Mailbox Keys
Mail bodies are encrypted before they are pinned to IPFS, so that only the mailbox owner can read them. Encryption needs no setup at all by default, and there is one optional on-chain key account for wallets that can’t use the default.
Sealed to the wallet (the default)
A wallet address is an Ed25519 public key, and its X25519 twin is a valid
encryption key. Mail servers seal every message straight to the recipient’s
wallet address as a libsodium crypto_box_seal sealed box — no published
key, no key account, no rent. See Appendix: How sealed-box encryption
works for a full walkthrough of the
protocol, with diagrams. Decrypt with the wallet keypair file:
sithbit mail decrypt <file> --keypair <path to wallet keypair>
(--keypair defaults to your configured default keypair — see
Getting Started.)
Delegated keys (signing-only wallets)
Hardware and browser wallets only sign; they never reveal the secret needed to derive the wallet’s decryption key. Such users generate a delegated X25519 keypair client-side and publish its 32-byte public key on-chain:
sithbit mailbox create-key my_delegated_key.json
sithbit mailbox set-key my_delegated_key.json --keypair <path to wallet keypair>
Senders seal to the published key instead of the wallet address; the secret key file opens the mail:
sithbit mail decrypt <file> --delegated-key-path my_delegated_key.json
Re-running set-key with a fresh keypair rotates the key; mailbox close-key removes the account (and reclaims its rent), returning the
mailbox to wallet-sealed mail.
Reading the published key
sithbit mailbox get-key <address>
Prints the published key when one exists: the delegated X25519 public key, as base58.