A Privacy Promise That Can Be Broken Bitcoin Core version 31.0, released in April 2026, shipped a new optional feature called -privatebroadcast. The feature routes transaction broadcasts excl
Bitcoin Core version 31.0, released in April 2026, shipped a new optional feature called -privatebroadcast. The feature routes transaction broadcasts exclusively through Tor or I2P, so that a recipient node never learns the sender's IP address or geolocation. For privacy-conscious node operators, it was a meaningful upgrade. But a flaw found shortly after release undermines the core guarantee.
Developers have confirmed a privacy bug in the -privatebroadcast feature that may cause the originator's IP address to be revealed to the receiving peer under certain network conditions.The trouble begins when the software attempts an encrypted connection to another node on the network. If that attempt fails, it quietly retries over a normal, unencrypted connection, skipping Tor entirely.
What makes this particularly serious is that the failure can be forced. A malicious peer can deliberately cause the encrypted handshake to fail, triggering the fallback and exposing the sender's real IP address in the process.
The bug only affects users running version 31.0 who have explicitly enabled the feature. Standard wallet transactions remain unaffected.Developers credit researcher Eugene Siegel with the discovery.
Developers published the advisory on June 6.@bitcoincoreorg then amplified it publicly on X on June 11. A fix is forthcoming and will be released with Bitcoin Core 31.1.
Until version 31.1 ships, affected users should disable the feature or route all their traffic through Tor. For most Bitcoin users who do not run a node with -privatebroadcast enabled, no action is required.
The episode is a reminder that newly introduced privacy tooling carries inherent risks in its early versions, even when the intent and design are sound. The broader Bitcoin network and its transaction relay layer are unaffected.
Sources:BeInCrypto: Bitcoin Core Developers Find Privacy Bug That Can Leak User IP AddressesBitcoin Core 31.0 Release Notes
