Every one of these is something a relay does today, on the shipping 0.24.2 line — not a generic "can be used for." The newest patterns lean on blind shard dispersal, proof-of-retrievability, and verifiable randomness.
01
Encrypted handoff with a TTL the network enforces
Send an encrypted blob to a quorum of relays and get signed receipts back. Recipients can prove the quorum took custody before they unseal. The TTL is enforced protocol state, not a config toggle — and if a relay keeps serving past expiry, witness tombstones surface it.
Best for: document escrow, time-bounded access grants, ephemeral sharing, key escrow with auditable expiry.
02
Public plaintext, blind custody
Encrypt content with a random key, store the ciphertext anywhere, then disperse the key as k-of-n self-verifying blind shards across independent relays. No single operator — and no k-1 colluding — can produce the plaintext; any k shards rebuild it at the reader's edge.
Best for: key escrow, secret custody, encrypt-and-forget archives, splitting trust across operators you don't control.
03
Provable archive durability
Mark a drive durable and AutoHeal recruits verified replicas across ≥4 regions and ≥5 operators, holding a +2 buffer over the SLO floor. Then challenge any relay with a random block — storage-proof returns a signed Merkle proof it holds your data, checked against the drive key alone. Durability you can audit, not assume.
Best for: package mirrors, public datasets, multi-region read replicas, anything that must stay provably available.
04
Unbiasable randomness & fair selection
Draw a lottery, elect a leader, seat a jury, or deal a deck with randomness anyone can verify and no operator can bias (RFC 9381). select draws a weighted committee without replacement; a chained beacon publishes world-readable rounds the operator can't grind or skip.
Best for: chain-free governance, fair queues and sortition, verifiable dispute panels, provably-fair games.
05
Privacy-preserving messaging & storage
Apps declare privacyTier: 'p2p-only' and the relay handles only opaque ciphertext — catalogs are redacted, the gateway returns 403, peers connect P2P with the data key out-of-band. The relay can prove it stores your data without ever decrypting it.
Best for: wallets, medical apps, encrypted messaging, identity storage — anything a user wouldn't want an operator reading.
06
Single-writer signed feeds for real P2P apps
The pattern behind Peerit: every author's posts are signed and opaque to the relay, appended to a single-writer outboxlog, and synced over a token-gated bridge. Operators get a takedown surface keyed on opaque (appId, key) ids — liability parity without ever reading content.
Best for: P2P social and forums, activity feeds, audit logs, any app that needs relay-assisted sync but keeps its own truth.