Get help with c.Email

Search for the articles here or browse the categories below.

Browse by topic

Find guides, tutorials, and answers organised by category.

Popular articles

What other people are reading right now.

Overview

The C-layer

The C-layer is our blockchain. For c.Email, it’s where we publish your public encryption key and public verification key. These are public so that you don’t need to exchange them with all your chosen recipients before sending them an email (your decryption key, on the other hand, will always be private and stored only on your device). They are published anonymously – and because they are published on-chain, they cannot be tampered with.  Your private decryption key is stored on your device only, so only you can decrypt the emails you receive. 

Overview

End-to-end encryption

c.Email protects your emails with end-to-end encryption, a highly secure communication process that ensures only the sender and recipient of an email can read it.  Emails are encrypted on your device before sending, remain encrypted in transit, and are only decrypted on the recipient’s device. Nothing is ever stored, encrypted, or decrypted on our servers. This means no-one else can read your emails: not your email provider, and not us, even if we wanted to.  The c.Email encryption protocol uses ML-KEM. This is a post-quantum secure system, which means it’s designed to resist attacks even from hypothetically powerful computers in the future.  We encrypt your emails’ body and attachments, but not their recipient addresses or subject lines. This is to ensure you can search your entire email archive, rather than only emails stored locally.

Setup

Connecting your email address

To get started with c.Email, choose the existing email address you’d like to connect. You’ll be automatically prompted to log in via your email provider’s portal. 

Setup

Downloading and installing

You can download the c.Email iOS app via the App Store, and the Android app via the Google Play Store. c.Email is also available via Chrome extension, which you can install via the Chrome Web Store. 

Setup

Proving your identity

Next, create your decentralised identity document (DID) by completing our quick, one-time identity check. You’ll need to do this to send encrypted and authenticated emails, because c.Email signs emails with your DID to prove to your recipients that you are who you say you are.  To do this, scan your ID’s photo page and NFC chip (either on the front or back of your passport) when prompted, then pass our liveness check. You can skip this step and do it later, but you’ll need to complete it to send Secure or For Your Eyes Only emails.  You can use a passport or national identity card to prove your identity, as long as it contains a biometric chip. This is because we need to read the data in this chip to store cryptographic proofs of your identity attributes. You can use an expired ID to prove your identity and send authenticated emails in c.Email – however, some future features may require you to have an in-date ID.  Once you have confirmed your identity, we link your email address to your public verification key and public encryption key via a smart contract executed on our blockchain (the C-layer). When you send or receive an email, c.Email corresponds with the C-layer to retrieve the relevant public key to encrypt or authenticate it. Your private decryption key remains on your device at all times. 

Overview

Authentication and decentralised identity documents (DIDs)

c.Email uses decentralised identity documents (DIDs) to encrypt and sign your emails. Your DID includes your public encryption and verification keys to allow for this, and is created when you verify your identity – this is how emails can be authenticated with verified sender names.