Security Guarantees
json‑seal provides authenticity and integrity for JSON‑serializable values. It does this through RFC 8785 canonicalization, SHA‑256 hashing, and RSA‑PSS signatures. The guarantees below describe exactly what the system provides — and what it intentionally does not.
What json‑seal guarantees
Integrity
Any modification to the payload or signature is detectable. Verification fails if even a single byte changes. Canonicalization and hashing are recomputed during verification to ensure correctness.
Authenticity
Only the holder of the private key can produce a valid signature. Anyone with the embedded public key can verify it.
Deterministic behavior
RFC 8785 canonicalization ensures that semantically identical values always produce the same canonical form and signature across environments.
Self‑contained verification
Each envelope embeds its own public key. Verification does not require external infrastructure, registries, or trust stores.
Long‑term stability
The envelope format is versioned. Old envelopes remain verifiable even if new keys are generated or the application evolves.
What json‑seal does not guarantee
No confidentiality
Signed values remain visible. json‑seal does not encrypt or hide data.
No access control
Anyone can verify an envelope. json‑seal does not restrict who can read or validate signed data.
No identity binding
json‑seal proves that a private key created the signature, but it does not assert who owns that key. Identity must be layered on top.
No revocation
Once an envelope is signed, it remains valid as long as the public key is trusted. json‑seal does not provide key revocation or expiration.
No transport security
json‑seal protects the data itself, not the channel. Use HTTPS or another secure transport when needed.
Threat model
json‑seal protects against tampering, corruption, and unauthorized modification of JSON data. It does not protect against key compromise, malicious signers, or unauthorized access to plaintext values.
The system is intentionally narrow in scope. Its goal is to provide a clear, portable, cryptographically sound integrity layer without ceremony or hidden assumptions.