Technical Documentation v1.0

SafeStream Architecture

A Serverless, P2P Approach to Parental Monitoring

How I use WebRTC and AES-256 to keep child activity data off the cloud.

01

The Problem

Most parental control apps act as a "Man-in-the-Middle". They upload your child's entire browsing history, location, and app usage to a centralized cloud database. This creates a massive honeypot for hackers and a privacy nightmare for families.

02

The Solution

SafeStream acts as a pure P2P relay. The Parent device is the only database.

03

The Stack

ClientNative Android(Kotlin + Jetpack Compose)
ConnectivityWebRTC Data Channels
DiscoveryNSD & TURN(Local LAN & Remote Traversal)
EncryptionAES-256-GCM(Custom Implementation)
04

Architecture Diagram

[Child Device]
Kotlin + Compose
AES-256
[TURN/Relay]
Traversal & Relay
Encrypted
[Parent Device]
SQLite DB
05

How it works (Technical)

Handshake

Devices pair automatically via Network Service Discovery (NSD) on the local network, exchanging ECDH public keys to establish a secure encrypted tunnel.

Signaling

I use a lightweight Firebase Signaling service only to exchange SDP offers/answers. No user data payload ever touches Firebase.

Transport

  • If on the same LAN: Direct socket connection via NSD.
  • If remote: Traversal using STUN/TURN servers.

Data Layer

JSON payloads (activity logs) are compressed (GZIP), encrypted (AES-256), and sent over the WebRTC Data Channel.

Persistence

The Parent app decrypts the payload and stores it locally in a Room (SQLite) database.

06

Why Free? (The Business Model)

I am an indie developer, not a data mining corp.

Core features:
Free.
Costs:
Running TURN servers costs bandwidth.
Revenue:
To cover bandwidth, high-res screenshot downloads consume "Credits". Credits are refilled by watching optional rewarded ads. This keeps the infrastructure sustainable without subscriptions or data selling.
07

_JOIN_ROOT_ACCESS

We need tech-savvy parents to stress-test our P2P tunnels.

If you understand NAT traversal and care about privacy, you are the tester we are looking for. Get early access to the .apk before public release.

// BETA_PROGRAM_INITIALIZATION
* SECURE_TRANSMISSION__V1.0
08

FAQ for Developers

Is it open source?

The core crypto and P2P modules will be open-sourced soon for auditing.

What permissions does it use?

Accessibility Services (strictly for scraping video titles on-device), Usage Stats, and Location. No root required.