Relay and Vault Architecture

The Engineering Behind PhotonFile

PhotonFile separates file movement from file storage. Relay moves files through live, short-lived sessions. Photon Vault keeps files encrypted and available when persistence is required. Both are powered by a native C++ core built for throughput, memory control, and privacy-oriented data handling.

Two paths, different outcomes

PhotonFile is not one storage bucket with several buttons. Transfer workflows and storage workflows stay separate, so each path can use the right rules for the job.

Relay
Live delivery without default retention.
Vault
Persistent encrypted storage based on capacity.
File Pass
One-off large transfer, billed after completion.

Secure Inbox, Vault Sync, Teams, and Region Move build on those boundaries instead of turning every workflow into shared storage.

Built in C++
The core engine is native C++, giving PhotonFile direct control over streaming I/O, memory lifecycle, and how bytes move through the system. There is no interpreter or heavyweight application framework between your file and the wire.
Live relay, short-lived state
Relay streams encrypted chunks from sender to receiver while both sides are connected. It is designed for real-time forwarding, not stored delivery, background queues, or retained transfer buckets.
Vault is persistence by choice
Vault is the storage path for files that need to stay available after upload. Usage is based on stored capacity, so retained files are governed by how much you keep rather than the size of a single transfer.
Performance narrows the exposure window
Relay I/O is tuned for sustained, multi-gigabyte throughput. Faster completion means transfers spend less time in flight, with fewer moving parts between sender and receiver.
Why we use relays instead of WebRTC
WebRTC is excellent for real-time audio and video, but PhotonFile uses purpose-built relays for file transfer.
  • Predictable connections. Relay traffic follows a single controlled path instead of negotiating many peer-to-peer candidates.
  • No peer IP exchange. Sender and receiver do not need to expose network addresses to each other.
  • Large-transfer tuning. PhotonFile relays are built for sustained file streams, not generic media sessions.
  • Broad network compatibility. HTTPS and WSS work more reliably across corporate networks, firewalls, and mobile carriers.

The result is a consistent, private, high-throughput path designed specifically for moving files.

Client-side encryption by default
PhotonFile applies a client-side encryption layer on top of TLS before a file reaches the relay. Users can turn this layer off for extra browser compatibility.
  • A random symmetric key is generated per transfer with the browser's Web Crypto API.
  • File chunks are encrypted with AES-GCM before upload, so relays only see ciphertext.
  • The key is kept in the link fragment (#...), outside HTTP requests and server logs.

Anyone with the full link can decrypt in their browser. Without the key material, relay traffic is not useful on its own.

Engineered to forget
Relay minimizes surface area and lifetime: live transfer, short-lived state, no retained plaintext files, and no server-side decryption keys for client-side encrypted transfers. Vault exists for the opposite case: files you intentionally choose to keep.
What we don't publish
For security and competitive reasons, we do not publish internal network layout, server images, or detailed deployment maps. This page focuses on product behavior: Relay is short-lived by default, Vault is persistent by choice, and client-side encrypted transfers do not leave server-side keys to recover.

Want the transfer comparison? View the comparison or read the FAQ.