PySealer

1.0.4 verified Mon Apr 27 auth: no python

PySealer (v1.0.4) cryptographically signs Python functions and classes to provide defense-in-depth security against code injection and tampering. It allows developers to seal callables with HMAC signatures verified at runtime. Active development on GitHub, monthly releases.

pip install pysealer

Common errors

error AttributeError: 'function' object has no attribute 'verify' ↓

cause Calling verify incorrectly; it's a standalone function, not a method.

fix

Use verify(sealed_func, key=key) instead of sealed_func.verify(key).

error ValueError: Invalid signature ↓

cause Key used to verify does not match the key used to seal.

fix

Ensure the same key string is passed to both seal and verify.

error TypeError: seal() missing 1 required positional argument: 'key' ↓

cause Calling seal() without the key argument.

fix

Use @seal(key='your-key') instead of bare @seal.

Warnings

gotcha The `seal` decorator only works on plain functions and classes, not lambdas, partials, or built-in functions. ↓

fix Use a named function or class defined via def or class statement.

gotcha If the key is lost, sealed objects become permanently unusable — there is no recovery or backdoor. ↓

fix Store the key safely (e.g., environment variable, secrets manager) and never hardcode in source.

deprecated The function `seal_with_env_var()` is deprecated and will be removed in v2.0. Use `seal(key=os.getenv('KEY'))` instead. ↓

fix Replace `seal_with_env_var('MY_KEY')` with `seal(key=os.getenv('MY_KEY'))`.

Imports

seal
```
from pysealer import seal
```
Correct import path for v1.0.x
verify
```
from pysealer import verify
```
Verification function for sealed objects

Quickstart

Seal a function with HMAC key and verify before execution.

from pysealer import seal, verify
import os

key = os.environ.get('SEAL_KEY', 'default-secret')

@seal(key=key)
def safe_add(a, b):
    return a + b

# Verify and call
result = verify(safe_add, key=key)(2, 3)
print(result)  # 5