Security

A simple public model, explained at a high level.

Relay Sessions public pages describe the security posture without exposing implementation details, internals, or private Relay systems.

Temporary Session ID

A short-lived room reference for invited participants.

Join Phrase

A separate invitation proof chosen or generated by the owner.

Owner approval

Manual approval before a joiner enters the room.

Encrypted design

End-to-end encryption is the intended privacy boundary.

Broker role

The final app design should keep the server or broker focused on routing encrypted live traffic and temporary join state only.

  • No raw Join Phrase should be stored server-side in the final app design.
  • No message plaintext should be available to the broker in the final app design.
  • No private keys should be available to the broker in the final app design.
  • No durable message history for public Sessions.

Public Sessions are separate

Public Sessions should be isolated from private Relay. This site does not include backend session logic, WebSocket broker logic, private pairing code, production identifiers, secrets, or crypto implementation details.