2.The impact of blockchain technology on email systems
Last updated
Last updated
The technical attributes of the blockchain will have a significant impact on basic functions such as email encryption and decryption, email authentication methods, and email transmission, and the blockchain’s value transfer capabilities, smart contract execution capabilities, and code governance capabilities will also have a more profound impact on the future functionality of email.
As a widely used method of information transmission, the security of email has always been taken seriously, but now the actual solution is unsatisfactory.
For example, we currently use PGP (Pretty Good Privacy) technology to encrypt, decrypt and digitally sign emails. Because the configuration of email encryption using this technology is relatively complicated, you not only need to download the PGP software, but also learn to use its public and private keys reasonably to complete the encryption and decryption of emails. The threshold is too high for ordinary users, and security issues are prone to occur in aspects such as public key transfer and private key storage.
Using the public and private keys in the blockchain for email encryption, not only the public key is easy to transfer (it can be downloaded from the public chain directly), and the private key will also be better kept because people use blockchain wallets with caution. With the existence of the blockchain system, people can easily publish and replace the public keys, they used for encryption and decryption. general user don’t need for cumbersome configuration. You only need to add it easily on the client just like operating ordinary application software.Decrypt emails and sign emails, and the security of the emails can be consistent with the blockchain.
When using the public and private keys in the blockchain wallet to encrypt and decrypt email information, you usually need to use hybrid encryption algorithm, using a symmetric key to encrypt the email content, and using the recipient's public key to encrypt the symmetric key;The decryption process is reversed, using the private key to decrypt the symmetric key, and then using the symmetric key to decrypt the email content. The schematic diagram of email encryption and decryption using blockchain technology is as follows.
The principle of using the public and private keys in the blockchain wallet for digital signature and signature verification are the same and will not be described in this article.
With the public and private keys of the blockchain wallet, the mail system may use the mailbox as the login authentication method for the user's identity.The method can also be upgraded to use signature and signature verification to close the traditional password or password login, thus greatly improve the security of the system.
Asymmetric encryption technology is used from login method to email content storage, which makes Web3.0 email systems are more secure than ever. Even if the mail server data is lost, the harm will also be minimized. through the description of the following content, emails in the Web3.0 can develop into peer-to-peer delivery, so traditional mail servers are no longer needed. Only on some special occasions, such as bussiness email also need to retain usage scenarios such as centralized storage of emails.
With blockchain technology-based email encryption and decryption, digital signature, decentralized user authentication and other technologies, we have already some products, and used in multiple enterprises, and have withstood the testing of thousands of users in the past two years.
Data preservation generally refers to electronic data preservation. If it is non-electronic data, it can be converted into electronic data first.Electronic data preservation uses professional technology to encrypt, calculate, and mark some preservation time,numbers, values, etc., so that electronic data can maintain its original appearance no matter how long it is stored, and no one can easily tamper with it. After the user's electronic data is preserved, it is equivalent to adding more information to this electronic data.A certificate that provides assurance for future data use. Traditional data preservation or data certification often uses notarization. This method is not only time-consuming and labor-intensive, but also because the method used is not rigorous enough, making the later verification and certification process complicated, and there are non-algorithmic factors in the credibility.
The principle of data preservation based on blockchain technology is to use the non-tamperable nature of the blockchain. The technical implementation and verification of the data preservation function are simple and easy to use. Some data preservation products develop the data preservation function into an independent system. Users also need to upload data when using it. They need to learn to use such data preservation products and pay separately for the saved data and related data preservation certificates. This not only increases the user's economic cost, but also increases the user's learning and usage costs.
The data preservation function of email not only does not require users to use a separate data preservation system, but also emails that have undergone data preservation can be separated from the original email system and independently verified using the blockchain system. You can also use data structures such as hash trees to perform data preservation operations on a batch of emails. Email data preservation is used together with the sender's private key signature to provide multiple proof capabilities. The email certificate diagram is as follows:
We have implemented the email certificate function in the mail system and have used it in the production environment for more than 2 years.
Email and blockchain systems have many similarities. For example, email data VS block data, email header information VS block header information, email address (abc@ccpic.cn) VS blockchain wallet address (0x85dB4a5……CE6fd). In principle, the email content and attachments can write data, blocks can write data, and emails can write more data. In addition to the different implementation details of the writing mechanism and the verification mechanism, on a certain abstract basis, the two have many similarities. These features enable the email system to better integrate some blockchain functions.
Transfer of value data
Blockchain technology changes the type of email delivery data - the delivery of value data, the current email can only convey information data, not value data. After the email address is upgraded to the wallet role, you can deliver FT (Fungible Token), NFT (Non-Fungible Token), SFT (Semi-Fungible Token) in emails.This takes email beyond its previous messaging capabilities. Based on email address and in-depth integration of email content, this value delivery will also show other characteristics. Such as privacy protection,payment and other new applications.
Embedding of program functionality
Because of the "fat protocol, thin application" characteristics presented by Web3.0, email can also be used as a call entry point for functions such as smart contracts, which will greatly enrich the functions of the email system. Some lightweight functions, such as opening blind boxes, sending red envelopes, and verifying bank accounts, can be easily implemented in emails. Some contract terms, confirmation operations, and payment operations can also be integrated into emails. At this time, the email client is not just a way of transmitting information, but more like a system user interface.
Special layer2 expansion technology
The second-layer extension function of blockchain can be implemented in emails to a certain extent, and will have some new features. This design will be more distinctive than the Blob solution in EIP-4844. Transaction data that only needs to be known by both parties to the transaction can be implemented in emails. Not only can both parties to the transaction verify the correctness of the data at any time, but some private data can also be hidden from the outside world. By understanding the current second-layer expansion schematic diagram, we can conceive the second-layer schematic diagram in the email.
With the development of technology and applications, more applications can be built on the data interaction formed by basic public chains and emails.
Early emails used peer-to-peer delivery. As the number of users increased and the usage scenarios became more complex, it evolved to a centralized mail server. Some anti-attack, anti-virus, anti-phishing, anti-spam and other email-related functions are implemented on the email server. This method reduces the burden on users and allows email to be used on a wider scale. However, this method increases the disadvantages caused by centralized institutions, such as infringement of user data, centralized data leakage, censorship and other issues.
With blockchain technology, emails can return to peer-to-peer delivery, but traditional issues in the email system, such as anti-attack, anti-virus, anti-phishing, anti-spam and other functions need to be redesigned under new technologies.These implementation solutions are best solved using new technologies in the Web3.0. For example, spam problems can be solved by using the reputation system of email in the Web3.0. Anti-phishing can also be solved by using the reputation system of websites. Functions such as anti-virus may also be used. Need to rely on traditional solutions. Fully realizing the feature-rich, secure and easy-to-use email in the Web3.0 requires a lot of construction work.
Now we have initially implemented a peer-to-peer email delivery method. Through preliminary exploration, we provided a service agreement called MMS (MiYou Mail Service). MMS is a service that is a supporting product of the name service xNS in Web3.0 (such as ENS), and can provide email configuration services for the name service. In name services such as ENS, although the content of the email address is also provided, for a powerful email service, only one line of configuration information is not enough. The MMS service under exploration includes the email service address information, user's email rules, mailbox reputation value, encryption attributes, etc. required for peer-to-peer delivery. In this way, a email configuration information that supports peer-to-peer is published on the blockchain system. Each email or Web3 user configures his or her own mailbox information, which can fully support peer-to-peer email delivery. In order to maintain compatibility with traditional email, we support traditional mailbox formats and can interact well with mail servers in Web2.0.
Currently supported information:
(1) The basic information of the mailbox is compatible with the information of traditional mailboxes. In the future, the mailbox of Web3.0 will be peer-to-peer address information;
(2) Email receiving rules: All emails are received by default. Emails from strangers require payment of a fee.The amount can be customized, the project’s token is used as the unit of measurement, and you can refuse to receive any emails from stranger;
(3) Encryption and signature settings: Use encryption by default, fill in the wallet address used for encryption, and automatically read the public key corresponding to the wallet address; similarly, public and private key signatures based on blockchain wallets can be implemented;;
(4) Other configuration information will support more personalized customization during development.
In the MMS relationship diagram, Web3 name service providers charge their own service fees, such as ENS's charging rules for domain names, so that Web3 name service providers can charge fees on an annual basis. Although traditional users can generate new Web3 names through email addresses and mobile phone numbers, because the ownership of traditional email addresses and mobile phone numbers is in the hands of centralized institutions, fees cannot be charged, or only smaller fees can be charged. MMS configuration services can charge a certain fee. Our current pricing is $0.5/year. Users can choose to use Web3 mailboxes with new functions, or they can choose to use other traditional mailboxes. The new Web3 functional mailbox has richer functions than traditional mailboxes and needs to be paid separately. This is the underlying mail system we have been developing and will consider being completely open source in the future. Mailboxes with other functions do not have all Web3 functions. We can support some Web3 functions through our mail client. In the future, the mail client will also consider being completely open source.
The MMS service also carries out the design and implementation of the on-chain address book, as well as the email subscription function with real Web3.0 characteristics. Because the email subscription function has more marketing attributes, it will be described in detail in Section 3.4.
User identity information is an important piece of information for humans in social groups. In the Web 2.0, email addresses are often used as identifiers of user identities. Compared with the username + password login method, email + email verification code is a more secure method. In the mobile, mobile phone number + mobile phone verification code is a more popular method. At the same time, in the world of Web 2.0, passwordless authentication methods such as biometric technology and Oauth authentication on centralized platforms are also widely used because they are safer and more convenient.
In the world of Web3, blockchain wallet addresses were used as user identities. With the gradual enrichment and development of Web3.0 applications, using wallet addresses as user identities has presented various drawbacks. On the one hand, the wallet address is too long and difficult for people to remember; on the other hand, once the private key of the wallet address is leaked, the address can no longer be used, which is unacceptable for user identity. In addition, user identity in the Web3 world needs to integrate more functions and requires a more reasonable structural definition to store or link related information. Currently, Web3 authentication has problems such as being difficult to use, inconvenient, and insecure. Many service providers have seen these problems and have provided many solutions, including the design of the DID protocol, but there is currently no mature and easy-to-use user identity solution.
From the development history of blockchain technology, we can see the development and change process from wallet address → account → identity, and related external reasons, as shown in the following figure:
User identities in the Web3.0 world should have the ability to separate and manage accounts for different purposes, the ability to aggregate different identity attributes together, the ability to integrate different user certification information, and stronger account management capabilities such as public or authorized viewing methods.
Relying on the characteristics of Web3.0, a more secure and convenient user identity authentication information can be constructed, and this identity will make it easier to integrate identity and reputation-related information, ultimately realizing a true identity system in Web3.0. On the one hand, by extending the current name service in Web3.0 to have more identity attribute information, we can complete the construction of user identity in the Web3.0 world. On the other hand, this kind of user authentication information brings Web2.0 users into Web3.0. The binding method requires a real-world decentralized verification method, or a multi-factor verification method, to bring Web2.0 users into Web3.0. Email addresses are mapped to the name system in Web 3.0. At the same time, the same method can be used to map mobile phone numbers in Web2.0 to the name system in Web3.0. It's just that in the world of Web 2.0, mobile phone numbers are severely monopolized by centralized companies, and the possibility of losing the number is high. This method will have hidden dangers, or it may be necessary to design a Web 3.0 user plan that can change the name. Finally, by expanding the name system of Web3, a user identity system in the Web3.0 was gradually established.
MiYou provides a name service similar to ENS. The current name product is MNS (MiYou Name Service), and has begun to upgrade the name service to a more powerful DID (decentralized identity). The DID SaaS system in development and design will provide name services with various rules and provide a user identity system for external project parties, communities and other organizations. The usual rules for the distribution of economic benefits are: 50% for the project owner, 35% for (DID Foundation), and 15% (technical service fee), and the fees received by the foundation will be converted into DID points and returned to users in accordance with the rules. The DID Foundation receives fees, more support and incentives to integrate and use DID services in more applications.
User Assets
Users in Web3.0 can have multiple asset attributes and multiple wallets for managing assets. In this way, not only can assets on different blockchains be managed, but different wallet types can also be established for different asset management needs. For example, for frequently used wallets, we only retain a small number of currency; for important, high-value assets, users can use a multi-signature wallet management and bind an authorized party of the multi-signature as a hardware wallet, or a Guardians who are more familiar with asset operations, thereby reducing the risk of losing important assets. This design structure can also produce rich asset management methods and combinations, thereby completing all one's asset management needs in Web3.0. Not just digital assets, but even digital carriers of physical assets.
The reputation of Web3.0 users
Users in Web3.0 also have user reputation issues. These reputations come from the decentralized world on the one hand, and the centralized world on the other hand. It includes some of our usual credibility indicators, such as personal connections, trustworthy records, behavioral accumulation, identity certificates, asset certificates, etc.
Decentralized reputation building requires a certain amount of time and collaboration with multiple parties. NFT, SBT and other technologies provided in blockchain technology will enable better labeling of user identities in the Web3.0, so that activities that can be carried out based on user identities will become more effective. The identification of names, the establishment of feature tags, the establishment of data areas and permission management in Web3.0 make user identities in the Web3.0 more complete.
Non-fungible NFTs have many important features, such as uniqueness, permanence, decentralization, and programmability. NFTs with special meanings are sent to users, which can have collection functions and become user identity tags. For example, these NFTs can represent proof of identity, proof of ability, proof of behavior, proof of workload, proof of contribution, proof of activity, and proof of products and services.
NFT applications and combinations in other segmented scenarios can also better complete the credibility construction of user identities. Many identity-related objects or reputations in the real world are suitable for minting into NFT, SBT and other forms, which can fully improve the user's identity in the Web3 world and at the same time help people in the real world prove themselves. For these needs, we provide a service capability that provides users' Web3 identity names, user reputation building, and virtual world asset management functions in a SaaS system, empowering institutions and Business users, and bringing users better into Web3. 0 world. This part of the work is in progress and has not yet entered the production stage.