Anti-spam Chrome extension to send and receive verifiably human emails.
When you send an email, you need to sign it with your Worldcoin Email signature. This signature is a proof that you are a human, and not a bot. The signature is generated by Worldcoin ID, and is unique to a human, but not identifiable.
Developed by Aleksey Bykhun (@caffeinum) and @poolsar42 for ETHGlobal Waterloo
- Login into https://worldcoinemail.org
- Install Chrome extension here
- Visit https://worldcoinemail.org/auth if not opened automatically
- Send an email, and it will be sent with a Worldcoin Email signature
When you receive an email from someone else, same Chrome extension will verify the signature, and if it is valid, the email will be delivered to your inbox. If the signature is invalid, the email will be delivered to your spam folder.
Worldcoin ID is impossible to correlate between users. We only store unique user ID provided by Worldcoin (nullifier hash), and a hash of each email sent. Neither recipient nor we have any way to identify user identity, read his emails or correlate his from
addresses.
Chrome extension ONLY shares email hash under user unique WorldID session.
Spam in email. Allow people to verify that message was sent by a real person, and attach a reputation to that person
Non-users benefit from the same feature, seeing signature + verification link in the footer + reputation score for that sender at that link
- Chrome extension
- Adds “Sign message” to Compose view at Gmail
- Adds “Verified” checkmark in List view in your Inbox
- Creates a folder out of verified messages
- Frontend
- Sign in w/ World ID page
- Verify Email
- Downvote/Unsubscribe/Report/Block page
- Backend
- Sign in and Sign up, save user info to db
- Send Email, save nonce + email hash for each user
- Verify Email, by hash return whether the email was indeed sent by given sub (user id)
- ? Report/Unsubscribe, add downvote/block FROM user TO user, only allowed from signed in users
- ? Report, open endpoint, anyone can add downvote for a specific user id, but this data is not incorporated directly into blocking system
- GET
/api/user/:sub
returns json with user reputation for a specific user id - POST
/api/auth
standard OAuth flow, saves user into db or logs in after successful auth
- GET
/api/email/:hash/verify
returns whether this hash is in the DB and whether specific user did send it - POST
/api/email/:hash/:nonce/send
creates Email, only email hash and nonce is required - ? PUT
/api/email/:hash/report
adds ReputationStrike (from specific user, to user)
This is a Next.js project bootstrapped with create-next-app
.
First, run the development server:
npm run dev
# or
yarn dev
# or
pnpm dev
Open http://localhost:3000 with your browser to see the result.
You can start editing the page by modifying app/page.tsx
. The page auto-updates as you edit the file.
This project uses next/font
to automatically optimize and load Inter, a custom Google Font.
To learn more about Next.js, take a look at the following resources:
- Next.js Documentation - learn about Next.js features and API.
- Learn Next.js - an interactive Next.js tutorial.
You can check out the Next.js GitHub repository - your feedback and contributions are welcome!
The easiest way to deploy your Next.js app is to use the Vercel Platform from the creators of Next.js.
Check out our Next.js deployment documentation for more details.