Benefic
How Benefic Protects Your Privacy
A deep dive into Benefic's security architecture — direct P2P connections, DTLS-SRTP encryption, zero-knowledge design, and no port forwarding.
1 min read
Benefic is built from the ground up with privacy as a core principle. Here’s exactly how your data stays protected.
Direct Peer-to-Peer Connections
All media streaming in Benefic happens over direct WebRTC peer-to-peer connections:
- No relay servers — your media never passes through Benefic’s infrastructure
- No central processing or caching of your content
- Benefic does not use a TURN server for media relay
Encryption Standards
Every WebRTC session is secured with DTLS-SRTP, which provides:
- Authentication between your devices
- Integrity protection for all transmitted data
- End-to-end encryption for audio, video, and metadata
- Benefic never holds your encryption keys
Zero-Knowledge Architecture
Benefic operates as a signaling coordinator only:
- No media is ever routed through Benefic’s infrastructure
- No logs of filenames, directories, or playback history
- No access to your metadata
- No visibility into who watches what, when, or where
No Port Forwarding Required
Unlike traditional self-hosting solutions, Benefic requires:
- No public ports on your router
- No internet-facing services exposed
- No inbound firewall rules
- No external attack vectors from open ports
WebRTC’s STUN signaling handles NAT traversal automatically.
Comparison: Benefic vs. Traditional Self-Hosting
| Feature | Benefic | Plex / Emby / Jellyfin |
|---|---|---|
| Remote setup | Automatic P2P | Port-forwarding or VPN required |
| Security | End-to-end encrypted WebRTC | TLS to a publicly reachable server |
| Traffic flow | Direct device-to-device | Through a central hub |
| Internet exposure | None | Requires open ports |
| Privacy | Zero-knowledge | Server has full visibility |
| Setup ease | Simple sign-in | Router and network configuration |
| Streaming path | Direct WebRTC | Server intermediary |