What is Seal?
Seal is a decentralized secrets management (DSM) service that relies on access control policies defined and validated on Sui. Application developers and users can use Seal to secure sensitive data at rest on decentralized storage like Walrus, or on any other on-chain or off-chain storage.
Refer to the Seal Terms of Service.
Features
-
Encryption and decryption: Seal supports encryption of sensitive data using a secret sharing mechanism, where one can encrypt sensitive data using different public keys and store those on Walrus or another storage. When needed, one can decrypt the encrypted parts using private keys generated by off-chain key servers (see the following section). To maximize privacy, Seal uses client-side encryption where the application or user is responsible to encrypt and decrypt the data.
-
Access control on Sui: Seal leverages Sui for controlling access to the decryption keys, and thus allows access control for the sensitive data itself. A user can achieve this by implementing an application-specific Move package that must follow some Seal conventions. The application-specific logic in the Move package controls when to allow or disallow access to a key, and this flexibility provides a way to realize various authorization scenarios. Refer to Seal design and Using Seal for details.
-
Decentralized gatekeeping using off-chain servers: A Seal key server is a simple and lightweight service that validates access control on Sui and generates identity-based private keys for authorized users to decrypt encrypted data. There are two kinds of key servers:
- Independent: A single operator runs a standalone server holding a master secret key. Different parties can operate their own independent key servers, allowing users to realize
t-out-of-nthreshold encryption acrossntotal key servers, wheretis the minimum number required for decryption. Seal does not require any specific key server, and applications or users can choose based on their trust assumptions or regulatory requirements. - Decentralized (committee mode): A multi-party computation (MPC) committee splits the master secret across participants so no single party holds it alone. Committee mode is currently only available on Testnet.
- Independent: A single operator runs a standalone server holding a master secret key. Different parties can operate their own independent key servers, allowing users to realize
-
Seamless access: Applications can interact with Seal key servers using software development kits (SDKs). The TypeScript SDK is available through npm.
Refer to the verified key servers for a list of available key servers in different environments. If you're interested in operating one, reach out to Sui Foundation or the Mysten Labs team.
Use cases
There are a number of Web3 use cases that could utilize Seal to secure sensitive data in a safe and scalable manner. Some of those are:
- Secure personal data on Walrus or some other storage, such that it's only accessible by the user who uploaded it.
- Share secure content stored on Walrus or some other storage with a specific allowlist of users.
- Share gated content on a content subscription application with a verified list of subscribers.
- Realize end-to-end private messages using Sui and Walrus.
- Implement secure voting and MEV-resilient trading in Move.
- And more.
Check out the Getting Started Guide.
Potential future capabilities
The Seal team is looking for community feedback on what other capabilities would make sense to add to Seal. Some options are:
- Support server-side encryption to allow decryption of the secret data by Seal key servers, as an alternative to, or an extension of, client-side encryption.
- Digital Rights Management (DRM) to allow encryption and decryption on the client side in a secure and trusted environment, similar to how popular streaming services like Netflix, YouTube, and HBO use DRM technology.
Non-goals
Even though Seal is supposed to be a generic and flexible secret management service for a variety of use cases, the following are not its supposed goals. Do not use Seal for such use cases and instead look for a more relevant product or service.
- Seal is not a key management service like AWS KMS or any other such Web2 service, in the sense that Seal backends do not store any application- or user-specific keys. A Seal key server only stores its specific master key pair, where the master public key is used by users to encrypt sensitive data, and the master private key is used to derive identity-based keys to decrypt the data.
- Seal is not a privacy-preserving technology like zkLogin. Instead, Seal is supposed to be a collection of components allowing application developers and users to secure sensitive data on-chain or off-chain by using the security properties of threshold encryption, Sui, and Move.
- Seal should not be used to store highly sensitive data like a user's wallet keys, or regulated personal data like PHI (personal health information), or any local, state, or federal government-level secret data, or other data of similar sensitivity. Some advanced capabilities might be added to Seal in the future to allow using it for some of such use cases, but those do not exist yet.
Upgrade policy
Seal strives to maintain backward compatibility. Any breaking changes to the Key Server API or the TypeScript SDK will be communicated in advance on both GitHub and in the Seal Discord channel.
The Seal team will provide a clear migration path for existing users to upgrade to new versions. New versions of the Key Server will be published under GitHub Releases and tagged with the appropriate version number.
Both the SDK and the Key Server are configured to expect specific versions from each other. Either component can reject messages from outdated or deprecated counterparties.
Contact us
For questions about Seal, use case discussions, or integration support, contact the Seal team on Sui Discord or create a GitHub issue at MystenLabs/Seal.