blindcast serve starts a local key server on port 4100 for development and testing. It derives content keys from your master key and serves them to the player — no Docker, no database, no auth.
Usage
Example
Flags
How it works
When the player requestsGET /keys/my-video-001, the server:
- Reads the master key and salt from env vars or flags
- Derives the content key using HKDF-SHA-256 with
my-video-001as the info parameter - Returns 16 raw bytes (
application/octet-stream)
Development vs. production
blindcast serve is designed for local development:
When you’re ready for production, switch to the Docker Key Server.