Security & privacy

Good contracts need good math.

You're writing something sensitive. What you write should not slip away, change without trace, or be impersonated. This page describes Seal's security architecture in detail — encryption, signing, data storage, even our limits.

Device-based signing

Every device generates its own Ed25519 keypair. The private key never leaves your phone — the server only sees your public key and verifies your signatures.

Ed25519 · libsodium

Tamper-evident audit chain

Every action on a receipt (create, send, revise, seal) is chained to the previous link with SHA-256. Removing or altering any record in the middle is mathematically detectable.

SHA-256 append-only

Passwordless, phone-verified

We store no passwords. Phone verification uses Twilio WhatsApp with a 6-digit OTP. Codes are stored as salted SHA-256 hashes, compared in constant time, and expire in 5 minutes.

WhatsApp OTP · Salted SHA-256

Minimum data

No email, no password, no address. Only your phone (E.164) and an optional display name. Phone numbers are masked on the public verification page.

PII minimization

End-to-end TLS

All connections (app → API, OTP, push) over HTTPS. MongoDB Atlas database is encrypted at rest, access restricted by IP allowlist.

TLS 1.3 · Atlas at-rest

Public verifiability

Every sealed receipt has a unique code. Anyone (including the parties) can verify the signatures, hash, and audit chain at getseal.app/verify/{code} independently.

Public verifiability

Detailed view

Signing model

On first launch, every device generates its own Ed25519 keypair. The private key is held in Secure Enclave / Keystore on the device and is never sent to the server. When an action is taken on a receipt (create, send, seal), the device signs a message describing the action with its private key, and the server verifies that signature against the previously registered public key. Server-side impersonation is therefore impossible — only the device holding the private key can sign on behalf of the user.

Audit chain

Each receipt has its own action log: create, send, suggest revision, accept, seal. Every action is normalized to JSON, hashed with SHA-256 together with the previous action's hash, and the result is recorded as the new chain hash. We call this the "audit chain". Tampering with a record in the middle would break every subsequent hash and is therefore detectable. The final hash on a sealed receipt is a fingerprint of its entire history.

OTP & session

Phone verification is done via Twilio WhatsApp Business with a 6-digit, 5-minute, single-use code. The OTP is never stored in plaintext — it is salted and SHA-256 hashed; comparison is constant-time (timing attack protection). 10 OTPs per phone per hour, locked after 5 failed attempts. There is no JWT in our session model; every request travels with the device UUID and the relevant Ed25519 signatures.

Data storage & PII

No password, email, address, or payment info is stored on the server. Only the verified phone number (E.164), an optional display name, and the receipt contents. Receipts live in MongoDB Atlas (EU region); Atlas applies AES-256 at-rest encryption, connections use TLS 1.3, and access is restricted to an IP allowlist. Our application server runs on Railway with auto-managed HTTPS. Field-level encryption is not applied today; it's on our roadmap.

Public verify

Every sealed receipt has a unique "SEAL-XXXXX" code. The getseal.app/verify/{code} page is public — without installing the app, anyone can view the contents of a sealed receipt, the parties (with masked phone numbers), signature fingerprints, and the audit chain. This page exists to satisfy the "third party can verify" requirement; half the value of a seal comes from here.

Legal note

Seal produces a strong, digitally signed evidence document — but it does not replace qualified e-signatures (e.g. Turkish NES, EU eIDAS QES). For high-value or formal transactions like deeds and corporate filings, combine Seal with a notary or qualified e-signature. For the vast majority of everyday agreements, Seal stands on its own.