The core challenge was building a reliable, abuse-resistant real-time video platform without a framework safety net. Several problems compounded each other: nginx serves static files directly, bypassing Node entirely, which ruled out server-side injection of any dynamic content into HTML or JS files. Plan state had to be validated on every request without ever trusting the client, yet the frontend is purely static — so a careful promise-gating pattern was needed to delay all feature checks until the server confirmed the user's plan. WebRTC signaling had to handle not just 1-on-1 peer connections but also admin observation slots, group rooms, and ICE routing across all three — and an early architectural mistake (storing admins in a Set instead of a Map keyed by slot) caused silent ICE routing failures that were difficult to diagnose. On top of that, third-party ad js scripts reinitialise on every call, causing race conditions and visual glitches whenever the chat reconnected and ad containers were rebuilt.

Each problem was solved at the right layer rather than patched at the symptom. Plan validation uses a _planReady Promise initialized to 'free' in memory and resolved exclusively by the /api/auth/me server response — a planReady DOM event then fires reactively, gating every requirePlan() call. The signaling server's admin registry was refactored from a Set to a Map keyed by watch slot (user/stranger), giving ICE candidates and offer/answer messages a precise routing target. Ad instability was addressed by a shared loadAdIntoIframe() helper that clears the container, creates a fresh about:blank iframe, and writes the ad network code inside onload — preventing js from reinitialising against a stale DOM. Mobile vs. desktop ad units are swapped at runtime based on viewport width. Throughout, the frontend remained vanilla JS with no build step, keeping deployment friction near zero while nginx handles all static asset delivery at the edge.