Idea for public/private key encryption #29
Description
The ethmail FAQ gave me a good insight and brought me here. I'm doing research in this and try out technical concepts since some months and I, of course, hit my toe at the same issue.
Of course the security implications make this really hard, which is why I'm also still working on it. But please hear me out:
I try to work this around with a smart contract. There you can register a mapping between your wallet address and the public key into a mapping and exchange public keys between parties. I even think about creating a new wallet for every set of parties in a conversation (e.g. between Bob and Alice and between Bob James and Alice for multiple receivers or mailing lists) to keep the main wallet out of sight and ease security related measures. This is, because the wallet used for communication only is used by the conversation attendees and this doesn't touch your main wallet. The management of those related wallets might also make the public/private key management a lot easier (given that we can safely store/manage them inside the smart contract).
So the smart contract stores (keyed by msg.sender to prevent spying/tempering) all the mappings between the own wallet and the messaging (or exchange) wallets. Also the mails itself can be stored in the smart contract or at least the block height and transaction id. This should also make it possible to catch prior mails without parsing all transactions into the past.
I know there are still unanswered questions and I'm not sure if this will work out, but right now, this looks like a promising approach to me.
What do you think?