WireGuard vs Hysteria 2

TL;DR

On a stable, lossless network WireGuard and Hysteria 2 are neck-and-neck — WireGuard even has slightly less overhead. As soon as packet loss appears (5%+ is normal on mobile), Hysteria 2 pulls 2-5× ahead thanks to the Brutal congestion control. On top of that, in Russia in 2026 plain WireGuard is fingerprinted by DPI and dropped at the network layer — you need AmneziaWG (the obfuscated variant) or Hysteria 2. Lunaire ships both in one subscription.

Transport — both UDP, but different stacks

Both WireGuard and Hysteria 2 ride on UDP. The similarity ends there.

WireGuard is a self-contained L3 protocol over UDP. Each packet is an encrypted IP frame with a minimal header (~32 bytes). No congestion control inside the tunnel — WireGuard just shovels datagrams and relies on the application's TCP stack inside the tunnel for flow control.

Hysteria 2 is built on QUIC. QUIC is a full transport protocol: stream multiplexing, reliable delivery, congestion control, encryption — all in one layer over UDP. Hysteria 2 swaps QUIC's congestion control for its own Brutal and adds Salamander obfuscation.

In practice: WireGuard is thin and fast on a perfect network, but degrades along with the TCP inside the tunnel on a lossy one. Hysteria 2 is thicker (more per-packet overhead, more CPU) but handles loss at its own layer without leaning on TCP.

Congestion control — the main difference

This is the trait that brought Hysteria 2 into existence at all.

WireGuard has no congestion control. It forwards packets, and speed is regulated by whatever the application inside the tunnel uses. HTTPS inside? OS kernel TCP Cubic or BBR. QUIC inside? HTTP/3 congestion control. WireGuard itself is neutral.

This creates the classic TCP-inside-VPN problem: the inner TCP sees a packet loss (which actually happened on the real network before the VPN server), treats it as congestion, cuts the window in half. On a 5% loss network speed drops 3-5×. WireGuard does nothing about it — it doesn't even know whether a packet was lost.

Hysteria 2 with the Brutal algorithm behaves differently. Brutal takes an explicit target bandwidth from the user (e.g., "50 Mbps") and tries to hold it, ignoring packet loss as a congestion signal. The only trigger to back off is rising RTT — the real sign of a saturated pipe. On 5-10% loss Brutal holds bandwidth near nominal.

Concrete numbers from tests:

• Perfect network, 0% loss — WireGuard and Hysteria 2 tie. WireGuard can be 5-10% faster due to lower overhead.
• City mobile, 1-2% loss — both at 50 Mbps. Difference negligible.
• Crowded Wi-Fi or moving mobile, 5% loss — WireGuard 15-20 Mbps, Hysteria 2 45 Mbps. 2-3× gap.
• Bad roaming or subway, 10%+ loss — WireGuard 5-8 Mbps, Hysteria 2 35-40 Mbps. 5× gap.

That's why Hysteria 2 is especially good for mobile, streaming, and voice. Deeper context in «Discord lags through VPN».

DPI stealth

The gap here is even harsher.

WireGuard in the clear is an open book to DPI. The first byte of the handshake is 0x01 (initiation) or 0x02 (response). It's in the spec, no "encrypted wrapper" helps: even if you encrypt the whole stream, the first bytes stay recognizable.

Russian ТСПУ has been recognizing the WireGuard signature since 2023 at least. By 2026 this is the baseline — any plain WireGuard VPN is dropped at the network layer on essentially every Russian ISP.

Hysteria 2 disguises as regular QUIC traffic (HTTP/3, billions of sessions a day between Chrome and Cloudflare/Google). The TLS 1.3 handshake uses a real Let's Encrypt cert, Salamander adds random padding to the first packets — JA3/JA4 fingerprint looks like a regular HTTP/3 client.

Hysteria 2 weakness: QUIC itself draws more attention from some classifiers than regular HTTPS. On networks with aggressive QUIC filtering (some corporate firewalls) Hysteria can be blocked. Fix — fall back to VLESS Reality (TCP/443), which looks like plain HTTPS. More in «Hysteria 2 vs VLESS Reality».

AmneziaWG — WireGuard with obfuscation

Since plain WireGuard doesn't work in Russia, it's worth talking about AmneziaWG 2.0 separately — a WireGuard fork with anti-pattern parameters. Crypto-compatible, but the handshake looks different:

• Junk packets (Jc, Jmin, Jmax) — before the real handshake the client sends a few random UDP datagrams. DPI looks at the first bytes and sees noise instead of the WireGuard signature.
• Per-packet padding (S1-S4) — each packet type gets random padding, which changes the size distribution. Behavioral classifiers don't find the WireGuard pattern.
• Magic headers (H1-H4) — the first bytes of packets are modified. The classic 0x01 / 0x02 signature is gone.

AmneziaWG passes DPI, but on speed it stays plain WireGuard — no congestion control, on loss it degrades along with the inner TCP. AmneziaWG's best niche is routers, where Hysteria 2 can't run (sing-box isn't universal on older firmware) but WireGuard is supported natively.

Handshake speed

WireGuard handshake — 1 RTT for a new connection. Client sends initiation, server replies, then data. On a Moscow-Amsterdam route (RTT ~40 ms) that's ~40 ms to first byte. Very fast.

WireGuard also performs a rekey every 2 minutes — renegotiates keys for forward secrecy. Another handshake, but in the background, doesn't delay user traffic.

Hysteria 2 on a new connection — 1 RTT for the QUIC handshake (TLS 1.3 over QUIC), and data can ride with the final handshake packet (0.5-RTT). On the same route — 40-60 ms to first byte. Slightly slower than WireGuard due to TLS, but within the noise.

Hysteria 2's main edge — 0-RTT resumption. If you connected to this server recently, reconnection happens with zero RTT — data flies with the first packet. Especially useful on mobile networks where connections drop and resume frequently. WireGuard can't do that.

Security

Crypto parity — both meet modern standards.

WireGuard uses the Noise Protocol Framework:

• ChaCha20-Poly1305 for data encryption
• Curve25519 for key exchange
• BLAKE2s for hashing
• HKDF for key derivation

Forward secrecy via periodic rekey every 2 minutes. No legacy algorithms, no configurable ciphersuites — one config for everyone. That's both a plus (less room for mistakes) and a minus (less flexibility).

Hysteria 2 uses TLS 1.3:

• AES-256-GCM or ChaCha20-Poly1305 (negotiated)
• X25519 or secp256r1 for key exchange
• SHA-256 / SHA-384 for hashing

Forward secrecy via TLS 1.3 ephemeral keys per session. Compatible with any modern TLS stack, can use real Let's Encrypt certificates.

Either way the encryption is solid for decades to come given a proper implementation. The difference is purely architectural.

CPU and battery

WireGuard is noticeably more CPU-efficient. Minimal stack, simple crypto, implemented as a Linux kernel module — direct access to ChaCha20 hardware acceleration.

Hysteria 2 is a userspace process with a full TLS 1.3 stack and its own QUIC logic. CPU overhead is 2-3× higher than WireGuard kernel-module. On a phone that means a slightly faster battery drain during long VPN sessions.

In numbers: on iPhone 15 Pro, WireGuard in the background for 24 hours eats ~3-4% battery. Hysteria 2 — ~6-8%. There's a difference, but not a deal-breaker. For most uses it doesn't matter.

When to pick which

Pick WireGuard if:

• You run a home VPN — own server, static IP, no DPI on the path.
• The VPN is on a router (OpenWRT, Keenetic, AsusWRT). WireGuard is native there, Hysteria 2 isn't.
• You're building a mesh network (Tailscale, Headscale, Netbird) — they're all WireGuard.
• Battery on mobile or CPU on an embedded device (Raspberry Pi, home NAS) is critical.

Pick Hysteria 2 if:

• You're in Russia or another country with active DPI. Plain WireGuard doesn't work there.
• The network is unstable — mobile, café, crowded Wi-Fi. On loss Hysteria 2 is multiples faster.
• Voice (Discord, Zoom, WhatsApp) or streaming (YouTube 4K) matters.
• You want maximum stealth — Hysteria 2 disguises as QUIC HTTP/3.

Pick AmneziaWG if:

• You need WireGuard on a router, but in a DPI country. AmneziaWG is the compromise: router-compatible and passes filters.
• You want the WireGuard config simplicity plus DPI defense.

Why a stack matters more than one protocol

"Pick the best protocol" is an outdated framing for 2026. No single protocol covers all scenarios:

• WireGuard is fingerprinted by DPI.
• Hysteria 2 is blocked on QUIC-filtering networks.
• AmneziaWG passes DPI but doesn't handle voice on lossy networks as well as Hysteria 2.
• Reality (TCP) passes anywhere but is slower on voice.

The right architectural answer — multiple protocols in one subscription with auto-switch. The client tests each, picks the live one, switches on the fly. Detailed in «How to choose a VPN in 2026».

How Lunaire is built

Lunaire follows that exact logic. One subscription carries four protocols:

• Hysteria 2 — primary for speed and UDP. Brutal congestion control, Salamander obfuscation.
• VLESS Reality — fallback for QUIC-filtering networks. TLS 1.3 handshake under Microsoft/Apple/Cloudflare.
• VLESS xHTTP packet-up — for the toughest networks with behavioral ML classification.
• AmneziaWG 2.0 — for routers and devices without sing-box. WireGuard with the full anti-pattern set.

The Hiddify client (or Happ on iOS) picks the working protocol automatically. If UDP is filtered on your network — switch to TCP-Reality. If a node gets fingerprinted — the balancer moves you to a sibling. Setup details in the Hiddify guide.

Takeaway

WireGuard and Hysteria 2 aren't competitors — they're tools for different problems. WireGuard is the master of simplicity and efficiency on a controlled network. Hysteria 2 is the rescue in DPI environments and on flaky internet. The "pick one" framing is a false dilemma — a proper modern VPN ships both plus a couple more and switches between them on its own.

That's how Lunaire ships out of the box — four protocols in one subscription, auto-switch with no manual tuning. The free DUSK plan (1 GB/day) lets you verify on your own network: @lunairevpn_bot.