https://reggiespace.ca/projects/soundcloud-media-streaming
soundcloud:-media-streaming.ts
Back to Projects

Soundcloud: Media Streaming

GolangAWSTerraform
Live Demo
Soundcloud: Media Streaming

Project Overview

I built a service we call Encryptor, a mission-critical security and media processing service within SoundCloud’s Media Streaming infrastructure. Designed to safeguard intellectual property, this high-concurrency service provides on-demand encryption and Digital Rights Management (DRM) for one of the world's largest audio catalogs.

By integrating robust protection directly into the streaming pipeline, the project ensures that copyrighted content remains secure while maintaining high-performance delivery to millions of listeners.

My Role & Impact

As a Senior Software Engineer from REDspace, I architected and implemented the core encryption engine. My focus was on balancing the rigorous security requirements of DRM with the extreme throughput demands of a global streaming platform.

Low-Level Media Manipulation

To support modern streaming standards, I implemented deep-level parsing of Fragmented MP4 (fMP4) files. This involved traversing the ISO Base Media File Format to identify specific atoms (boxes) and programmatically editing them to inject relevant encryption metadata.

This granular control allowed us to support seamless playback across various DRM-enabled devices.

End-to-End DRM Orchestration

I played a key role in the integration between the Encryptor and the License Manager service. I facilitated the workflow where DRM keys were securely retrieved and packaged into DRM certificates, which were then delivered to the client-side player to authorize playback.

High-Concurrency Architecture

To handle the massive volume of the SoundCloud library, I architected the backend using Go (Golang) and AWS ECS. This technology stack enabled high-concurrency audio encoding and packaging, significantly improving processing throughput compared to legacy workflows.

Strengthening Content Security

The implementation of this DRM solution contributed to a 30% reduction in digital piracy. This initiative was vital in mitigating financial risks and protecting the creative work of artists by ensuring content is accessible only through authorized channels.

Technical Architecture

The project required a highly resilient and scalable pipeline capable of processing media assets in real time while maintaining strict security protocols.

Scalable Backend

  • Built with Go (Golang) for superior performance in high-concurrency environments and efficient binary data handling
  • Containerized using Docker and orchestrated with AWS ECS, allowing dynamic scaling based on ingestion spikes

Infrastructure as Code

  • Managed complex AWS environments using Terraform
  • Ensured security-sensitive infrastructure was reproducible, auditable, and production-ready

Technical Stack

Languages

  • Go (Golang)

Cloud & DevOps

  • AWS (ECS, S3, SQS)
  • Terraform (Infrastructure as Code)
  • Docker

Security & Media

  • fMP4 Atom Parsing & Manipulation
  • DRM (Digital Rights Management)
  • License Manager Integration
  • AES Encryption
  • Widevine
  • FairPlay
main*
UTF-8TypeScript JSX