Encrypted contact form that never exposes plaintext to your server

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for grayguava from gravatar.com grayguava

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: grayguava
  • Requires: Python >=3.8
Report project as malware

Project description

formseal

A server-blind, browser-native encrypted form poster.

Form submissions are encrypted in the browser using X25519 sealed boxes before reaching any endpoint. The backend receives and stores opaque ciphertext only. Decryption is operator-controlled.

formseal is not a hosted service, dashboard, or SaaS product. It is a drop-in client-side utility.

Installation

Via npm (recommended)

npm install -g @formseal/embed
fse init

Via GitHub release (zero toolchain)

  1. Download the latest release artifact
  2. Unzip → drop formseal-embed/ into your project
  3. Edit fse.config.js manually

Prefer not to install globally? npx @formseal/embed init works, but subsequent fse commands won't be available — you'll need to edit fse.config.js manually.

Configure

fse configure quick

You'll be prompted for your POST endpoint and public key. See Getting started for key generation.

Security guarantee

If the POST endpoint is fully compromised, seized, or maliciously operated, previously submitted form data remains confidential.

Encryption happens in the browser. The backend stores ciphertext only. Decryption keys never exist in the backend environment. A backend compromise yields no recoverable plaintext.

Threat model

formseal is for environments where:

  • The hosting provider or backend may be compromised
  • The backend must be treated as hostile
  • Data seizure is a realistic concern
  • Retroactive disclosure must be prevented

The priority is backward confidentiality — protecting already-submitted data — not convenience or real-time administration.

How it works

On submit, formseal:

  1. Collects field values from your form by name attribute
  2. Validates them against your field rules (in fields.jsonl)
  3. Seals the payload with crypto_box_seal (Curve25519 + XSalsa20-Poly1305)
  4. POSTs raw ciphertext to your configured endpoint

Your endpoint stores the ciphertext. Only the holder of the private key can decrypt it.

Wire up your HTML

After fse init, files live in ./formseal-embed/. Reference them via your server's static path (e.g. /formseal-embed/globals.js).

<form id="contact-form">

  <!-- honeypot — hide off-screen with CSS -->
  <input type="text" name="_hp" tabindex="-1" autocomplete="off"
    style="position:absolute;left:-9999px;opacity:0;height:0;">

  <input type="text"  name="name">
  <span data-fse-error="name"></span>

  <input type="email" name="email">
  <span data-fse-error="email"></span>

  <textarea name="message"></textarea>
  <span data-fse-error="message"></span>

  <button type="submit" id="contact-submit">Send message</button>
</form>

<div id="contact-status"></div>

<script>
  window.fseCallbacks = {
    onSuccess: () => document.getElementById('contact-status').textContent = 'Sent securely.',
    onError:   (err) => console.error('formseal error:', err),
  };
</script>

<script src="/formseal-embed/globals.js"></script>

Payload format

{
  "version": "fse.v1.0",
  "origin": "contact-form",
  "id": "<uuid>",
  "submitted_at": "<iso8601>",
  "data": {
    "name": "...",
    "email": "...",
    "message": "..."
  }
}

The entire object is sealed with crypto_box_seal. Your endpoint receives raw ciphertext as the request body.

No IP, no timezone, no fingerprints — just the data you explicitly collect.

Field configuration

Fields are defined in fields.jsonl (one JSON object per line):

{"name": {"required": true, "maxLength": 100}}
{"email": {"required": true, "type": "email"}}
{"message": {"required": true, "maxLength": 1000}}

Use the CLI to manage fields:

fse configure field add phone type:tel required:false
fse configure field required name true
fse configure field maxLength message 500
fse configure field remove company

CSS hooks

Selector When
[data-fse-error="field"] Populated with a validation error
[aria-invalid="true"] Set on invalid inputs
[data-fse-status="success"] Set on status element on success
[data-fse-status="error"] Set on status element on error

What formseal does not do

  • No admin dashboard or inbox UI
  • No hosted service
  • No bundled decryption tools (yet)
  • No npm dependencies at runtime

These are intentional.

Documentation

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for grayguava from gravatar.com grayguava

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: grayguava
  • Requires: Python >=3.8

Release history Release notifications | RSS feed

3.7.0

3.6.0

3.5.0

3.4.2

3.4.1

This version

3.4.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

formseal_embed-3.4.0.tar.gz (14.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

formseal_embed-3.4.0-py3-none-any.whl (16.4 kB view details)

Uploaded Python 3

File details

Details for the file formseal_embed-3.4.0.tar.gz.

File metadata

  • Download URL: formseal_embed-3.4.0.tar.gz
  • Upload date:
  • Size: 14.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for formseal_embed-3.4.0.tar.gz
Algorithm Hash digest
SHA256 7aec9126df6ef901a9420f555380e312eb1f196f1373f4d656b1ac8dd4bc73f9
MD5 298f76fab75e58b173d395c4239d1bea
BLAKE2b-256 6117bc5e938e177ee43e153f8fd0b20d3d085a949b86338f3128b8492bdc9e6c

See more details on using hashes here.

Provenance

The following attestation bundles were made for formseal_embed-3.4.0.tar.gz:

Publisher: publish.yml on grayguava/formseal-embed

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file formseal_embed-3.4.0-py3-none-any.whl.

File metadata

  • Download URL: formseal_embed-3.4.0-py3-none-any.whl
  • Upload date:
  • Size: 16.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for formseal_embed-3.4.0-py3-none-any.whl
Algorithm Hash digest
SHA256 98590423a46ec2d911018edee8b947fa8b6fde1346913195393678cc0386d85b
MD5 b2c70189d2f2af3a220e45a4bbb59fe4
BLAKE2b-256 05e00264da778d8b9419e965aaee6042e57a29732d579a0ded64910093cab84d

See more details on using hashes here.

Provenance

The following attestation bundles were made for formseal_embed-3.4.0-py3-none-any.whl:

Publisher: publish.yml on grayguava/formseal-embed

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page