MeshCore Packet Format and Encryption

Packet Structure Overview

MeshCore packets are compact binary structures optimized for LoRa's low-data-rate radio. A typical data packet contains:

Source and destination node IDs — 8-byte public keys identifying the communicating nodes.
Sequence number — used for deduplication and replay prevention.
Hop count / TTL — limits how far the packet can travel.
Payload type indicator — identifies the type of content (text, position, route control, etc.).
Encrypted payload — the actual message content, opaque to relay nodes.
Message Authentication Code (MAC) — provides integrity verification; a corrupted or forged packet is rejected.

Encryption

MeshCore uses AES-256-CTR (Counter Mode) for payload encryption. The encryption key is derived from the sender's private key and recipient's public key using Elliptic Curve Diffie-Hellman (ECDH). Key properties of this design:

Each message pair (A→B, A→C) uses a different derived key — compromise of one conversation does not affect others.
Relay nodes forward ciphertext — they cannot read message content.
An eavesdropper capturing RF traffic sees only encrypted data.
No separate PSK to distribute — security is rooted in node key pairs generated at first boot.

Public Key Infrastructure

Each MeshCore node generates a unique X25519 key pair on first boot. The public key serves as the node's identity (node ID). There is no central key server — the public key is distributed organically through RREQ/RREP packets and advertisement broadcasts as nodes interact with the mesh.

Message Integrity

AES-256-CTR combined with a GMAC-style MAC provides both confidentiality and integrity. A forged or corrupted packet is detected and discarded before processing.

Group / Channel Messages

Channel-level broadcast messages (not point-to-point) use a channel key derived from the channel name and a PSK, similar to Meshtastic's approach. All nodes configured with the same channel key can read channel broadcasts.

Key Comparison with Meshtastic

Aspect	MeshCore	Meshtastic
Direct message encryption	ECDH key agreement per node pair (AES-256-CTR)	PKI-based end-to-end (firmware 2.3+)
Channel broadcast encryption	PSK derived from channel name + secret	Shared PSK per channel
Key distribution	Automatic via node advertisements	Manual channel key sharing
Relay node visibility	Cannot read direct message content	Cannot read content (encrypted in transit)

MeshCore's ECDH approach is more complex but stronger for direct messages — each pair of nodes has a unique shared secret. Meshtastic's shared PSK model is simpler to manage but means any node with the channel key can read all channel traffic.

MeshCore Protocol Overview

MeshCore Firmware Types

MeshCore Setup Guide

Deploying a MeshCore Repeater

Path Discovery and Route Learning

Why MeshCore Scales Better Than Flooding

Connecting to Your Device

Full Command Reference

Key Repeater Settings

Common Issues and Fixes

EasySkyMesh: Power-Optimized Firmware

Firmware Governance and Canonical Sources (April 2026)

MeshCore Governance and Community

MeshCore Python API

MeshCore Firmware Architecture

MeshCore CLI Configuration

MeshCore Security & Encryption

MeshCore CLI Commands Reference

nRF52 Power Management

MeshCore QR Code Formats

MeshCore KISS Modem Protocol

MeshCore Packet Format Reference

MeshCore Payload Format Reference

MeshCore Companion Protocol (BLE API)

MeshCore Stats Binary Frames

MeshCore Protocol Number Allocations

MeshCore CLI Commands Reference

nRF52 Power Management

MeshCore QR Code Formats

MeshCore KISS Modem Protocol

MeshCore Packet Format Reference

MeshCore Payload Format Reference

MeshCore Companion Protocol (BLE API)

MeshCore Stats Binary Frames

MeshCore Protocol Number Allocations

MeshCore Routing Architecture

MeshCore Packet Format and Encryption

MeshCore Network Topology Best Practices

Protocol Comparison Reference

Getting Started with the MeshCore App

MeshCore App: Messaging and Contacts

MeshCore App: Radio Settings and Position

Supported Hardware for MeshCore

Choosing Hardware for MeshCore vs Meshtastic

RAK WisBlock System for MeshCore

MeshCore Firmware Variants Explained

Flashing MeshCore Firmware

Keeping MeshCore Firmware Updated

MeshCore Encryption Overview

Understanding ECDH Key Exchange in MeshCore

Channel Security and Private Networks

Path-Based Routing: RREQ and RREP

MeshCore vs Meshtastic Routing: A Technical Comparison

Optimizing MeshCore for Large Networks

MeshCore Path Discovery Deep Dive

MeshCore Network Troubleshooting Reference

MeshCore Packet Format and Encryption