Skip to main content
@blindcast/player adds zero-knowledge encrypted HLS playback to any web application. It plugs into hls.js via custom loaders that intercept key fetches and decrypt segments locally in the browser — plaintext video never leaves the viewer’s device. Browser-only. This package requires MSE (Media Source Extensions) and the Web Crypto API. It does not support Node.js.

Install

pnpm add @blindcast/player hls.js
hls.js is a peer dependency — install it separately.

Browser support

Always call isPlayerSupported() before creating a player: 
import { isPlayerSupported } from "@blindcast/player"

if (!isPlayerSupported()) {
  // Show a fallback message — browser lacks MSE or Web Crypto API
}

Supported browsers

BrowserMinimum version
Chrome37+
Firefox34+
Safari11+
Edge79+
isPlayerSupported() returns false if either MSE or crypto.subtle is unavailable. This covers all modern browsers, including mobile.

10-line integration

import { createPlayer, isPlayerSupported } from "@blindcast/player"

if (!isPlayerSupported()) throw new Error("Unsupported browser")

const videoEl = document.getElementById("video") as HTMLVideoElement

const result = createPlayer(videoEl, {
  keyServerUrl: "https://keys.example.com/keys",
})
if (!result.ok) throw new Error(result.error.message)

result.value.load("https://cdn.example.com/content/my-video/manifest.m3u8")
That’s it. The player fetches the manifest, gets the content key from your key server, and decrypts each segment as it downloads.

Next steps