of making the node\neasier to Sybil attack.\nCredits\nCredit to Eugene Siegel for discovering the bug.\n\nhttps://bitcoincore.org/en/2026/06/06/privatebroadcast-ip-leak/\n\n#Eenentwintig #Nieuws #News #BitcoinNews",
"sig": "111ea12c6939a7a00d4c9e62f6baaab3eebbf2787e12c12a0641bf4f0853bae20d8f785b35d7f719447d6bd49fcd1472222140a88bb0af9bf5425a3130be378b"
}