WireGuard FPGA RTL open-source implementation

Leon Woestenberg leon at sidebranch.com
Mon Aug 21 19:42:31 UTC 2023

Hello all,

Our FPGA (RTL)  implementation of WireGuard* is now released as open
source, here:


The implementation reaches 100 Gbit/s on AMD (formerly Xilinx) Alveo
U50 per direction and is currently limited to 1K sessions.

This is a true *inline* accelerator where one end of the FPGA
(Ethernet) is encrypted and the other is plaintext (Ethernet or PCIe
depending on FPGA board). The full protocol is implemented on the
FPGA. The data path with symmetric crypto is implemented in RTL (using

The session management is currently mostly implemented in software on
a RISC-V SoC, but we already had the x25519 crypto accelerated, as
well as some handshake primitives, and are moving this more and more
into RTL.

*It is not finished, but we think we started with all the hard parts
(i.e. non-trivial ports) and have 25% left to do before we can call
this WireGuard.

Our current release is targeted at developers, not end-users. We
decided not to release any integration code yet, as we cannot support
an in-rush of "issues" where people cannot get this to run on their
favorite FPGA board. We hope the project gets some sponsorship from
FPGA (board) vendors to support their platforms.

I would like to thank contributors to SpinalHDL and Corundum,
especially Charles Papon and Alex Forencich as they have been our
(indirect) main contributors of the project by providing an excellent
FPGA HDL/RTL development language resp. an excellent Ethernet/PCIe
FPGA NIC, as a starting point for our development.


Leon Woestenberg
leon at sidebranch.com

More information about the WireGuard mailing list