Skip to main content
blindcast serve starts a local key server on port 4100 for development and testing. It derives content keys from your master key and serves them to the player — no Docker, no database, no auth.

Usage

Example

Flags

How it works

When the player requests GET /keys/my-video-001, the server:
  1. Reads the master key and salt from env vars or flags
  2. Derives the content key using HKDF-SHA-256 with my-video-001 as the info parameter
  3. Returns 16 raw bytes (application/octet-stream)
The player uses this key to decrypt segments fetched from your CDN or local server.
blindcast serve is for local development only. It runs with no authentication and CORS *. Never expose it to the internet. Use the Docker Key Server for production.

Development vs. production

blindcast serve is designed for local development: When you’re ready for production, switch to the Docker Key Server.