poztter.org

component · 0x0030 / 0x0031

Email Zone.

All components · Service Zone

The Email Zone defines GUID-addressed inboxes for POZ mail. Names are sugar for humans; the protocol only uses GUIDs. Each inbox has its own end-to-end encryption key and references a service entry that knows where the mail servers are.

GUID addressing

Every inbox has a 16-byte random GUID and a human-readable name ("Inbox", "Support", "Newsletter"). The messaging protocol only ever addresses inboxes by GUID. This:

end-to-end encryption

Each inbox declares an X25519 encryption key (referenced from the Public Key Map). Senders encrypt to that key; only the holder of the corresponding private key can read. The mail server stores ciphertext, never plaintext.

message types

TypeTokenUse case
SINGLEFire and forget
SINGLE_REPLYcreatedBack-and-forth conversation
ONGOINGsubscriptionRepeated delivery (newsletter, alerts)
REPLYexistingReply with conversation chain
FORWARDForward with embedded originals

Tokens are how a recipient revokes future mail without revealing private state. Cancel a subscription token, and that sender's ongoing messages stop being accepted. Cancel a single-reply token, and the conversation ends.

verifiable conversations

Replies include a conversation chain — a list of message hashes linking back through the full conversation. Forwarded messages embed the original chain. The recipient can verify every message back to the original senders' POZ identities, end to end. There is no way to splice a forged message into the middle of a conversation.

ALICE BOB CAROL (forwarded) M1 · "Re: lunch?" prev: ∅ hash: 0x4a… M2 · "Sure, 12?" prev: 0x4a… hash: 0x8b… M3 · "Confirmed" prev: 0x8b… hash: 0xc7… forward to Carol M4 · forwarded embedded chain: M1 · 0x4a… M2 · 0x8b… M3 · 0xc7… new hash: 0xf1… Carol can verify every message back to Alice's original signature.
fig 01 · each reply carries the previous message's hash. Forwarded threads embed the chain. Splicing a forged message anywhere would invalidate every subsequent hash.

where mail lives

The inbox entry references a service in the Service Zone by hash. That service entry lists the mail servers — same pool / priority / weight model as everything else. Migrating mail providers means publishing a new service entry; existing senders see the change because the service hash changes.

see also