It is possible to send encrypted messages with attachments to Mail Service for further storing it in the Cardano blockchain.
Please, follow prerequisites and configuration steps.
To save transaction (with message and attachment), you will need:
-
gpg tool
-
User's public/private key pair that is generated and saved to local keychain
-
Purchased package at PSG Self Service UI
-
API Token - generated at PSG Self Service UI
-
Recipient public key is downloaded
-
Recipient's public key is added to local keychain
-
AWS IAM user and S3 bucket are configured
-
Create a new user or login with an existing one to Self Service UI
-
Add your email address, public PGP key on the PGP page and save
-
Form a message to send according to specific format
-
Encrypt message with recipient's public key (mandatory)
-
Encrypt attachment with recipient's public key
-
Sent email to recipient
-
Wait for reply message (with link to the file on AWS S3 and link to the transaction in Cardano Explorer)
In case of success, you will get a message in reply:
Your message EMAIL_SUBJECT Thu Apr 29 11:56:34 GMT 2021 was processed successfully.
Transaction: https://explorer.cardano.org/en/transaction?id=<transactionId>
Attachments:
http://aws_url/download/your_mail_com/96/test_attachment.txt
In case of failure, you will get the message in reply:
We could not process your message, subject: EMAIL_SUBJECT, sent date: Wed Apr 21 13:18:33 GMT 2021, please contact administrators.
- Download file from AWS S3 bucket if needed
API_TOKEN=your_api_token
METADATA=Some Test Metadata for Encrypted Message
S3_BUCKET=your_bucket_name
S3_REGION=your_bucket_region
S3_KEY=aws_user_access_key
S3_SECRET=aws_user_secret_key
PLAINTEXT_REPLY=true
BASE_URL=optional_custom_download_url
API_TOKEN - User token, generated at PSG Self Serve UI
METADATA - User message to be included in the transaction metadata (Optional).
Newline characters are not supported.
Use multiple METADATA fields in one message to conveniently add multiple lines of metadata
S3_BUCKET - AWS S3 bucket name
S3_REGION - AWS S3 region name for bucket
S3_KEY - AWS IAM user access key
S3_SECRET - AWS IAM user secret key
BASE_URL - Custom URL prefix for files saved on AWS S3 (Optional)
PLAINTEXT_REPLY - If set to true - response email will not be encrypted by the recipient key. Configured to false by default or if parameter is not specified. (Optional)
gpg --encrypt --sign --armor -u your@mail.com -r recipient@mail.com your_file.txt
gpg --encrypt --sign --armor -u your@mail.com -r recipient@mail.com your_attachment.txt
gpg --gen-key
Recommended algorithm for keys is RSA 4096-bit.
Do not forget to specify your email during key generation.
gpg --import recipient_public.key
Recipient addresses:
- robot-testnet@iog.services (for PSG Testnet Self Serve UI)
- robot@iog.services (for PSG Mainnet Self Serve UI)
Find public key by email using one of the following PGP Key Servers:
- If you configured public access for all - you can download the file by executing GET request URL from Mail Service response (e.g.from browser)
- If you set restricted access, you need to include a custom headers to download request:
curl -i -H "aws_key: your_key" -H "aws_secret: your_secret" -H "aws_region: bucket_region" https://psg.iog.services:2001/download/bucketname/path-to-file