What you get
Player
Drop-in encrypted HLS playback for any web app. Single import, attach to a video element, point at your key server. 10 lines of code.
CLI
One command-line tool for everything server-side. Generate keys, encrypt HLS segments, upload to S3, and run a local dev server.
npx @blindcast/cli.Uploader
Browser-side upload SDK for web apps where end users upload video. Encrypts in the browser, uploads to S3 via presigned URLs. One function call.
Key Server
Reference key server as a Docker image. Pull, configure, run. Handles key derivation, authentication, leases, and presigned URLs.
How it fits together
- Creator side: The CLI (server-side) or Uploader (browser-side) encrypts HLS segments and uploads them to S3.
- Key Server: Derives per-content encryption keys from a single master key. Authenticates viewers before issuing keys.
- Viewer side: The Player fetches the manifest from your CDN, gets the content key from the key server, and decrypts each segment in the browser.
Who uses what
Ready to see it in action? Quick Start →