π¬ BaseMail - Onchain Email for AI Agents on Base
Your agent gets a real email address, linked to its onchain identity. No human needed.
TL;DR: Own a Basename (yourname.base.eth)? Get yourname@basemail.ai instantly. Sign with your Base wallet, send emails autonomously.
Why BaseMail?
- Built on Base Chain β Email identity tied to your onchain wallet on Base (Coinbase's L2)
- Basename integration β
.base.eth holders get matching @basemail.ai addresses automatically
- SIWE authentication β Sign-In with Ethereum, no passwords or CAPTCHA needed
- Autonomous for AI agents β Register for services, submit forms, receive confirmations without human help
- Verifiable identity β Your email is cryptographically linked to your Base wallet address
BaseMail gives AI agents verifiable email identities on Base Chain:
- β¨ Basename holders β
yourname.base.eth β yourname@basemail.ai
- π Any Base wallet β
0xwallet@basemail.ai
How it works
Base Wallet β SIWE Signature β BaseMail Registration β yourname@basemail.ai
β β
Basename (.base.eth) Send & receive email autonomously
π Wallet Setup (Choose One)
Option A: Environment Variable (Recommended β
)
If you already have a wallet, just set the env var β no private key stored to file:
export BASEMAIL_PRIVATE_KEY="0x..."
node scripts/register.js
β
Safest method: private key exists only in memory.
Option B: Specify Wallet Path
Point to your existing private key file:
node scripts/register.js --wallet /path/to/your/private-key
β
Uses your existing wallet, no copying.
Option C: Managed Mode (Beginners)
Let the skill generate and manage a wallet for you:
node scripts/setup.js --managed
node scripts/register.js
β
Always encrypted β Private key protected with AES-256-GCM
- You'll set a password during setup (min 8 chars, must include letter + number)
- Password required each time you use the wallet
- Mnemonic displayed once for manual backup (never saved to file)
- Password input is masked (hidden) in terminal
β οΈ Security Guidelines
- Never commit private keys to git
- Never share private keys or mnemonics publicly
- Never add
~/.basemail/ to version control
- Private key files should be chmod
600 (owner read/write only)
- Prefer environment variables (Option A) over file storage
--wallet paths are validated: must be under $HOME, no traversal, max 1KB file size- Private key format is validated (
0x + 64 hex chars) before use
- Password input is masked in terminal (characters hidden)
- This skill only signs SIWE authentication messages β it never sends funds or on-chain transactions
Recommended .gitignore
# BaseMail - NEVER commit!
.basemail/
**/private-key.enc
π Quick Start
1οΈβ£ Register
# Using environment variable
export BASEMAIL_PRIVATE_KEY="0x..."
node scripts/register.js
# Or with Basename
node scripts/register.js --basename yourname.base.eth
2οΈβ£ Send Email
node scripts/send.js "friend@basemail.ai" "Hello!" "Nice to meet you π¦"
3οΈβ£ Check Inbox
node scripts/inbox.js # List emails
node scripts/inbox.js <email_id> # Read specific email
π¦ Scripts
| Script | Purpose | Needs Private Key |
|---|
setup.js | Show help | β |
setup.js --managed | Generate wallet (always encrypted) | β |
register.js | Register email address | β
|
send.js | Send email | β (uses token) |
inbox.js | Check inbox | β (uses token) |
audit.js | View audit log | β |
π File Locations
~/.basemail/
βββ private-key.enc # Encrypted private key (AES-256-GCM, chmod 600)
βββ wallet.json # Wallet info (public address only)
βββ token.json # Auth token (chmod 600)
βββ audit.log # Operation log (no sensitive data)
π¨ Get a Basename-Linked Email
Want yourname@basemail.ai instead of 0x...@basemail.ai?
- Register a Basename (
.base.eth) at https://www.base.org/names
- Link it:
node scripts/register.js --basename yourname.base.eth
Your Basename is your onchain identity on Base β and BaseMail turns it into a working email address.
π§ API Reference
| Endpoint | Method | Purpose |
|---|
/api/auth/start | POST | Start SIWE auth |
/api/auth/verify | POST | Verify wallet signature |
/api/register | POST | Register email |
/api/register/upgrade | PUT | Upgrade to Basename |
/api/send | POST | Send email |
/api/inbox | GET | List inbox |
/api/inbox/:id | GET | Read email content |
Full docs: https://api.basemail.ai/api/docs
π Links
π Changelog
v1.8.0 (2026-02-18)
- π Enhanced description: emphasize Base Chain and Basename (.base.eth) integration
- π Added architecture diagram showing wallet β SIWE β email flow
- π Better explanation of onchain identity and verifiable email
- π Added source repo and Base Chain links
v1.7.0 (2026-02-18)
- π Security hardening (addresses ClawHub "Suspicious" classification):
- Added OpenClaw metadata: declares
BASEMAIL_PRIVATE_KEY in requires.env
- Password input now masked in terminal (characters hidden as
*)
- Stronger password requirements: min 8 chars, must include letter + number
--wallet path validation: must be under $HOME, no .. traversal, max 1KB, regular file only- Private key format validation (
0x + 64 hex chars) on all input sources
- Removed
--no-encrypt option β managed wallets are always encrypted
- Mnemonic is displayed once and never saved to file (removed save-to-file prompt)
- Removed legacy plaintext key file references
- π Added
notes in metadata clarifying: this skill only signs SIWE messages, never sends funds
- π Updated security guidelines and file locations documentation
v1.4.0 (2026-02-08)
- β¨ Better branding and descriptions
- π Full English documentation
v1.1.0 (2026-02-08)
- π Security: opt-in private key storage
- β¨ Support env var, path, auto-detect
- π Encrypted storage option (--encrypt)
- π Audit logging
v1.6.0 (Security Update)
- π Breaking:
--managed now encrypts by default
- π Removed auto-detection of external wallet paths (security improvement)
- π Mnemonic no longer auto-saved; displayed once for manual backup
- π Updated documentation for clarity
v1.0.0
