Support

技术支持

How to set up Sealboard, encrypt and decrypt messages, and what to do when something doesn't work as expected.

如何配置 Sealboard、加密和解密消息,以及遇到问题时该怎么办。

Getting started

1 · Install the keyboard

  1. Open the Sealboard app and tap Create new account.
  2. Back up the 12-word mnemonic that appears — this is the only way to recover your account. Write it down on paper, store it somewhere safe.
  3. Go to iOS Settings → General → Keyboard → Keyboards → Add New Keyboard… and add Sealboard.
  4. Tap the Sealboard row in the keyboard list and enable Allow Full Access. This is required so the keyboard can read & write the clipboard for ciphertext exchange.

2 · Share your public key

Open Sealboard → Account tab → tap Copy on the "My public key" card. Send the PEM text to the people you want to receive messages from. They'll paste it into Sealboard as a new contact.

3 · Add a contact

  1. In Sealboard, go to Encrypt tab → tap the contact card → New.
  2. Enter the contact's name and paste their public key (PEM).
  3. Done. You can now select them from the contact picker.

Encrypting & sending

From the main app

  1. Open Sealboard → Encrypt tab.
  2. Tap the contact card to pick the recipient's public key.
  3. Type your plaintext (max 245 bytes per message).
  4. Tap Encrypt & Copy. The ciphertext lands in the clipboard.
  5. Open your chat app, paste, send.

From the keyboard inside any chat app

  1. Open WeChat / iMessage / Telegram / etc., tap the message input.
  2. Switch to the Sealboard keyboard (long-press 🌐 → choose Sealboard).
  3. Pick the recipient from the contact dropdown at the top.
  4. Type in the white preview area. Tap Send. The ciphertext is inserted into the chat input.
  5. Tap the chat app's send button. (If the app has "Enter to send" enabled, Sealboard's send button will trigger it automatically.)

Decrypting messages

  1. Copy the ciphertext you received.
  2. Open Sealboard → Decrypt tab → tap Paste. Plaintext appears, with a watermark of your private key fingerprint.
  3. Or, inside any chat app with Sealboard keyboard active: copy the ciphertext, tap Paste & Decrypt right inside the keyboard. The plaintext shows up in a dark panel above the keys.

Switching keyboard language

Sealboard ships with 25 built-in keyboard layouts (English QWERTY, French AZERTY, German QWERTZ, Russian Cyrillic, Greek, Hebrew, Arabic, Chinese pinyin IME, and more). Tap the language key at the bottom of the keyboard (shows the current code like EN or ) — a picker opens with all available languages.

To use a script not in the list (Japanese, Korean, Thai, etc.): tap 🌐 on the Sealboard keyboard to switch to a system keyboard for that language, type your message into the chat input, switch back to Sealboard, and tap Send — Sealboard reads what's in the input field and encrypts it.

Frequently asked questions

I lost my mnemonic. Can I recover my account?

No. The 12-word mnemonic is the only thing that can derive your private key. We don't keep a backup because we don't have any servers — there's nowhere for a backup to live. This is the trade-off for a no-server, no-account architecture.

If you can no longer decrypt previously-received messages, the sender will need to re-encrypt them with the public key of your new account.

Why is the message length limited to 245 bytes?

Sealboard uses pure RSA-2048 with PKCS#1 v1.5 padding so the output is interoperable with OpenSSL, WebCrypto, and other standard tools. RSA-2048 with PKCS#1 v1.5 can encrypt up to 245 bytes of plaintext per block — that's a property of the algorithm, not a software limit.

For longer messages, split them into multiple parts and encrypt each one separately.

The same message produces different ciphertext each time. Is something broken?

No, this is correct behaviour. RSA padding (both OAEP and PKCS#1 v1.5) deliberately includes random bytes so that the same plaintext encrypted with the same public key produces a different ciphertext every time. This prevents replay-style attacks. Decryption gives back the same plaintext regardless.

Decryption fails with "Ciphertext format could not be parsed".

Sealboard expects base64-encoded RSA-2048 ciphertext (344 characters). Check that the text you pasted is complete and untruncated — chat apps sometimes wrap long lines and break base64.

Sealboard tries PKCS#1 v1.5, OAEP-SHA256, and OAEP-SHA1 padding modes in turn during decryption, so it works with ciphertext produced by most standard RSA tools. If the sender used a non-standard padding mode, decryption will fail.

The keyboard's "Send" button doesn't auto-send in WeChat.

Auto-send relies on the host app's "Enter to send" setting. For WeChat, enable it under Me → Settings → General → Keyboard → Enter Key Sends Message. With this off, Sealboard inserts the ciphertext into the input field but you'll need to tap the chat app's own Send button.

This is an iOS sandbox limitation — no keyboard extension (including Sogou, Gboard, etc.) can programmatically tap the Send button of another app.

Can I use Sealboard with multiple devices?

Yes. Install Sealboard on the second device and choose Sign in with mnemonic; enter the same 12 words. The account is deterministically derived from the mnemonic, so you get the same public/private key pair on every device.

Contacts are not synced — you'll need to re-add them on each device.

How is Sealboard different from Signal / WhatsApp?

Signal and WhatsApp are end-to-end encrypted messengers — they run their own servers, route your messages, and tie everything to a phone number.

Sealboard is just a tool. It encrypts and decrypts text. You ship the resulting base64 over any channel you like (WeChat, SMS, email, paper). There's no Sealboard server, no phone number, no account on our side, no metadata trail through us.

Is the ciphertext format interoperable with OpenSSL?

Yes. Sealboard encrypts with RSA-2048 + PKCS#1 v1.5, then base64-encodes the 256-byte block. To decrypt with OpenSSL:

echo "<base64>" | base64 -d | openssl rsautl -decrypt -inkey priv.pem

In reverse, OpenSSL ciphertext (PKCS#1 v1.5 or OAEP-SHA*) can be pasted into Sealboard's Decrypt screen — we'll try each padding mode automatically.

Does Sealboard work offline?

Yes. Sealboard performs no network requests at any point. It works exactly the same way with Wi-Fi off, cellular off, and airplane mode on.

How do I delete all my Sealboard data?

Uninstall the app. iOS removes the app's sandboxed storage and its App Group container along with it. There is no cloud backup to clear because there's no cloud.

Still need help?

Email support@sealboard.app. We typically reply within 2 business days. Please include:

  • iOS version and device model
  • Sealboard version (Account tab → bottom of screen)
  • The exact step where something went wrong

Do not include your mnemonic or private key. We will never ask for them.

开始使用

1 · 安装键盘

  1. 打开 Sealboard,点击「创建新账户」
  2. 把出现的 12 词助记词妥善备份 —— 这是恢复账户的唯一凭据。写在纸上、放在安全的地方。
  3. 进入 iOS 设置 → 通用 → 键盘 → 键盘 → 添加新键盘…,添加 Sealboard
  4. 在键盘列表中点 Sealboard,启用「允许完全访问」。这是必需的,键盘需要读写剪贴板来交换密文。

2 · 分享你的公钥

打开 Sealboard → 账户页 → "我的公钥"卡片上点 「复制」。把 PEM 文本发给希望收到你消息的人, 他们把它粘贴到 Sealboard 作为新联系人。

3 · 添加联系人

  1. 在 Sealboard 中进入「加密」页 → 点联系人卡片 → 「新建」
  2. 填入联系人姓名,粘贴对方的公钥(PEM)。
  3. 完成。之后可以从联系人选择器中选中他/她。

加密与发送

从主 App

  1. 打开 Sealboard → 「加密」页。
  2. 点联系人卡片,选择对方公钥。
  3. 输入明文(每条最长 245 字节)。
  4. 「加密并复制密文」,密文进入剪贴板。
  5. 打开聊天 App,粘贴,发送。

在聊天 App 里用键盘

  1. 打开微信 / iMessage / Telegram 等,聚焦到消息输入框。
  2. 切换到 Sealboard 键盘(长按 🌐 → 选 Sealboard)。
  3. 从顶部的下拉中选择对方公钥。
  4. 在白色预览区输入文字。点「发送」。密文被插入到聊天输入框。
  5. 点聊天 App 的发送按钮。(如果该 App 开启了"回车键发送",Sealboard 的发送会自动触发它。)

解密消息

  1. 复制对方发来的密文。
  2. 打开 Sealboard → 「解密」页 → 点「粘贴」。明文出现,同时叠加你私钥指纹的水印。
  3. 或者:在任意聊天 App 中、Sealboard 键盘处于激活状态时,复制密文后直接点键盘上的「粘贴解密」,明文在键盘下半部分的暗色面板中显示。

切换键盘语言

Sealboard 内置 25 种键盘布局(英语 QWERTY、法语 AZERTY、德语 QWERTZ、 俄语西里尔、希腊文、希伯来文、阿拉伯文、中文拼音 IME 等)。点击键盘 底部的语言键(显示当前代码,如 EN) —— 弹出包含全部语言的选择器。

如需使用列表中没有的文字(日语、韩语、泰语等):在 Sealboard 键盘上 点 🌐 切到该语言的系统键盘,在聊天框直接输入,然后切回 Sealboard, 点「发送」 —— Sealboard 会读取输入框中的内容并 就地加密。

常见问题

助记词丢了,账户还能恢复吗?

不能。12 词助记词是派生私钥的唯一依据。我们没有备份,因为我们 根本没有服务器 —— 备份没地方放。这是"无服务器、无注册"架构的 必然代价。

如果你已经无法解密之前收到的消息,需要让发件人用账户 的公钥重新加密发送。

为什么消息长度限制是 245 字节?

Sealboard 使用纯 RSA-2048 + PKCS#1 v1.5,这样密文能与 OpenSSL、 WebCrypto 等标准工具互通。RSA-2048 配合 PKCS#1 v1.5 单块最多 可加密 245 字节的明文 —— 这是算法本身的约束,不是软件限制。

长消息请分段发送,每段单独加密。

同样的明文每次加密的密文都不一样,是 bug 吗?

不是,这是正确的。RSA 的填充(OAEP 和 PKCS#1 v1.5 都是) 故意包含随机字节,使得同一明文用同一公钥加密时,每次得到的 密文都不同。这是为了防止重放类攻击。解密会得到完全 相同的明文。

解密提示"密文格式无法解析"

Sealboard 期望的是 base64 编码的 RSA-2048 密文(344 字符)。 检查你粘贴的文本是否完整 —— 部分聊天 App 会对长行做截断, 破坏 base64。

Sealboard 解密时会依次尝试 PKCS#1 v1.5、OAEP-SHA256、OAEP-SHA1 三种填充模式,覆盖大多数标准 RSA 工具。如果发件人使用了非标准 的填充模式,解密会失败。

键盘上的"发送"按钮在微信里不会自动发送

自动发送依赖于宿主 App 的"回车键发送"设置。微信的开关在 我 → 设置 → 通用 → 键盘 → 回车键发送消息。 关闭状态下,Sealboard 只会把密文插入输入框,需要你手动点 聊天 App 的发送按钮。

这是 iOS 沙盒的固有限制 —— 任何键盘扩展(包括搜狗、百度、 Gboard 等)都没法以程序方式点击其他 App 的按钮。

能在多台设备上使用同一个账户吗?

可以。在第二台设备上安装 Sealboard,选择「通过助记词登录」, 输入同样的 12 个单词。账户由助记词确定性派生,所以每台设备上的 公私钥对完全一致。

联系人不会同步,每台设备需要分别添加。

Sealboard 跟 Signal / WhatsApp 有什么区别?

Signal 和 WhatsApp 是端到端加密的即时通讯软件 —— 它们运行自己 的服务器、路由你的消息、并且把一切绑定在手机号上。

Sealboard 只是一个工具,负责把文字加密和解密。你可以 把生成的 base64 通过任何渠道发送(微信、短信、邮件、 甚至纸条)。我们没有服务器,不需要手机号,在我们这边没有任何 账户、没有任何元数据流经。

密文格式与 OpenSSL 兼容吗?

兼容。Sealboard 用 RSA-2048 + PKCS#1 v1.5 加密,再对 256 字节 的密文块做 base64 编码。用 OpenSSL 解密:

echo "<base64>" | base64 -d | openssl rsautl -decrypt -inkey priv.pem

反过来,OpenSSL 生成的密文(PKCS#1 v1.5 或 OAEP-SHA*)粘到 Sealboard 的解密页里也能解 —— 我们会依次尝试各种填充模式。

Sealboard 离线可用吗?

可用。Sealboard 在任何时候都不会发起网络请求。Wi-Fi 关闭、 蜂窝关闭、开启飞行模式 —— 表现完全一致。

怎么彻底删除 Sealboard 的所有数据?

卸载 App 即可。iOS 会同时移除 App 的沙盒存储和 App Group 容器。 没有云端备份要清理 —— 因为我们就没有云。

还需要帮助?

发邮件到 support@sealboard.app。 通常 2 个工作日内回复。请附上:

  • iOS 版本和设备型号
  • Sealboard 版本号(账户页底部)
  • 问题发生的具体步骤

不要在邮件里附上你的助记词或私钥。我们永远不会向你索要它们。