Kind 13: Seal

Overview

Seal events (kind 13) are part of the Gift Wrap protocol (NIP-59) used to encapsulate and encrypt Nostr events. A Seal wraps an unsigned event (called a "rumor") and is signed by the true author of the content, but with the content encrypted to hide it from third parties.

Specification

Property	Value
Kind Number	13
Event Range	Regular
Defined in	NIP-59

Content Format

The content field contains an encrypted "rumor" (an unsigned event). The encryption is done using NIP-44 versioned encryption with a conversation key derived from the sender's private key and the recipient's public key.

Schema

json

"content": "<encrypted-rumor-using-nip44>"

Tag Name	Description	Format	Required
None	Seal events must have empty tags	`[]`	Yes

Client Behavior

Clients should:

When creating a Seal:
- Start with an unsigned event (rumor)
- Encrypt it using NIP-44 with a key derived from the sender's private key and recipient's public key
- Place the encrypted content in a kind 13 event with empty tags
- Sign the Seal with the author's key
When receiving a Seal:
- Attempt to decrypt it using NIP-44 and the conversation key
- Validate the decrypted content as a valid event structure
- Note that the decrypted event is unsigned and should not be broadcast as-is

Seals are typically wrapped inside Gift Wrap events (kind 1059) for secure transmission.

Relay Behavior

Relays should:

Treat Seal events like any other event for storage and validation
Not attempt to decrypt or interpret the content

Use Cases

Secure messaging with metadata protection
Collaborative signing protocols
Deniable messaging (the rumor is unsigned)
Private content sharing

Example

json

{
  "id": "28a87d7c074d94a58e9e89bb3e9e4e813e2189f285d797b1c56069d36f59eaa7",
  "pubkey": "611df01bfcf85c26ae65453b772d8f1dfd25c264621c0277e1fc1518686faef9",
  "created_at": 1703015180,
  "kind": 13,
  "tags": [],
  "content": "AqBCdwoS7/tPK+QGkPCadJTn8FxGkd24iApo3BR9/M0uw6n4RFAFSPAKKMgkzVMoRyR3ZS/aqATDFvoZJOkE9cPG/TAzmyZvr/WUIS8kLmuI1dCA+itFF6+ULZqbkWS0YcVU0j6UDvMBvVlGTzHz+UHzWYJLUq2LnlynJtFap5k8560+tBGtxi9Gx2NIycKgbOUv0gEqhfVzAwvg1IhTltfSwOeZXvDvd40rozONRxwq8hjKy+4DbfrO0iRtlT7G/eVEO9aJJnqagomFSkqCscttf/o6VeT2+A9JhcSxLmjcKFG3FEK3Try/WkarJa1jM3lMRQqVOZrzHAaLFW/5sXano6DqqC5ERD6CcVVsrny0tYN4iHHB8BHJ9zvjff0NjLGG/v5Wsy31+BwZA8cUlfAZ0f5EYRo9/vKSd8TV0wRb9DQ=",
  "sig": "02fc3facf6621196c32912b1ef53bac8f8bfe9db51c0e7102c073103586b0d29c3f39bdaa1e62856c20e90b6c7cc5dc34ca8bb6a528872cf6e65e6284519ad73"
}

Gift Wrap Protocol

The Seal is part of the three-layer Gift Wrap protocol:

Rumor - An unsigned event containing the actual content
Seal (kind 13) - Wraps and encrypts the rumor, signed by the true author
Gift Wrap (kind 1059) - Wraps and encrypts the seal, signed with a throwaway key

This layered approach provides:

Author privacy (the Gift Wrap uses a throwaway key)
Content privacy (the Seal encrypts the content)
Deniability (the Rumor is unsigned)

Decryption Process

To decrypt a Seal:

Use NIP-44 with a conversation key derived from the recipient's private key and the sender's public key
Parse the decrypted content as JSON to get the original rumor

References

Kind 1059: Gift Wrap - The outer wrapper for a Seal

Notes

The created_at timestamp in a Seal should be deliberately randomized to prevent time-based correlation attacks
Tags must always be empty in a Seal event
The inner rumor must always be unsigned
This event kind must typically be wrapped in a Gift Wrap event for proper security

Kind 13: Seal ​

Overview ​

Specification ​

Content Format ​

Schema ​

Tags ​

Client Behavior ​

Relay Behavior ​

Use Cases ​

Example ​

Gift Wrap Protocol ​

Decryption Process ​

References ​

Related Kinds ​

Notes ​