Sealcraft implements envelope encryption for Laravel applications that need a defensible story for encryption-at-rest, key rotation, KMS integration, and right-to-be-forgotten. Built for HIPAA-adjacent apps, multi-tenant SaaS, and regulated industries.
A short-lived Data Encryption Key (DEK) encrypts your field data; a long-lived Key Encryption Key (KEK) inside a KMS wraps the DEK. Plaintext DEKs never touch disk.
Contributors
Thank you to everyone who has contributed to this package. Every pull request, bug report, and idea makes a difference.
