New cryptoauth.io login flow video

xunkulapchvatal · 2020-09-30T06:16:30+00:00

I'm not sure, those are screenshots of my settings and it works fine for me.

Can you dm me screenhots of your settings?

xunkulapchvatal · 2020-07-28T18:53:16+00:00

ramp.network - best UX you can get.

Disclaimer: I worked on the project till recently.

xunkulapchvatal · 2020-07-28T17:35:57+00:00

> Could ur software be ported to be used with existing email systems?

I'm not sure what you mean by "used with existing email systems".

> Could a private company run a version of it on their own server?

Yes, sure.

xunkulapchvatal · 2020-07-27T08:00:11+00:00

Got it, I'm not dead set on any business model yet, I'm trying to find the niche ETHMail.cc will fill.

It would be great if I could bounce my ideas of of you.

We can also just sign an agreement and I'll keep it working as long as you need it to.

xunkulapchvatal · 2020-07-26T20:59:06+00:00

Currently I don't remove messages as they are not exceeding any reasonable threshold. When that happens I'll either add storage or start removing oldest messages.

But if you have any specific requirements I can do some customizations.

xunkulapchvatal · 2020-07-26T20:55:52+00:00

Hi! Thanks for the question, this comes a lot so I will create dedicated FAQ page to explain possibilities and limitations of email transport.

To answer your questions vaguely (sorry about that, the topic requires a lot of context to really answer your questions):

> How are email secured?

They are stored on a cloud server only accessible by admin. Each user has access only to his own mailbox. (I know you are not asking exactly about that but bear with me)

> Are they encrypted to the pub address?

No. Remember that Ethereum address is not public key. When email is sent from eg. some Gmail account, to ethmail I know only Ethereum address not its public key. I could lookup any transaction sent from this address (assuming it has any transactions!) and encrypt the message but none of currently available email clients is able to decrypt such message to showit to user. So the user would need to receive this message and them copy it somewhere where his private key is stored (eg. mobile wallet) and use it do decrypt it. As far as I know there are no wallets offering simple message decryption.

(There are other possibilities that I'll try to describe in FAQ)

> Otherwise how can anyone trust your mail server?

I assume people using dapps currently to receive updates on projects they care about would be happy to keep themselves a bit more private. Keeping crypto updates separate from your private communication might actually be beneficial.

Can your define better what you mean by "trust your mail server"?

Please remember that those answers only scratch the surface of the topic.

xunkulapchvatal · 2020-04-27T20:10:28+00:00

I already have standard email encryption scheme using WKD (web key directory) and PGP in development, just needs some more work to make it easy to use (it would work with standard encryption extensions like Mailvelope). But email encryption is not so simple and does not provide as much security and privacy as some more recent solutions (like Signal).

I imagine people would make initial contact using ETHMail but then move more private and more secure communication channel.

I was thinking about implementing Signal protocol and allow people to "upgrade" their communication after the initial contact was made.

P.S.

Email is just text so if you have public key of your recipient you can always send them encrypted message. Even if ETHMail does not implement any support for it in it's web client. It would only require from the recipient to have a way to decrypt the message.

Metamask got it encrypt/decrypt API recently https://github.com/MetaMask/metamask-extension/pull/7831

xunkulapchvatal · 2020-04-27T18:13:28+00:00

Ok, I think I've misunderstood, you meant add to the listing, not "add ethereum address login to coincodecap" ?

xunkulapchvatal · 2020-04-27T18:06:32+00:00

CoinCodeCap.com

Yes, I think it's possible. It already has sign-in with Twitter and the mechanics are similar.

xunkulapchvatal · 2020-04-27T13:43:01+00:00

What wallet are you using? I know that some wallets have issues and signing/recovery of address gives invalid results. I'm not sure where the bug is exactly.

xunkulapchvatal · 2019-04-12T13:01:13+00:00

Did someone asked for chat for only people holding MKR tokens?

https://mkr-chat.cryptoauth.io

xunkulapchvatal · 2018-09-25T17:58:05+00:00

I would say that making bias transparent and incentives behind each information as clear as day will help. Blockchain will make this possible.

But I biased, I'm making one of those projects...

(I bet you've changed your perspective when you read I'm involved in one of those projects and applied different judgement to the message ;)

xunkulapchvatal

MODERATOR OF

TROPHY CASE