Gryt

Why Gryt?

Philosophy, trust boundaries, and a simple architecture overview

If you’re evaluating Gryt and want a single page you can share, this is it.

Gryt is a self-hosted, open-source voice chat platform with text chat and file uploads. The goal is simple: make real-time communication that you can run yourself, understand, and verify.

The short version

  • Self-host first: run the server on your own infrastructure.
  • Open source: the code is readable, auditable, and forkable.
  • Privacy is structural: the architecture is designed to avoid unnecessary trust and data collection.
  • No paywalls: features aren’t gated behind subscriptions.

Minimal identity, not a social graph

Gryt intentionally separates identity from server data:

  • Identity is used to prove “this is the same user as last time.”
  • Server data is everything that belongs to a server: channels, roles, membership, messages, and uploads.

When authentication is enabled, servers verify signed tokens and do not need to store or process your password. The server you join can still store and process the content you send to it (messages and uploads), because that’s how server-hosted communication works.

Trust boundaries (what you’re trusting)

Here’s the honest version of the trust model:

  • If you join someone else’s server, you are trusting that server operator with the data their server stores.
  • If you self-host, that operator is you.
  • Voice uses WebRTC encryption in transit (DTLS-SRTP), but media is routed through infrastructure operated by the server owner (the SFU).
  • By default, login uses the hosted identity provider at auth.gryt.chat. It issues signed tokens that servers can verify cryptographically (JWKS).

If you use the hosted web client at app.gryt.chat, also see the Privacy Policy on the site.

Architecture (simple)

Most of Gryt fits into four boxes:

  • Client: UI + audio processing + WebRTC
  • Server: chat, rooms, permissions, uploads, coordination
  • SFU: routes voice media to everyone in a channel
  • Storage: database + object storage

If you want the deeper technical diagrams and data flow, see the full Architecture page.

Skeptic FAQ

Can a server admin read my messages?

If the server stores messages, the server operator can access them. This is the same trade-off as any self-hosted chat system. Gryt’s point is that you can run the server yourself, or choose a server operator you trust.

Can the SFU listen to voice?

WebRTC encrypts voice in transit, but the SFU is part of the communication path and terminates WebRTC sessions to forward media. Practically: if you don’t control the SFU, treat it as trusted infrastructure.

What does self-hosting actually buy me?

If you run your own Gryt server, your community’s server data (messages, uploads, membership, roles) is stored on infrastructure you control. That narrows the trust surface compared to a centralized platform where all data lives under a single provider.

Further reading

Introduction

Overview of the Gryt WebRTC voice chat platform

Quick Start

Get Gryt running in under 5 minutes

On this page

The short versionMinimal identity, not a social graphTrust boundaries (what you’re trusting)Architecture (simple)Skeptic FAQCan a server admin read my messages?Can the SFU listen to voice?What does self-hosting actually buy me?Further reading