A Solidity library to efficiently verify DKIM signatures:
- Supports
rsa-sha1
andrsa-sha256
signature algorithms - Implements both canonicalization algorithms (
simple
,relaxed
) - Gas costs less than 100 thousand
- Includes email parser library & demo website
- Tested on Gmail, iCloud, Outlook, Protonmail and Yahoo
The goal is to verify DKIM signatures using solidity in a secure, private and economical way.
We achieve that by parsing the raw email off-chain in the user's client, and then running the verification on-chain. This ensures that the email gets securely verified while keeping gas costs low.
The project consists of:
DKIM.sol
to verify signaturesparse-email
to parse emails (supports node & browser environments)Service.sol
to demonstrate usage with Oraclesolidity-dkim demo
demo website
- download a sample email
- (optional) download your own email
- visit demo app
- make sure metamask is on the rinkeby network
- upload email
- verify 🎉
$ git clone https://github.com/nionis/solidity-dkim
$ cd solidity-dkim
$ npm install
$ cd client
$ npm install
$ npm run dev
$ migrate
$ cd client
$ npm run dev
- The goal of this project is to provide the necessary primitives for DKIM verification in an unopinioned way. This is why we only verify what is required and we don't perform any parsing on-chain. The next step is to build a
login
method withinService.sol
.
- node-dkim is used by
parse-email
, we helped improvenode-dkim
by fixing a header canonicalization bug
- https://github.com/ensdomains/buffer
- https://github.com/jhermsmeier/node-dkim
- no header boundary found: this is usually due to a raw email format being incorrect. Make sure you "download" the raw email like shown here, since copy / pasting to a text file may replace CRLF characters with LF, learn more