In cases where the hole punching doesn’t work and the connections go through Reo’s P2P server between the endpoints, do you think the stream stays encrypted all the way through or does it get decrypted at the P2P server and then re-encapsulated before being forwarded to the requesting client?