There is another component to the protocol,

> Only messages matching your Secret Key will ring.

I assume that's the "Secret Key" is placed in this prefix tag, '[SECRET::]' ?

Since plain-text over UDP is not very secret, I'm now motivated to look into how Wireguard is able to use PKI to only accept packets from a trusted clients. And, how that protocol could be used to generate the Secrey Key.