Encrypted contact form that never exposes plaintext to your server

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for grayguava from gravatar.com grayguava

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: grayguava
  • Requires: Python >=3.8
Report project as malware

Project description

formseal

A server-blind, browser-native encrypted form poster.

Form submissions are encrypted in the browser using X25519 sealed boxes before reaching any endpoint. The backend receives and stores opaque ciphertext only. Decryption is operator-controlled.

formseal is not a hosted service, dashboard, or SaaS product. It is a drop-in client-side utility.

Installation

Via pipx (recommended)

pipx install formseal-embed

Via pip

pip install formseal-embed

Configure

fse configure quick

You'll be prompted for your POST endpoint and public key. See Getting started for key generation.

Security guarantee

If the POST endpoint is fully compromised, seized, or maliciously operated, previously submitted form data remains confidential.

Encryption happens in the browser. The backend stores ciphertext only. Decryption keys never exist in the backend environment. A backend compromise yields no recoverable plaintext.

Threat model

formseal is for environments where:

  • The hosting provider or backend may be compromised
  • The backend must be treated as hostile
  • Data seizure is a realistic concern
  • Retroactive disclosure must be prevented

The priority is backward confidentiality — protecting already-submitted data — not convenience or real-time administration.

How it works

On submit, formseal:

  1. Collects field values from your form by name attribute
  2. Validates them against your field rules (in fields.jsonl)
  3. Seals the payload with crypto_box_seal (Curve25519 + XSalsa20-Poly1305)
  4. POSTs raw ciphertext to your configured endpoint

Your endpoint stores the ciphertext. Only the holder of the private key can decrypt it.

Wire up your HTML

After fse init, files live in ./formseal-embed/. Reference them via your server's static path (e.g. /formseal-embed/globals.js).

<form id="contact-form">

  <!-- honeypot — hide off-screen with CSS -->
  <input type="text" name="_hp" tabindex="-1" autocomplete="off"
    style="position:absolute;left:-9999px;opacity:0;height:0;">

  <input type="text"  name="name">
  <span data-fse-error="name"></span>

  <input type="email" name="email">
  <span data-fse-error="email"></span>

  <textarea name="message"></textarea>
  <span data-fse-error="message"></span>

  <button type="submit" id="contact-submit">Send message</button>
</form>

<div id="contact-status"></div>

<script>
  window.fseCallbacks = {
    onSuccess: () => document.getElementById('contact-status').textContent = 'Sent securely.',
    onError:   (err) => console.error('formseal error:', err),
  };
</script>

<script src="/formseal-embed/globals.js"></script>

Payload format

{
  "version": "fse.v1.0",
  "origin": "contact-form",
  "id": "<uuid>",
  "submitted_at": "<iso8601>",
  "data": {
    "name": "...",
    "email": "...",
    "message": "..."
  }
}

The entire object is sealed with crypto_box_seal. Your endpoint receives raw ciphertext as the request body.

No IP, no timezone, no fingerprints — just the data you explicitly collect.

Field configuration

Fields are defined in fields.jsonl (one JSON object per line):

{"name": {"required": true, "maxLength": 100}}
{"email": {"required": true, "type": "email"}}
{"message": {"required": true, "maxLength": 1000}}

Use the CLI to manage fields:

fse configure field add phone type:tel required:false
fse configure field required name true
fse configure field maxLength message 500
fse configure field remove company

CSS hooks

Selector When
[data-fse-error="field"] Populated with a validation error
[aria-invalid="true"] Set on invalid inputs
[data-fse-status="success"] Set on status element on success
[data-fse-status="error"] Set on status element on error

What formseal does not do

  • No admin dashboard or inbox UI
  • No hosted service
  • No bundled decryption tools (yet)
  • No npm dependencies at runtime

These are intentional.

Documentation

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for grayguava from gravatar.com grayguava

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Author: grayguava
  • Requires: Python >=3.8

Release history Release notifications | RSS feed

3.7.0

3.6.0

3.5.0

3.4.2

This version

3.4.1

3.4.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

formseal_embed-3.4.1.tar.gz (13.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

formseal_embed-3.4.1-py3-none-any.whl (15.9 kB view details)

Uploaded Python 3

File details

Details for the file formseal_embed-3.4.1.tar.gz.

File metadata

  • Download URL: formseal_embed-3.4.1.tar.gz
  • Upload date:
  • Size: 13.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for formseal_embed-3.4.1.tar.gz
Algorithm Hash digest
SHA256 3fd4ed47f3c42ac73ec5e0e3b3284e1859205a028b4423dda54e5c495f86b8de
MD5 9a25f3feda99c0addeea6301030d6ef5
BLAKE2b-256 b80f4b018fb61d2f107f5fb7018158a304b35b14e684d0c3c8679310b05afa32

See more details on using hashes here.

Provenance

The following attestation bundles were made for formseal_embed-3.4.1.tar.gz:

Publisher: publish.yml on grayguava/formseal-embed

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file formseal_embed-3.4.1-py3-none-any.whl.

File metadata

  • Download URL: formseal_embed-3.4.1-py3-none-any.whl
  • Upload date:
  • Size: 15.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for formseal_embed-3.4.1-py3-none-any.whl
Algorithm Hash digest
SHA256 50008c28b8446ec732dd44ad44bbe257f42aab726688a8eda3d61b500aaf412b
MD5 404093adbf0fb4763d6f708e2ff37740
BLAKE2b-256 113b7647c6fdf7d38d9de0919e91967548686bc32c6626e6fb6866ce756e60af

See more details on using hashes here.

Provenance

The following attestation bundles were made for formseal_embed-3.4.1-py3-none-any.whl:

Publisher: publish.yml on grayguava/formseal-embed

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page