Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Mailbox Keys

Mail bodies are encrypted before they are pinned to IPFS, so that only the mailbox owner can read them. Encryption needs no setup at all by default, and there is one optional on-chain key account for wallets that can’t use the default.

Sealed to the wallet (the default)

A wallet address is an Ed25519 public key, and its X25519 twin is a valid encryption key. Mail servers seal every message straight to the recipient’s wallet address as a libsodium crypto_box_seal sealed box — no published key, no key account, no rent. See Appendix: How sealed-box encryption works for a full walkthrough of the protocol, with diagrams. Decrypt with the wallet keypair file:

sithbit mail decrypt <file> --keypair <path to wallet keypair>

(--keypair defaults to your configured default keypair — see Getting Started.)

Delegated keys (signing-only wallets)

Hardware and browser wallets only sign; they never reveal the secret needed to derive the wallet’s decryption key. Such users generate a delegated X25519 keypair client-side and publish its 32-byte public key on-chain:

sithbit mailbox create-key my_delegated_key.json
sithbit mailbox set-key my_delegated_key.json --keypair <path to wallet keypair>

Senders seal to the published key instead of the wallet address; the secret key file opens the mail:

sithbit mail decrypt <file> --delegated-key-path my_delegated_key.json

Re-running set-key with a fresh keypair rotates the key; mailbox close-key removes the account (and reclaims its rent), returning the mailbox to wallet-sealed mail.

Reading the published key

sithbit mailbox get-key <address>

Prints the published key when one exists: the delegated X25519 public key, as base58.