Overview

3 articles c.Email Support By c.Email Support

What c.Email does and the key building blocks of our system.

End-to-end encryption

c.Email protects your emails with end-to-end encryption, a highly secure communication process that ensures only the sender and recipient of an email can read it.  Emails are encrypted on your device before sending, remain encrypted in transit, and are only decrypted on the recipient’s device. Nothing is ever stored, encrypted, or decrypted on our servers. This means no-one else can read your emails: not your email provider, and not us, even if we wanted to.  The c.Email encryption protocol uses ML-KEM. This is a post-quantum secure system, which means it’s designed to resist attacks even from hypothetically powerful computers in the future.  We encrypt your emails’ body and attachments, but not their recipient addresses or subject lines. This is to ensure you can search your entire email archive, rather than only emails stored locally.

Authentication and decentralised identity documents (DIDs)

c.Email uses decentralised identity documents (DIDs) to encrypt and sign your emails. Your DID includes your public encryption and verification keys to allow for this, and is created when you verify your identity – this is how emails can be authenticated with verified sender names. 

The C-layer

The C-layer is our blockchain. For c.Email, it’s where we publish your public encryption key and public verification key. These are public so that you don’t need to exchange them with all your chosen recipients before sending them an email (your decryption key, on the other hand, will always be private and stored only on your device). They are published anonymously – and because they are published on-chain, they cannot be tampered with.  Your private decryption key is stored on your device only, so only you can decrypt the emails you receive.