near.email

Overview

near.email is a blockchain-native email service that gives every NEAR account holder an automatic email address. If your account is alice.near, your email is [email protected]. No passwords to remember, no registration forms to fill out—just connect your wallet and you’re ready to send and receive emails with anyone, including traditional email services like Gmail and Outlook.

How It Works

Your NEAR wallet is your identity. When you sign a transaction, you prove ownership of your account, and only then can the system decrypt your emails. Every email is encrypted using ECIES (Elliptic Curve Integrated Encryption Scheme) with a key derived from your NEAR account. The encryption happens instantly when emails arrive and the plaintext is immediately deleted—only encrypted data ever touches storage.

Security Architecture

near.email runs inside a Trusted Execution Environment (TEE) powered by Intel TDX—a hardware-isolated enclave that even the server operators cannot access. Every API request returns a cryptographic attestation proving that the exact published code processed your request. This means you don’t have to trust anyone; you can verify.

Encryption keys are derived through NEAR Chain Signatures, a decentralized Multi-Party Computation (MPC) network run by independent validators including Pagoda, Luganodes, and InfStones. The full private key never exists in one place—validators jointly sign using threshold cryptography. The network is expanding to 40+ nodes with 27 required for any signature, making compromise practically impossible.

What Makes It Different

Unlike traditional email services where providers can read your messages, or even privacy-focused services like ProtonMail where you must trust their servers, near.email provides cryptographic proof of its security. The server cannot read email content, subject lines, or attachments—only metadata like sender addresses and timestamps is visible, similar to standard email.

There’s no password to steal or phish. Your NEAR wallet keys never leave your device. If someone gained physical access to the server, they would find only useless encrypted blobs. Government subpoenas can only retrieve encrypted data that cannot be decrypted without your wallet.

Technical Details

The service operates in two modes:

  • Blockchain Mode: Sign each request with your wallet and pay minimal gas fees (~0.001 NEAR per operation)
  • HTTPS Mode: Use a Payment Key from OutLayer Dashboard for faster operations with larger attachment support (up to 18 MB downloads versus 1.1 MB in blockchain mode)

Both modes maintain identical security guarantees through TEE protection. near.email is built on NEAR Outlayer, a platform for verifiable off-chain computation with TEE attestation. The WASI module source code is open source and can be audited. A typical cost of ~$0.001 per operation means a dollar balance can handle hundreds of emails.

Trust Model

What you trust:

  • Intel TDX hardware (audited by Google and Microsoft security teams)
  • NEAR MPC Network of independent validators
  • Open source code verifiable via attestation
  • Standard cryptographic algorithms (ECIES, AES-GCM)

What you don’t need to trust: operators, hosting provider, or database administrators.

To compromise the system, an attacker would need to:

  • Break Intel TDX (no known practical attack exists), or
  • Simultaneously compromise 27+ of 40 geographically distributed validators, or
  • Break Bitcoin-level cryptography, or
  • Steal your personal wallet keys

Links

🌐 Website: https://near.email

📖 Documentation: https://near.email/docs

⚙️ Platform: https://outlayer.fastnear.com

Updated: February 3, 2026

3
Category: infrastructure
Official website Tweets by near.email Github

Love the project?


To leave a comment you should to:




Scroll to Top