Relay
- Assets
- In-transit frames, API keys, room membership
- Threats
- Key leakage, room hijack, quota DoS, malicious large payloads
- Controls
- HMAC keys with rotation grace slot; hard session caps; zero disk for payloads; TLS; rate limits
- Residual risk
- In-memory rooms lost on restart; operators must reconnect clients