I’m looking for some technical guidance regarding the streaming architecture of the TOD.tv platform. I’ve been studying various DRM-protected services, but TOD seems to have a more sophisticated implementation compared to others.

I have a few questions for the experts here who have experience with DASH/Widevine environments:

Stream Discovery: Is there a reliable method to identify and capture the original manifest URL for their live and VOD content? Traditional network sniffing often fails to provide a link that remains valid for external playback.

License Handshake: I’m curious about the specific requirements for their license server requests. Does the platform utilize additional layers of security, such as License Wrapping or HMAC signatures, that prevent standard decryption attempts?

Real-time Decryption: In a research context, once the decryption keys are identified, what is the best approach to handle the stream in real-time? I am particularly interested in how to feed these keys into a media player to achieve stable playback without having to download the chunks first.

Device Simulation: Since this platform is highly optimized for mobile and web, does it favor certain Client ID levels (like Widevine L3) for web-based browsers, or is there a stricter hardware-backed requirement for their higher quality streams?

I’m eager to learn more about the logic behind their DRM handshake and if there are any known technical hurdles or "best practices" when analyzing such high-security streams.

Any insights or pointers toward relevant documentation would be very helpful.

Thank you in advance!