Free, secure communications for everyone, powered by decentralized private identity.

Ubikom Project

Encrypted email service based on decentralized private identity.

The Project

With Ubikom project, you can communicate via email in a secure way, while using the existing email clients that you know and love.

All email within Ubikom ecosystem is encrypted and authenticated.

There are no accounts. You create and register your private key, your possession of the private key is your identity.

You can run your own server, or you can interact with the public server. If you chose the latter, you temporary delegate the authority to send and receive mail to the public proxy server. This delegation can be revoked at any time using your main private key.

You are also able to interact with the legacy email world using our gateway (coming up later).

Why?

Long ago, you were able to run your own email server, which gave you an easy way to communicate with the world. Now you have to use Google or Microsoft for the simple task of sending messages to each other. Your identity is controlled by those companies, not by you. We want to give the identity back to the user and make it decentralized and not controlled by any entity. Based on this, we want to re-imagine email which is secure, private, and simple. It should be trivial for everyone (and everything) to register a name and start communicating.

Getting the Binaries

As of now, you must run a few commands on your machine to generate the keys in a secure way.

You can get binaries by compiling the source, or by pulling the pre-built binaries. The former is recommended, since you can examine the code to make sure no funny business is taking place.

To compile the source, you must have Go and make installed.

To clone the repo, do:

git clone github.com/regnull/ubikom

Now build the binaries:

cd ubikom
make build

The binaries are placed in build directory, corresponding to your system (linux, windows or mac).

If you like to live dangerously, you can get the pre-build binaries by downloading the latest release from GitHub releases page.

Getting Started

The easiest way to get started is to use our easy setup binary. When you run it, the following things will happen:

  • The main private key is generated and saved under $HOME/.ubikom/key
  • The additional key is generated and saved under $HOME/.ubikom/email.key
  • The email key is registered as a child of the main key. This means that the email key has limited authorization, to send and receive mail only. The main key can disable it at any time.
  • Your chosen name is registered with the identity service
  • The public proxy service is registered as the place where you receive your email

So, let's go ahead and run the setup binary. It will prompt you for the name you would like to use, and password for the email key.

Your name is what other users will use to send you email. Think of it as joe in [email protected] - only without "@gmail.com" part. Your identity does not belong to any server, or domain. It belongs to you.

$ ./easy-setup
Enter the name you would like to use: bob
Enter new password: pumpkin123
16:29:40 DBG generating POW...
16:29:40 DBG POW found pow=571112bedeebe56f
16:29:41 INF main key is registered
16:29:41 DBG generating POW...
16:29:44 DBG POW found pow=1b2340cbaadd9630
16:29:44 INF email key is registered
16:29:44 DBG generating POW...
16:29:47 DBG POW found pow=6da1ab414fbed96b
16:29:47 INF key relationship is updated
16:29:47 DBG generating POW...
16:29:49 DBG POW found pow=43600cb932e19d40
16:29:49 INF name is registered
16:29:49 DBG generating POW...
16:29:52 DBG POW found pow=4e1d0e883508751e
16:29:52 INF address is registered

Use the following information in your email client:
User name: 78spGfDTj5s
Password: pumpkin123
POP and SMTP server address: alpha.ubikom.cc

It might take a few seconds - while registering keys, names, and addresses, the clients are required to compute Proof-of-Work for every request, to reduce spam and name squatting.

Notice the information printed at the end, you will need it to configure your email client.

Configure Your Email Client

Let's use Mozilla Thunderbird as an example, other email clients can be configured in a similar way.

Open Thunderbird and add new account:

Add account

Your name is whatever you choose.

Email address is bob@x. Remember, we don't want "@whatever" part, but the client expects it - so we put "@x" as a shortcut. Some stickler clients might not like it either, so you can also use [email protected] format.

The password is what you entered as a password when running easy-setup, in our case, pumpkin123.

Click "Continue". You will be presented with the next dialog:

Configure servers

Under INCOMING, enter the following:

  • "POP3" for protocol
  • "alpha.ubikom.cc" for server
  • "995" for port (the default)
  • "SSL/TLS" for SSL
  • "Normal password" for authentication
  • The user name printed by the simple-setup as username, in our case it's "78spGfDTj5s"

Under OUTGOING, enter the following:

  • "alpha.ubikom.cc" for server
  • "465" for port (the default)
  • "SSL/TLS" for SSL
  • "Normal password" for authentication
  • The user name printed by the simple-setup as username, in our case it's "78spGfDTj5s"

Click "Done".

Send a message to yourself (bob@x) to make sure everything works. You will be prompted for your password, enter the password you used when running easy-setup (in our case, pumpkin123).

Work in Progress

  • Generate keys via the web interface (but user will always have an option to generate the keys locally)
  • Email gateway
  • Decentralize the identity service

References and Other Similar Projects

Self-Sovereign Identity

Decentralized Identifiers (DID)

Sovrin - Global SSI

In Search of Self-Sovereign Identity Leveraging Blockchain Technology

The Path To Self-Sovereign Identity

EIDAS SUPPORTED SELF-SOVEREIGN IDENTITY

Blockchain and Digital Identity

SelfKey - SSI startup

Owner
Comments
  • I can not send mail to outlook/live mail servers

    I can not send mail to outlook/live mail servers

    I can not send mail to outlook/live mail servers.

    It is said:

    host outlook-com.olc.protection.outlook.com[104.47.22.161] said: 550 5.7.1 Unfortunately, messages from [3.21.133.245] weren't sent. Please contact your Internet service provider since part of their network is on our block list (S3140). You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. [DB8EUR06FT039.eop-eur06.prod.protection.outlook.com] (in reply to MAIL FROM command)

  • Certain messages cause proxy server to crash

    Certain messages cause proxy server to crash

    00:52:01 DBG reading messages prefix=message_1AfUuN7SRnm8o7ZieSeNZTh2ibjFj9exGK_1_ panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x8c pc=0x81d679]

    goroutine 107 [running]: github.com/emersion/go-imap.(*Message).formatItem(0xc000445500, {0xc0046f6370, 0xd}) /Users/regnull/go/pkg/mod/github.com/emersion/[email protected]/message.go:286 +0x339 github.com/emersion/go-imap.(*Message).Format(0xc000445500) /Users/regnull/go/pkg/mod/github.com/emersion/[email protected]/message.go:323 +0x33e github.com/emersion/go-imap/responses.(*Fetch).WriteTo(0xc000068900, 0xc0004f81e0) /Users/regnull/go/pkg/mod/github.com/emersion/[email protected]/responses/fetch.go:64 +0x85 github.com/emersion/go-imap/server.(*response).WriteTo(0xc000494258, 0xc62d20) /Users/regnull/go/pkg/mod/github.com/emersion/[email protected]/server/conn.go:130 +0x29 github.com/emersion/go-imap/server.(*conn).writeAndFlush(0xc002280a80, {0xc633a0, 0xc000494258}) /Users/regnull/go/pkg/mod/github.com/emersion/[email protected]/server/conn.go:208 +0x35 github.com/emersion/go-imap/server.(*conn).send(0xc002280a80) /Users/regnull/go/pkg/mod/github.com/emersion/[email protected]/server/conn.go:232 +0x227 created by github.com/emersion/go-imap/server.newConn /Users/regnull/go/pkg/mod/github.com/emersion/[email protected]/server/conn.go:111 +0x352

  • Some messages are not delivered from the external mailing list

    Some messages are not delivered from the external mailing list

    Mail log:

    Sep 17 13:37:32 mail postfix/qmgr[135319]: E6E023E993: from=[email protected], size=6108, nrcpt=1 (queue active) Sep 17 13:37:32 mail postfix/pipe[684563]: E6E023E993: to=[email protected], orig_to=[email protected], relay=ubikomtransport, delay=0.12, delays=0.07/0/0/0.04, dsn=2.0.0, status=sent (delivered via ubikomtransport service ([90m13:37:32[0m [33mDBG[0m connecting to lookup service [36murl=[0malpha.ubikom.cc:8825)) Sep 17 13:37:32 mail postfix/qmgr[135319]: E6E023E993: removed

    But there is no record in the receiver log.

  • Gateway fails to deliver message

    Gateway fails to deliver message

    When message is sent from an external sender in response to an internal message:

    [email protected] (expanded from [email protected]): Command died with status 1: "/home/ubuntu/ubikom/ubikom-gateway". Command output: [90m15:38:08[0m [33mDBG[0m connecting to lookup service [36murl=[0malpha.ubikom.cc:8825 [90m15:38:08[0m [33mDBG[0m sending mail [36mreceiver=[[email protected] [90m15:38:08[0m [1m[31mFTL_[0m_[0m failed to send message [31merror=[0m_[31m"failed to get receiver public key: rpc error: code = InvalidArgument desc = invalid name"_[0m

    Looks like it pulls a wrong key (for [email protected]).

  • Add an alternative domain that is shorter than

    Add an alternative domain that is shorter than "ubikom"

    Hello! Protonmail has "pm" as an alternative domain, available for all users. Would something similar be possible for Ubikom? It's quite a mouthful to spell out over the phone, for example.

  • Possible consistent error while reading messages

    Possible consistent error while reading messages

    Triggered by iOS Mail:

    01:54:22 DBG [IMAP] <- ListMessages mailbox=INBOX user=1AfUuN7SRnm8o7ZieSeNZTh2ibjFj9exGK 01:54:22 DBG ListMessages params items=["BODYSTRUCTURE","BODY.PEEK[HEADER]","UID"] mailbox=INBOX seqset={"Set":[{"Start":1402,"Stop":1402}]} uid=true user=1AfUuN7SRnm8o7ZieSeNZTh2ibjFj9exGK 01:54:22 DBG reading messages prefix=message_1AfUuN7SRnm8o7ZieSeNZTh2ibjFj9exGK_1_ 01:54:22 ERR error fetching message error="unexpected EOF" 01:54:22 DBG messages returned count=0 mailbox=INBOX user=1AfUuN7SRnm8o7ZieSeNZTh2ibjFj9exGK 01:54:22 DBG [IMAP] -> ListMessages mailbox=INBOX user=1AfUuN7SRnm8o7ZieSeNZTh2ibjFj9exGK

  • Patch emersion/go-message package to handle additional charsets

    Patch emersion/go-message package to handle additional charsets

    ... to fix the following errors, among others:

    01:33:35 ERR failed to create email entity error="unknown charset: unknown charset: message: unhandled charset "ascii"" 01:33:35 ERR failed to create email entity error="unknown charset: unknown charset: message: unhandled charset "iso-8859-1"" 01:33:35 ERR failed to create email entity error="unknown charset: unknown charset: message: unhandled charset "windows-1252""

  • Allow larger emails

    Allow larger emails

    02/25 15:53:31 ERR failed to send message error="failed to send message: rpc error: code = ResourceExhausted desc = grpc: received message larger than max (27376392 vs. 4194304)"

Identity-service - An OAuth2 identity provider that operates over gRPC

Identity-service - An OAuth2 identity provider that operates over gRPC

May 2, 2022
Identity - An OAuth2 identity provider that operates over gRPC

Otter Social > Identity Provider An OAuth2 identity provider that operates over

May 2, 2022
Parallel Digital Universe - A decentralized identity-based social network

Parallel Digital Universe Golang implementation of PDU. What is PDU? Usage Development Contributing PDU PDU is a decentralized identity-based social n

Nov 20, 2022
GoStorm is a Go library that implements the communications protocol required to write Storm spouts and Bolts in Go that communicate with the Storm shells.

gostorm godocs GoStorm is a Go library that implements the communications protocol required for non-Java languages to communicate as part of a storm t

Sep 27, 2022
Osin-example - Example of a identity provider powered by OAuth 2.0 in Golang

go mod init github.com/bartmika/osin-example go get github.com/google/uuid go get github.com/rs/cors go get github.com/spf13/cobra go get github.com/g

Jan 5, 2022
BTFS - The First Scalable Decentralized Storage System - A Foundational Platform for Decentralized Applications

go-btfs What is BTFS? BitTorrent File System (BTFS) is a protocol forked from IPFS that utilizes the TRON network and the BitTorrent Ecosystem for int

Jan 1, 2023
Identity & Access Management simplified and secure.
Identity & Access Management simplified and secure.

IAM Zero Identity & Access Management simplified and secure. ?? Get Started | ?? Support What is IAM Zero? IAM Zero detects identity and access manage

Dec 30, 2022
go-fastdfs 是一个简单的分布式文件系统(私有云存储),具有无中心、高性能,高可靠,免维护等优点,支持断点续传,分块上传,小文件合并,自动同步,自动修复。Go-fastdfs is a simple distributed file system (private cloud storage), with no center, high performance, high reliability, maintenance free and other advantages, support breakpoint continuation, block upload, small file merge, automatic synchronization, automatic repair.(similar fastdfs).
go-fastdfs 是一个简单的分布式文件系统(私有云存储),具有无中心、高性能,高可靠,免维护等优点,支持断点续传,分块上传,小文件合并,自动同步,自动修复。Go-fastdfs is a simple distributed file system (private cloud storage), with no center, high performance, high reliability, maintenance free and other advantages, support breakpoint continuation, block upload, small file merge, automatic synchronization, automatic repair.(similar fastdfs).

中文 English 愿景:为用户提供最简单、可靠、高效的分布式文件系统。 go-fastdfs是一个基于http协议的分布式文件系统,它基于大道至简的设计理念,一切从简设计,使得它的运维及扩展变得更加简单,它具有高性能、高可靠、无中心、免维护等优点。 大家担心的是这么简单的文件系统,靠不靠谱,可不

Jan 8, 2023
Secure, private and feature-rich CLI password manager
Secure, private and feature-rich CLI password manager

Kure Kure is a free and open-source password manager for the command-line. This project aims to offer the most secure and private way of operating wit

Nov 17, 2022
Monero: the secure, private, untraceable cryptocurrency
Monero: the secure, private, untraceable cryptocurrency

Monero Copyright (c) 2014-2021 The Monero Project. Portions Copyright (c) 2012-2013 The Cryptonote developers. Table of Contents Development resources

Jan 2, 2023
Muxie is a modern, fast and light HTTP multiplexer for Go. Fully compatible with the http.Handler interface. Written for everyone.
Muxie is a modern, fast and light HTTP multiplexer for Go. Fully compatible with the http.Handler interface. Written for everyone.

Muxie ?? ?? ?? ?? ?? ?? Fast trie implementation designed from scratch specifically for HTTP A small and light router for creating sturdy backend Go a

Dec 8, 2022
Group peer to peer video calls for everyone written in Go and TypeScript

Peer Calls v4 WebRTC peer to peer calls for everyone. See it live in action at peercalls.com. The server has been completely rewriten in Go and all th

Dec 30, 2022
Go Services for everyone :-)

Go Training Service Purpose The purpose of this project is to allow participants of the Go training sessions to have a hands-on experience, developing

Oct 29, 2022
The gotgbot template everyone should use.

gotgbot Template A simple and extendable template for gotgbot. Features The template has a clean, maintainable and extendable structure that makes bui

Feb 24, 2022
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Minify and Secure Docker containers (free and open source!) Don't change anything in your Docker container image and minify it by up to 30x making it

Dec 27, 2022
Fast, secure and efficient secure cookie encoder/decoder

Encode and Decode secure cookies This package provides functions to encode and decode secure cookie values. A secure cookie has its value ciphered and

Dec 9, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Jan 9, 2023
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Jan 6, 2023
Pomerium is an identity-aware access proxy.

Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access cont

Jan 1, 2023
Boundary enables identity-based access management for dynamic infrastructure.
Boundary enables identity-based access management for dynamic infrastructure.

Boundary Please note: We take Boundary's security and our users' trust very seriously. If you believe you have found a security issue in Boundary, ple

Jan 9, 2023