Andrew Milich / 2.26.2022Home / guides

What's decentralized email?

Decentralized email: Private, encrypted, and owned by you.
Graph of decentralized identity and communication products.
Curious about decentralized email? This article walks through this new communication protocol and how it works. After explaining the technical protocols governing traditional email, and explaining how email providers leverage new technology in encryption, privacy, and scalability, this blog discusses what decentralized email is and how you can use it.At its most basic sense, email already is decentralized: It represents a combination of protocols, specifications, and DNS records that providers use to manage billions of messages and email accounts around the world. However, with the advent of new technology, such as crypto wallets, end-to-end encryption, and decentralized storage, email is due for reinvention. Below, we start with a brief overview on email’s protocols, including SMTP and DNS records. Then, we’ll cover the basics in email security. Finally, this article covers some of the open-source protocols, projects, and technologies you can use to leverage decentralized email today.

How does email work?

Email is a system for exchanging messages between computers. Email messages are sent and received using a protocol called Simple Mail Transfer Protocol (SMTP). Email is typically used to send and receive text-based messages, but it can also be used to send and receive other types of files, such as images and documents. When you send an email message, it is first sent to an email server. This server is responsible for routing the message to the correct email server for the recipient's email address using MX DNS records, which specify how mail should be routed to a particular server.The message is subsequently stored on the recipient's email server until the recipient retrieves it. In the early days of email Email servers communicate with each other using a protocol called DNS, or Domain Name System. DNS is responsible for translating human-readable domain names (such as into the IP addresses that computers use to communicate with each other. When you send an email message, your computer looks up the DNS record for the recipient's email server. It then sends the message to the IP address that is associated with that DNS record. The recipient's email server then looks up the DNS record for your email server, and sends the message to the IP address that is associated with that DNS record. Subsequently, using an email provider or your own email system (and another email transfer protocol, like IMAP), you will be able to authenticate and download the message. The process of sending and receiving email is complex - largely because the protocol is highly distributed and decentralized, allowing anyone with a server connected to the internet to run one of millions of nodes in the global email network.

Email encryption and privacy

Email encryption represents one critical part of decentralized email: Without encryption, your data, now distributed around the world, would be readable by anyone. Beyond simply decentralization, there are a number of reasons why you may want to encrypt emails. For example, you may need to send confidential information that you do not want to be seen by anyone else - common practices in the legal, medical, financial services, and other profession. Or, you may be concerned about the security of your email account and want to make sure that their messages cannot be read if your account is hacked, or if your email service provider suffers a data breach or a cyberattack. For example, you may need to access a secure email account while traveling around the world. In this blog, we share further good practices for using email securely for individuals and businesses.Email security has evolved from older techniques, including PGP and S/MIME, to more sophisticated schemes, including end-to-end encryption. One initially method is to use Pretty Good Privacy (PGP), which is a software program that can be used to encrypt and decrypt email. PGP uses a public key system, which means that each individual needs two keys to send and receive encrypted email: A public key that is shared with others, and a private key that is known only to the individual. In order to encrypt a message, the sender uses a recipient’s public key. The message can then only be decrypted by the recipient using their private key.Another way to encrypt email is to use S/MIME (Secure/Multipurpose Internet Mail Extensions), which is a standard that is built into some email programs. S/MIME uses a different approach to encryption, known as symmetric key encryption. With this method, the sender and recipient share the same key, which is used to encrypt and decrypt the message.

Decentralized storage

Reliable and inexpensive decentralized storage is an incredibly recent innovation in the internet, largely driven by technological developments in Web3, blockchains, and encryption. Today, decentralized email providers can leverage decentralized storage mechanisms to ensure your data is widely accessible, distributed around the world, and censorship resistance. Three of the most popular decentralized storage networks are IPFS, Arweave, and Storj.
IPFS (InterPlanetary File System) is a decentralized, peer-to-peer file system that allows for the storage and sharing of files across a distributed network. IPFS is similar to other file sharing systems, such as BitTorrent, but with some key differences. One of the key advantages of IPFS is that it is decentralized, meaning that there is no central server that stores all of the files. Instead, each file is stored on a network of computers, and anyone can access the files as long as they are connected to the network. This makes IPFS more resilient to attacks and censorship, as there is no central point of failure. Additionally, IPFS is designed to be more efficient than other file sharing systems, as it only needs to download the parts of a file that have changed, rather than the entire file.
Arweave is a decentralized data storage network that offers permanent, tamper-proof data storage for the entire Internet. The network is powered by a new blockchain technology that allows users to store data in a way that is both secure and efficient. Arweave is designed to be a permanent, decentralized data store that is available to anyone in the world. The network is powered by a new blockchain technology that allows users to store data in a way that is both secure and efficient. Arweave is the perfect solution for data storage needs that are currently not being met by centralized solutions, and is also designed to provide censorship resistance and high reliability.
Storj is a decentralized storage platform designed to be secure, efficient, and affordable. The Storj network is made up of nodes, which are computers serving as Storj data providers. When a user uploads a file to the Storj network, it is encrypted and split into pieces. These pieces are then sent to different nodes in the network. The nodes store the pieces and earn $STORJ tokens for doing so. When a user wants to download their file, the nodes retrieve the pieces and send them back to the user. The Storj platform is designed to be secure, efficient, and affordable.
All decentralized storage platforms maintain different token economic models to function; for more information on these decentralized storage providers, read our blog on decentralized storage. Backing up data to one of these storage platforms is a key feature for a truly decentralized email provider. However, for this feature to work effectively, data must be encrypted, or email and user data may unintentionally be exposed to the public cloud.

Decentralized identity

Decentralized identity also underpins decentralized email by empowering consumers to own their own identity via private keys, seed phrases, and crypto wallets. Decentralized identity is a system where individuals or organizations can control their own data and identities, without relying on a central authority, such as Google or Microsoft, to manage their accounts, permissions, and other settings. This means that users can create and manage their own digital identity, without having to go through a third party. Decentralized identities may be connected to a particular blockchain, such as how the Ethereum Naming Service represents a decentralized autonomous organization that governs assigning human-readable names (such as skiff.eth) to Ethereum addresses.Unlike signing up for Gmail or Yahoo, where a centralized service governs your account and identity, you own your crypto or decentralized identity via a private key or seed phrase that you never share. This identity is also portable across use cases and apps, from a decentralized email provider and naming service, to a DeFi application or marketplace.

Decentralized email

Decentralized email rests at the nexus of decentralized storage, identity, encryption, and privacy. On the identity layer, no centralized provider governs a user’s username or identity. For example, a user may sign in with an Ethereum wallet, control their identity using a naming service (such as ENS or Bonfida on Solana), and have access to a set of private keys for encrypting and signing data.All data on a decentralized platform must be end-to-end encrypted. With decentralized identity integrations, all users have access to private keys, which can be used for encrypting and authenticating data, thereby preventing hackers from accessing, tampering with, or spoofing email content. As a result, information can be securely shared among users, without a centralized party having any way to access email content, subject lines, or any other personally identifying information. This model is the complete opposite of traditional email, wherein a provider (Gmail, Yahoo, Hotmail, or Outlook) maintains access to all email accounts, even at the risk of disabling accounts, censoring data, or removing users from a particular platform.Finally, when looking for a decentralized email provider, we also highly encourage reviewing the provider’s privacy policy. This will help you determine whether the policy is protecting your personal information in the way that you want it to be protected. Here are some tips for reading a privacy policy:
  1. Pay attention to the types of information that are being collected. This includes both personal and non-personal information.
  2. Find out how the information is being used. Is it being used for marketing purposes? Is it being shared with third-party companies?
  3. Determine who has access to your information. This includes both the company itself and any third-party companies that it may be sharing your information with.
  4. Make sure that you understand the opt-out options that are available to you. This includes the ability to opt-out of having your information shared with third-party companies.
  5. Review the security measures that are in place to protect your information. This includes both physical and electronic security measures.
  6. Keep in mind that privacy policies can change over time. Make sure that you review the policy on a regular basis to make sure that it is still protecting your personal information in the way that you want it to be protected.

Skiff Mail - Private, end-to-end encrypted, decentralized email

Skiff Mail is an open source, Web3-native email product that integrates with decentralized storage (currently IPFS, as discussed above), crypto wallets (including MetaMask and Solana), and with traditional email providers. Skiff Mail is fully integrated with the Skiff ecosystem of products, including Skiff Pages and Skiff Drive, which enable real-time collaboration, file upload, sharing, and team collaboration in workspaces.

Join the community

Become a part of our 1,000,000+ community and join the future of a private and decentralized internet.

Free plan • No card required