Cloudflare has unveiled Orange Meets, a groundbreaking end-to-end encrypted (E2EE) video calling application that combines cutting-edge security with open-source accessibility. Released on June 26, 2025, this innovative platform leverages advanced technologies including Messaging Layer Security (MLS), Rust programming, and WebAssembly (WASM) to deliver unprecedented security for browser-based video communications.

Technical Foundation and Architecture

Orange Meets operates as part of Cloudflare Realtime (formerly Cloudflare Calls), utilizing a Selective Forwarding Unit (SFU) architecture that enables scalable media transmission while maintaining robust security standards. This approach addresses a fundamental challenge in video conferencing: balancing performance with privacy protection.

Understanding SFU Technology and Privacy Challenges

Traditional SFU Limitations

Selective Forwarding Units serve as central hubs that receive audio and video streams from participants and efficiently relay them to other meeting attendees. While this architecture provides excellent scalability for multi-participant calls, it traditionally creates significant privacy vulnerabilities.

In conventional implementations, SFUs handle unencrypted media streams, potentially allowing system operators to access and monitor communication content. This limitation has long been a concern for organizations requiring strict confidentiality in their video communications.

Cloudflare’s E2EE Solution

The Orange Meets E2EE implementation fundamentally transforms this paradigm by ensuring that call media can only be decrypted by the intended participants. The SFU and other relay nodes remain completely unable to access the actual conversation content, creating a zero-trust architecture for video communications.

Advanced Encryption Implementation

MLS Protocol Integration

The application employs the Internet Engineering Task Force (IETF) standardized Messaging Layer Security (MLS) protocol, which provides sophisticated capabilities for group communications:

Key Management Features

  • Continuous key rotation throughout the conversation lifecycle
  • Secure participant addition without compromising existing security
  • Safe member removal with immediate key updates
  • Forward secrecy protection for all communications

Group Communication Security

The MLS protocol specifically addresses the complexities of group video calls, where traditional point-to-point encryption schemes become inadequate. By implementing dynamic key management, Orange Meets ensures that security remains intact even as participants join and leave meetings.

Rust and WebAssembly Architecture

High-Performance Encryption Processing

Video and audio encryption operations are implemented in Rust, providing both security and performance advantages:

  • Memory safety prevents common security vulnerabilities
  • High-performance execution minimizes latency impact
  • Cross-platform compatibility through WebAssembly compilation
  • Browser-native execution without requiring plugins or extensions

Real-Time Media Processing

The system utilizes WebRTC’s Encoded Transform API (RTCRtpScriptTransform) to process media streams at the frame level:

  1. Outgoing streams are divided into individual frames
  2. Each frame receives individual encryption processing
  3. Encrypted frames are transmitted through the SFU infrastructure
  4. Receiving clients decrypt frames before browser rendering
  5. Standard media streams are presented to users seamlessly

Codec Compatibility and Header Management

Orange Meets implements a sophisticated approach to video codec compatibility, drawing inspiration from Discord’s DAVE protocol. The system maintains codec functionality by:

  • Preserving essential header bytes in plaintext format
  • Encrypting media payload data while maintaining playback compatibility
  • Supporting VP8 and other standard codecs without modification requirements
  • Ensuring seamless browser integration with existing WebRTC implementations

Innovative Participant Management

Designated Committer Algorithm

Cloudflare developed a custom “Designated Committer Algorithm” that enhances traditional MLS implementations:

Client-Side Security Processing

  • Eliminates external proposal dependencies from the MLS specification
  • Processes all participant changes entirely on client devices
  • Maintains security integrity without relying on server-side operations
  • Reduces attack surface by minimizing server trust requirements

Formal Verification and Testing

The algorithm underwent rigorous validation using TLA+ formal verification tools, ensuring robustness against edge cases including:

  • Participant ordering conflicts during simultaneous join/leave operations
  • State transition anomalies during network disruptions
  • Security boundary maintenance across various scenarios
  • Consistency guarantees for distributed participant management

User Security Verification Features

Safety Number System

Orange Meets incorporates a “Safety Number” verification system that enables users to independently verify communication security:

Visual Security Indicators

  • Persistent on-screen display of unique meeting identifiers
  • Cross-channel verification through external communication methods
  • Man-in-the-middle attack detection through number comparison
  • Real-time security status updates during calls

Independent Verification Process

Users can verify call security by comparing Safety Numbers through separate communication channels (such as Signal messaging or phone calls), providing an additional layer of security assurance independent of the video calling infrastructure.

Future Security Enhancements

Web Application Security Standards

Cloudflare is actively contributing to emerging security standards that will further enhance Orange Meets’ security posture:

Application Integrity Verification

Web Application Manifest Consistency, Integrity, and Transparency standards will enable:

  • Detection of JavaScript code tampering in delivered web applications
  • Verification of application authenticity before execution
  • Protection against supply chain attacks on web-based applications
  • Enhanced trust in browser-delivered security applications

Identity Authentication Systems

OpenPubkey integration represents future enhancements for:

  • Certificate authority-backed identity verification
  • Cryptographic proof of participant identity
  • Enhanced authentication beyond simple username/password systems
  • Integration with existing PKI infrastructure

Open Source Availability and Implementation

Accessibility and Deployment Options

Orange Meets is completely open-source, allowing anyone to freely use, modify, and deploy the application. The platform offers multiple access methods:

Public Deployment

  • Live demonstration available at e2ee.orange.cloudflare.dev
  • Immediate testing without installation requirements
  • Full feature access through web browser interface
  • No registration required for basic functionality

Self-Hosted Implementation

  • Complete source code available through GitHub repositories
  • Docker containerization support for easy deployment
  • Customization capabilities for enterprise requirements
  • Private infrastructure deployment for maximum control

Developer Resources and Documentation

The open-source release includes comprehensive resources for developers:

  • Detailed implementation guides for custom deployments
  • API documentation for integration with existing systems
  • Security architecture explanations for audit and verification
  • Example configurations for various deployment scenarios

Industry Impact and Competitive Landscape

Market Position and Differentiation

Orange Meets enters a competitive video conferencing market with several key differentiators:

Security-First Design Philosophy

Unlike traditional platforms that add security as an afterthought, Orange Meets was architected from the ground up with E2EE as a core requirement, not an optional feature.

Open Source Transparency

The complete open-source availability allows security professionals and organizations to:

  • Audit the complete codebase for security vulnerabilities
  • Verify encryption implementations against published standards
  • Customize security policies for specific organizational requirements
  • Contribute improvements back to the community

Performance and Scalability

By leveraging Cloudflare’s global infrastructure, Orange Meets provides:

  • Low-latency connections through geographically distributed servers
  • High availability through redundant infrastructure
  • Scalable architecture supporting large participant counts
  • Reliable performance backed by enterprise-grade infrastructure

Implications for Privacy-Conscious Organizations

The release of Orange Meets addresses critical needs for organizations requiring verified secure communications:

Government and Defense Applications

  • Classified information protection through verified E2EE
  • Supply chain security through open-source auditability
  • Compliance requirements met through transparent security implementation
  • National security considerations addressed through self-hosting capabilities

Healthcare and Financial Services

  • HIPAA compliance support through comprehensive encryption
  • Financial data protection meeting regulatory requirements
  • Patient privacy safeguards in telemedicine applications
  • Audit trail capabilities for compliance documentation

Enterprise Security Requirements

  • Intellectual property protection for sensitive business discussions
  • Competitive intelligence safeguards during strategic planning
  • Merger and acquisition confidentiality during negotiations
  • Board meeting security for sensitive corporate governance

Technical Specifications and Requirements

Browser Compatibility and System Requirements

Orange Meets supports modern web browsers with WebRTC and WebAssembly capabilities:

Supported Platforms

  • Chrome/Chromium version 90 and later
  • Firefox version 89 and later
  • Safari version 14 and later
  • Edge version 90 and later

Performance Considerations

  • Minimum 2GB RAM for optimal performance
  • Stable internet connection with at least 1 Mbps upload/download
  • Modern CPU supporting WebAssembly execution
  • Hardware acceleration recommended for large group calls

Security Architecture Details

Encryption Specifications

  • AES-256-GCM for symmetric encryption of media streams
  • ECDH P-256 for key exchange operations
  • SHA-256 for cryptographic hashing requirements
  • Ed25519 signatures for authentication processes

Network Security Features

  • Perfect Forward Secrecy through ephemeral key generation
  • Replay attack protection through sequence number validation
  • Network packet authentication preventing tampering
  • Secure key derivation using HKDF standards

Share this post

Author

Editorial Team
Editorial Team
The Editorial Team at Security Land is comprised of experienced professionals dedicated to delivering insightful analysis, breaking news, and expert perspectives on the ever-evolving threat landscape

Comments