Transport Layer

P2P first. Relay when needed.

Voice traffic takes the shortest path the network allows. When NAT or firewall policy blocks direct connections, a passive relay forwards ciphertext between endpoints — never holding keys, never inspecting payload.

NAT traversal mechanics

Most home and enterprise networks sit behind NAT or strict firewalls that block inbound UDP. Our client probes peer reachability with ICE-style candidate gathering, then opens a direct path when both endpoints can be reached.

  • Candidate gathering on host, server-reflexive and relayed transports
  • Symmetric NAT detection falls back to relay automatically
  • No external STUN dependency on operator-controlled deployments

Fallback logic

The session always negotiates the same post-quantum key. Network mode is chosen by reachability, not by trust: if P2P fails, the relay takes over within the same RTT budget. The cryptographic envelope does not change.

  • P2P attempt window: ≤ 800 ms before relay is engaged
  • Mid-call switch supported when network conditions change
  • Same ML-KEM-1024 session secret in both modes

No metadata retention

The relay forwards packets and discards them. No call detail records, no call duration logs, no participant graphs. The only state retained is short-lived NAT mapping required to route the next packet.

  • No CDRs, no per-call billing logs, no participant graph stored
  • Packet metadata kept only for the lifetime of the NAT mapping
  • Operator-deployable: relay can run inside your own datacenter

Need a private relay deployment?

Air-gapped, sovereign, on-premise — your operators, your network, your control plane.

Request architecture brief
IMMER AKTIVER ANTI-DEEPFAKE · VERSCHLÜSSELTE UND UNVERSCHLÜSSELTE ANRUFE · KEINE DATENÜBERTRAGUNG · SOVEREIGN OPERATIONS · POST-QUANTUM ML-KEM-1024 · 3 PATENTE ANGEMELDET
IMMER AKTIVER ANTI-DEEPFAKE · VERSCHLÜSSELTE UND UNVERSCHLÜSSELTE ANRUFE · KEINE DATENÜBERTRAGUNG · SOVEREIGN OPERATIONS · POST-QUANTUM ML-KEM-1024 · 3 PATENTE ANGEMELDET