Skip to content
SealedReturn
Start your return

About

Encryption was the assignment. Tax prep was the application.

SealedReturn started with a simple question: which categories of consumer software handle the most sensitive personal data, and which ones still haven't been built with end-to-end encryption?

Tax prep was the answer that surprised us most. Every year, 60+ million Americans hand over their full tax life — SSN, wages, bank account, dependents, business income, real estate holdings — to TurboTax, H&R Block, or one of a dozen smaller players. None of them encrypts client-side. All of them could, in normal operation, read your data. Their employees can. Their cloud provider can with a court order. Their breach attacker can. Their next acquirer can.

We built SealedReturn so that we cannot. Your tax photos, your SSN, your Schedule C — encrypted on your device with libsodium, before they ever touch our network. The server stores ciphertext only. We cannot read your data, even if a state actor compels us. By design.

The founder

Iskra Astudillo.

IA

Iskra Astudillo · founder

Iskra is a multi-business operator and the founder of the Berylus group of companies (short-term rental cohosting, AccountItUp multi-LLC accounting, Elite Health Essentials supplements, and SealedReturn). She files her own taxes through SealedReturn — and publishes the journey on LinkedIn and X.

Iskra is named publicly because the legal research is clear: founder accountability is a higher-leverage trust artifact than a SOC 2 logo could ever be. If something goes wrong, she's the one you can talk to — not a support ticket queue.

Reach her: hello@sealedreturn.com

Our principles

Five non-negotiables that shape every decision.

Client-side encryption is the default

Not an upsell. Not a "Pro" feature. Every paid tier uses libsodium client-side encryption. The Privacy Plus tier (+$10) extends to client-side LLM extraction via WebGPU.

We will never e-file (Path A by design)

E-filing requires IRS Authorized e-file Provider status, Pub 1345 compliance, state ERO registration, and an entirely different liability surface. We chose to never go there. You sign and file your own return.

Open-source the encryption layer

The cryptography that powers SealedReturn is being published on GitHub under MIT. Anyone can read it, audit it, fork it. This is the highest-leverage trust artifact at zero cost.

No "free" tier. No upsells. No dark patterns.

Three tiers, three published prices. State return always included. No checkout-time pressure. We can afford to do this because $39 is profitable on day one.

Founder accountability over corporate veil

Iskra is named on this site, in the WISP, and on every contract. If a customer has a problem, there is a real person to escalate to. SOC 2 won't replace that — and it doesn't have to.

Real cryptography, not theater

We use audited primitives (libsodium, Argon2id, XChaCha20-Poly1305). We don't roll our own crypto. We don't say "bank-level encryption" because that phrase means nothing.

The Berylus family

Sister companies.

Berylus

Honest Airbnb cohost — 14% all-inclusive. Bay Area, expanding 2026.

AccountItUp

Year-round bookkeeping for multi-LLC operators. Pairs with SealedReturn at tax time.

Elite Health Essentials

Trademarked supplement brand on Amazon Brand Registry. (Different category, same operator.)

See encryption + AI vision in 60 seconds.

Try the live demo. No signup. We encrypt a sample W-2 in your browser, run real AI extraction, and generate a Form 1040 PDF — so you can see the moat with your own eyes.

Try the live demo → See pricing