Small Grant: PrivRec - A Privacy-Preserving Screen & Camera Recorder

Project Name: PrivRec - A Privacy-Preserving Screen & Camera Recorder

Name of the organization or individual submitting the proposal: Seifeddine Seghaier

Describe your project.

PrivRec is a privacy-focused, browser-based screen and camera recorder built on the Sia network. Users record their screen, camera, or both directly in the browser and instantly get a shareable link. Recipients open the link and watch the video in a browser player – no download required, no account needed to watch.

All recording, encryption, upload, and playback happen entirely in the browser using the Sia JS SDK. No video data ever passes through a server.


How does the projected outcome serve the Foundation’s mission of user-owned data? What problem does your project solve?

Existing screen and camera recording tools are entirely custodial. Every recording is stored on company servers in plaintext. The provider can watch, analyze, sell, or lose your video at any time. For journalists recording sensitive interviews, lawyers capturing privileged communications, developers sharing internal demos, or whistleblowers documenting evidence, this is an unacceptable risk.

PrivRec solves this by making it architecturally impossible for any third party to watch a recording. The Sia JS SDK encrypts all data client-side before it leaves the browser and uploads directly to Sia. The user holds the only decryption key. The video lives on Sia’s decentralized network. This is genuine user-owned data: not a privacy policy promise, but a cryptographic guarantee.

Are you a resident of any jurisdiction on that list? No

Will your payment bank account be located in any jurisdiction on that list? No


Grant Specifics

Amount of money requested and justification with a reasonable breakdown of expenses:

Item Detail Monthly Total
Developer 3 months × 67 hrs × $30/hr $2,000/month $6,000
Infrastructure & Hosting Live public instance $5/month $15
Total $2,005/month $6,015

Grant payments received monthly: $2,150/month over 3 months.


What is the high-level architecture overview for the grant? What security best practices are you following?

PrivRec is a fully client-side static React SPA with no server components. All recording, encryption, uploads, share URL generation, playback, and deletion are handled entirely by the Sia JS SDK running as WebAssembly in the browser. No cryptographic key material is ever sent to any remote server. All indexer usage flows through the Sia JS SDK.

Users connect their own Sia account on first visit by providing their indexer URL and completing the one-time approval flow. A BIP-39 recovery phrase is used to derive their App Key entirely in the browser. The recovery phrase is never stored. Returning users reconnect instantly via their stored App Key on the same browser, or by re-entering their recovery phrase on a new device – the Sia JS SDK re-derives the exact same App Key from it, restoring full account access.

Recorded videos are encrypted and uploaded directly to Sia from the browser. Share URLs are time-limited via the Sia JS SDK’s native shareObject() expiry parameter. Expiry duration is also stored in encrypted object metadata so the dashboard can display the expiry date for each recording. After expiry the share URL becomes invalid and the recording can no longer be accessed by anyone. Users can regenerate a new share link for any existing recording at any time from their history dashboard by calling shareObject() again with a new expiry date. Recipients stream the video directly from Sia into a browser video player – no account required to watch. Users also manage and delete their own recordings manually from the dashboard.

Security practices: no seeds stored in the browser, no key material sent to any remote server, all Sia account operations handled via the Sia JS SDK, share URLs encoded in URL fragments which browsers never transmit in HTTP requests.


What are the goals of this small grant? Please provide a general timeline for completion.

Month 1

  • Onboarding flow with indexer and user recovery phrase
  • Login flow
  • Camera only and screen only recording modes
  • Camera and microphone device selection
  • Upload recording to Sia via Sia JS SDK – user selects expiry duration before upload (1 hour, 24 hours, 7 days, 30 days, or never) stored in encrypted object metadata
  • Generate share link via Sia JS SDK sharing API
  • Recipient playback page – streams recording directly from Sia into a browser video player, no account required

Month 2

  • Recording history dashboard with share buttons
  • Picture-in-picture recording mode (camera and screen combined)
  • Ability to regenerate a new share link for any existing recording
  • Manual deletion of recordings
  • Basic account stats from Sia JS SDK account API
  • User testing and feedback

Month 3

  • React and Tailwind recording interface with device selector, mode toggle, real-time timer, and preview
  • Share result page with link and expiry information
  • Settings page for indexer configuration
  • Self-hosting documentation
  • Final security review and public release

Who is the target user for your project?

Both the average user and the privacy-focused user who wants a simple, trustless alternative to custodial screen recording tools. This should be usable for both mainstream and professional use cases – from developers sharing internal screen recordings to journalists and researchers who need a credible zero-knowledge guarantee.


What are your plans for this project following the grant?

Once the grant is wrapped up, the main focus will be listening to user feedback and improving the experience. Planned future releases include a desktop application for Windows and macOS enabling system audio capture and native recording.


Potential risks that will affect the outcome of the project:

  • Browser recording compatibility – MediaRecorder API codec support varies across browsers. Mitigated by detecting supported codecs at runtime and falling back to WebM with VP8 and Opus.
  • Large video file sizes – Mitigated by using the Sia JS SDK’s streaming upload and download APIs throughout.
  • Video playback buffering – Streaming large encrypted videos from Sia may introduce buffering. Mitigated by using the Sia JS SDK’s streaming download API with a progressive browser video player.

Development Information

Contact Information

Hi @Seghaier-Seifeddine - thank you for this proposal. We’ve reached capacity for next week’s Grants Committee meeting, so this proposal will be slotted for review during the next meeting on May 26th.

Thank you for your patience.

1 Like

Hi @Seghaier-Seifeddine - a note that your infrastructure and hosting budget item seems a bit high for something that “doesn’t have a server component.” Since it’s client side only, we’d recommend Cloudflare’s serverless free tier or fly.io at $5/month is most likely more than enough.

Please note all revisions will need to be completed by Wednesday, May 20 by 5pm ET at the latest in order for this project to be put before the Committee at next week’s meeting. We also have a cap for how many proposals can be reviewed at once that we are close to hitting, so keep this mind.

1 Like

Hi @mecsbecs , thanks for the feedback — I’ve updated the infrastructure cost accordingly

1 Like

Thanks for your proposal to The Sia Foundation Grants Program.

After review, the Committee has decided to approve your proposal. Congratulations! They’re excited to see what you can accomplish with this grant. The Committee also requests you be mindful of the limitations of technical details and surface them in the UI.

We’ll reach out to your provided email address for onboarding. Onboarding can take a couple of weeks, so prepare to adjust your timelines accordingly.

1 Like

Monthly Grant Report - June 2026

Project: PrivRec

What progress was made on your grant this month?

This month PrivRec went from initial commit to a working end-to-end app covering nearly all of Milestone 1. The full pipeline now functions entirely client-side: a user onboards with a BIP-39 recovery phrase, records their screen or camera in the browser, encrypts and uploads the recording directly to Sia via the Sia JS SDK, picks a link expiry, and gets a shareable link. Recordings stream back out of Sia into a browser video player using MediaSource for progressive playback, with a full-buffer blob fallback for browsers without MSE.

Alongside the features, I invested in security and code quality: the Sia App Key is encrypted at rest with a non-extractable AES-GCM key held in IndexedDB (only ciphertext touches localStorage), the production build ships a strict Content-Security-Policy, and share/approval URLs are validated against dangerous schemes. The project is fully buildable, lint-clean, and covered by 30 passing unit tests.

I was able to record a multi-minute screen capture, encrypt and upload it to Sia, generate an expiring share link, and stream it back in a fresh browser tab — confirming the record → encrypt → upload → share → play loop works in practice.

Detail of tasks worked on this month per milestone

Milestone Tasks Pull Request(s)
Onboarding & indexer Vite + React 19 + Tailwind v4 SPA scaffold with WASM init and auth-gate routing; Sia JS SDK integration wrapper (lib/sia.js) for connect, approval, reconnect, upload, and share; onboarding flow with recovery-phrase generation/entry, custom indexer support. #1, #2, #3
Login Returning-user login via stored App Key; phrase re-entry on a new device re-derives the same key #2, #3
Encrypted key storage At-rest App Key encryption with a non-extractable AES-GCM key in IndexedDB (lib/keyStore.js); recovery phrase never stored #2
Recording Camera-only and screen-only modes via MediaRecorder (hooks/useRecorder.js) with runtime codec detection, camera and microphone device selection #4
Upload & share Upload to Sia with user-selected expiry (1h/24h/7d/30d/Never) stored in encrypted object metadata; share-link generation via SDK shareObject() with native expiry #5
Playback Recipient playback page with progressive streaming via MediaSource, a full-buffer blob fallback, and friendly error mapping for expired/invalid links #6
Security & quality Strict production CSP, security headers (frame-ancestors, nosniff), URL scheme validation, and open-redirect protection; 30 passing unit tests, ESLint clean, and lib/ module organization #1, #2, #5, #6

Were there any problems encountered this month?

  • Browser codec variance. MediaRecorder codec support differs across browsers; mitigated by detecting supported MIME types at runtime and falling back to WebM/VP8/Opus.

What will you be working on next month?

  • Implement the no-account recipient playback flow
  • Recording history dashboard with share buttons
  • Picture-in-picture recording mode (camera + screen combined)
  • Regenerate a new share link for any existing recording
  • Manual deletion of recordings
  • Basic account stats from the Sia JS SDK account API
  • User testing and feedback
1 Like

Hi @Seghaier-Seifeddine - thank you for your progress report. Your reviewer noted out of your Milestone 1 deliverables, the following was still outstanding:

  • Recipient playback page, streams from Sia into a browser player, no account require PARTIAL: streaming works, but “no account required” not met, gated on viewer’s own account (Play.jsx#L131, PR #6)

Note: this will be required to be completed in Milestone 2.

Next time, clearly call out if any work has been missed throughout the month in comparison to what was outlined in your proposal for the milestone, along with the reasoning or justification for the deliverable’s absence. Certain items can be carried forward or moved between milestones provided there is solid reasoning and a need.

Additionally, please incorporate the following feedback in your work over the next couple of months:

  • add descriptions to PRs
  • Consider using TypeScript with types
  • and finish no-account playback

The team looks forward to seeing what you do over the next month!

1 Like

Hi @mecsbecs , thank you for the detailed review and the valuable feedback.

I appreciate you pointing out the outstanding deliverable and the areas for improvement. You’re right that the “no account required” playback was only partially completed during Milestone 1.

I included this item under “What will you be working on next month?” because there was less than a month between the grant approval and the progress report, so I prioritized getting the streaming functionality working first. I’ll complete the no-account playback as part of Milestone 2, as noted in the review.

I’ll also make sure future progress reports explicitly highlight any incomplete deliverables, along with the reasoning and plan for completing them. Additionally, I’ll incorporate the suggested improvements by adding better descriptions to PRs and considering the use of TypeScript with proper types going forward.

Thank you again for the constructive feedback. I look forward to sharing the progress in the next milestone.

1 Like