Sui
Seal Mainnet Launch: Bringing Data Privacy and Access Control to Web3
Seal is now live on Mainnet, delivering decentralized access control and encryption to the Sui and Walrus ecosystems. With Seal, developers can protect sensitive data, define who can access it, and enforce those rules entirely onchain. This brings production-ready infrastructure to builders, enabling applications where data privacy, fine-grained access, and secured sharing are built into the foundation.
When paired with Walrus's verifiable, decentralized storage, Seal unlocks a powerful combination for Web3 apps. Together, they make it possible to reliably store large files while ensuring only authorized parties can decrypt them, which has long been a missing piece in Web3’s data layer.
Closing Web3’s data privacy gap
A longstanding challenge in Web3 development is the lack of a native, trustless standard for encrypting and sharing sensitive data at scale. Most decentralized storage solutions leave information exposed unless developers layer on their own custom encryption. Web2 options like AWS or GCP key management are centralized and break the trust model that decentralization promises.
Seal fills this gap by combining three components: programmable access policies, identity-based encryption, and a clean TypeScript SDK.
Programmable access policies let developers define who can access data and under what conditions, enforced directly onchain through Move smart contracts.
Identity-based encryption distributes trust across key servers, ensuring decryption only occurs when access rules are met.
TypeScript SDK simplifies integration, giving developers a simple way to add secure data handling without the need for custom cryptography.
Together, these components make Seal a simple yet powerful solution for building applications where privacy and access control are crucial.
From policy to privacy: The Seal workflow
The workflow for Seal is simple and built in a way to be production-ready:
Define access policies on Sui: Developers write onchain logic with Move smart contracts, specifying who can access data and under what conditions.
Encrypt with Seal SDK: The app encrypts data using master public keys from a decentralized committee of key servers.
Store anywhere: Encrypted data can be stored on Walrus or any other storage layer.
Verify and decrypt: When a user requests access, Seal's key servers verify the onchain policy and, if approved, return just-in-time decryption key shares to meet the configured threshold. The app can use those key shares to decrypt the encrypted data fetched from the pertinent storage.
With these steps, Seal gives builders a clear path from programmable policies to enforceable privacy. The result is data that is both protected and accessible, but only under the exact conditions that developers define.
Securing Walrus-powered apps with Seal
Walrus provides decentralized, programmable storage with verifiable integrity and content addressing. Seal adds a crucial layer of control, ensuring that only authorized parties can decrypt the files stored there. This pairing transforms Walrus from a robust storage layer into a foundation for secure digital experiences, from premium content libraries and protected business data to confidential AI datasets and event-based content reveals.
Together, Seal and Walrus enable builders to create data-rich Web3 apps that combine the speed and usability of Web2 with the trustless security and ownership guarantees of Web3. The result is a platform that not only stores information safely but also enforces nuanced, programmable access conditions at the protocol level.
Innovators building with Seal
Seal’s Mainnet launch comes alongside a strong initial group of partners building innovative products:
Tusky offers token-gated vaults and APIs for private file access, using Seal and Walrus to restrict access based on token ownership.
Coda by Studio Mirai, is building an onchain music economy, using Seal, Walrus, and Sui to let artists share encrypted content with fans based on ownership and engagement.
Alkimi is a decentralized adtech platform using Seal and Walrus to keep onchain ad impression data confidential yet verifiable, ensuring secure and trustworthy client access.
OneFootball uses Seal for secure onchain access control over premium content stored in Walrus, enabling rights holders and partners to deliver exclusive experiences to the right audience.
Regulartech is building a smart legal contracting layer, using Seal, Walrus, and Nautilus to enable confidential, automated, and enforceable computable agreements for the agentic economy.
Vendetta is integrating Seal to bring encrypted, trustless gameplay mechanics to its multiplayer world, with Walrus ensuring secure storage for sensitive in-game data and assets.
Zark Lab is building a semantic search layer on Walrus, using Seal to enable secure, searchable AI interfaces for public and gated private content.
Flock IO is building a federated learning platform on Walrus, using Seal to enforce strict access controls and protect sensitive gradients from reverse-engineering attacks.
Tensorblock is integrating Seal to secure AI agent infrastructure, encrypt keys, and protect private memory on Walrus, ensuring confidential, policy-controlled access to sensitive AI assets.
Inflectiv AI is building a data and agent platform, using Seal and Walrus for secure, tokenized datasets, with future Nautilus integration for confidential AI inference.
Kled AI is building privacy-driven dataset licensing for AI, using Seal to enforce access and licensing policies while Walrus stores and delivers encrypted datasets securely.
dFusion AI decentralizes valuable data assets with privacy at the core, using Seal and Walrus to secure Telegram chats and power private AI agents that preserve ownership.
Lockin Bot is building a privacy-first AI Sales/BD assistant for Telegram, using Seal, Nautilus, and Walrus to encrypt conversations, manage keys, and ensure data privacy.
Key server providers you can build with
To make Seal resilient and flexible, builders can choose from a growing set of Seal key server providers to form their threshold committee, balancing trust, performance, and decentralization. At Mainnet launch, options include Ruby Nodes, NodeInfra, Studio Mirai, Overclock, H2O Nodes, Triton One, and Enoki by Mysten Labs, with more to follow. Developers have the ability to mix and match providers to reach their desired threshold configuration.
Get started with Seal
Seal is open-source and ready to use today. Developers can explore the documentation and example app, access the SDK on npm, and review Move access policy patterns to integrate Seal into their apps.
With Seal now live on Sui Mainnet, data privacy and programmable access control are no longer afterthoughts, they’re part of your app’s foundation.
Seal your data. Unlock your ideas.
Blog
