Patient
did: —1. Generate cryptographic identity
2. Sign consent token
3. Establish session key (ECDH)
4. Encrypted session
5. Encrypted video/audio (frame-level AES-GCM)
Every frame is AES-GCM encrypted client-side before it reaches the relay (Chrome/Edge required — Insertable Streams).
Relay Server (Untrusted Zone)
no keys stored hereThis panel shows exactly and only what the server ever receives. No private keys, no plaintext session content — if the architecture is sound, this feed should only ever contain signed tokens, public keys, and ciphertext.
Provider
did: —1. Generate cryptographic identity
2. Verify consent token
3. Establish session key (ECDH)
4. Encrypted session
5. Encrypted video/audio (frame-level AES-GCM)
Incoming consent token from
Waiting for incoming encrypted call…