Serialised encrypted-message envelope - key id (so decryption can find the right key during rotation), nonce, AES-256-GCM ciphertext, HMAC tag, and a millisecond timestamp used for replay-window enforcement.