Abstract
Every widely-copied "connect a phone call to a realtime LLM" sample — Twilio Media Streams bridged into OpenAI Realtime, and the many forks of it — ships an application WebSocket endpoint (commonly /media-stream or /api/voice/stream) that accepts any upgrade request that knows the path. The telephony provider connects to that socket out-of-band, over the public internet, carrying no bearer credential. An attacker who learns or guesses the path can open the same socket and drive a paid realtime-inference session on the victim's account: classic toll-fraud and premium-resource abuse. This publication discloses a fail-closed trust chain that closes the hole without introducing a stateful session store or a second identity provider. Trust is anchored at the provider's per-request webhook HMAC signature — the one cryptographic fact the platform already possesses. The verified answer webhook mints a short-TTL, HMAC-SHA256 token bound to the specific call identifier, and embeds it as a query parameter in the
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Assuncao, gustavo matthew, "Webhook-Anchored Call-Bound HMAC Token Chain for Telephony Media-Stream WebSocket Upgrades", Technical Disclosure Commons, ()
https://www.tdcommons.org/dpubs_series/10950