Magic Wormhole: Get things from one computer to another, safely
Core Purpose & Typical Uses
- Designed for one-off, encrypted file (or key) transfers between arbitrary machines, not persistent sync.
- Common uses: sending files to strangers (e.g., at conferences), initial machine setup, bootstrapping SSH access, moving data between servers/VMs, and multi-hop environments where
scp/rsyncare awkward. - Especially valued when devices are on different networks, behind NAT, or when no “permanent pairing” is desired.
Architecture: Mailbox, Transit & NAT
- Two main components:
- Mailbox (rendezvous) server: very low bandwidth; used only to exchange setup and key-exchange messages. All mutually communicating clients must share the same mailbox. Default is
relay.magic-wormhole.io. - Transit relay: carries bulk encrypted data when direct P2P is impossible (
transit.magic-wormhole.ioby default).
- Mailbox (rendezvous) server: very low bandwidth; used only to exchange setup and key-exchange messages. All mutually communicating clients must share the same mailbox. Default is
- Clients attempt direct connections first (including LAN), then fall back to the relay. Users can self-host a transit helper and/or mailbox.
- Hole-punching is being improved to reduce relay bandwidth and cost over time.
Security Model & SPAKE2 Discussion
- Uses SPAKE2 (a PAKE) to turn a short, human-friendly code into a strong shared key, then uses symmetric encryption (NaCl SecretBox; Noise in some “dilated” tools).
- Concern: short codes might be brute-forced. Clarification: a wrong guess causes both endpoints to abort that specific transfer; an attacker effectively gets one try per wormhole code.
- Optional
--verifymode displays a hash for out-of-band verification, mitigating targeted MITM attempts. - Post-quantum security is raised but not resolved; current design is classical (SPAKE2 + symmetric crypto).
Implementations, Clients & Browser Angle
- Primary implementation is a Python CLI; Rust and Haskell versions exist, plus multiple GUIs and mobile apps (Android and iOS) and a web app (e.g., Winden). Interop often requires configuring the same mailbox/relay URLs.
- A fully browser-native version would likely need WebRTC plus signaling; some WebSocket relay support exists, but complete WebRTC integration is not yet done.
Alternatives & Comparisons
- Compared with:
- WireGuard/Tailscale: persistent VPN connectivity vs. Wormhole’s ephemeral transfers; very different scope.
- Syncthing: continuous sync vs. single-shot sends.
- croc: similar UX, resumable transfers and higher throughput reported, but perceived as less clearly security-audited.
- Numerous LAN- or browser-based tools (LocalSend, PairDrop, LANDrop, drop.lol, payload.app, piping-server, Copyparty, etc.) trading off encryption, GUI convenience, LAN-only operation, or web-only flows.
- Some users find the ecosystem confusing due to multiple non-interoperable tools with similar names.
Limitations, Concerns & Overall Sentiment
- No built-in transfer resume; relay bandwidth can be costly, prompting worries about long-term operation of public relays.
- Mobile/web clients often restrict file size/count for practical reasons.
- Despite caveats, overall sentiment in the thread is strongly positive: many describe it as a “just works” indispensable tool for ad-hoc secure transfers.