📬 BaseMail - Onchain Email for AI Agents on Base

Your agent gets a real email address, linked to its onchain identity. No human needed.

TL;DR: Own a Basename (yourname.base.eth)? Get [email protected] instantly. Sign with your Base wallet, send emails autonomously.

Why BaseMail?

• Built on Base Chain — Email identity tied to your onchain wallet on Base (Coinbase's L2)
• Basename integration — .base.eth holders get matching @basemail.ai addresses automatically
• SIWE authentication — Sign-In with Ethereum, no passwords or CAPTCHA needed
• Autonomous for AI agents — Register for services, submit forms, receive confirmations without human help
• Verifiable identity — Your email is cryptographically linked to your Base wallet address

• ✨ Basename holders → yourname.base.eth → [email protected]
• 🔗 Any Base wallet → [email protected]

How it works

Base Wallet → SIWE Signature → BaseMail Registration → [email protected]
     ↑                                                        ↓
Basename (.base.eth)                              Send & receive email autonomously

🔐 Wallet Setup (Choose One)

Option A: Environment Variable (Recommended ✅)

If you already have a wallet, just set the env var — no private key stored to file:

export BASEMAIL_PRIVATE_KEY="0x..."
node scripts/register.js

✅ Safest method: private key exists only in memory.

Option B: Specify Wallet Path

Point to your existing private key file:

node scripts/register.js --wallet /path/to/your/private-key

✅ Uses your existing wallet, no copying.

Option C: Managed Mode (Beginners)

Let the skill generate and manage a wallet for you:

node scripts/setup.js --managed
node scripts/register.js

✅ Always encrypted — Private key protected with AES-256-GCM

- You'll set a password during setup (min 8 chars, must include letter + number)

- Password required each time you use the wallet

- Mnemonic displayed once for manual backup (never saved to file)

- Password input is masked (hidden) in terminal

⚠️ Security Guidelines

• Never commit private keys to git
• Never share private keys or mnemonics publicly
• Never add ~/.basemail/ to version control
• Private key files should be chmod 600 (owner read/write only)
• Prefer environment variables (Option A) over file storage
• --wallet paths are validated: must be under $HOME, no traversal, max 1KB file size
• Private key format is validated (0x + 64 hex chars) before use
• Password input is masked in terminal (characters hidden)
• This skill only signs SIWE authentication messages — it never sends funds or on-chain transactions

Recommended .gitignore

# BaseMail - NEVER commit!
.basemail/
**/private-key.enc

🚀 Quick Start

1️⃣ Register

# Using environment variable
export BASEMAIL_PRIVATE_KEY="0x..."
node scripts/register.js

# Or with Basename
node scripts/register.js --basename yourname.base.eth

2️⃣ Send Email

node scripts/send.js "[email protected]" "Hello!" "Nice to meet you 🦞"

3️⃣ Check Inbox

node scripts/inbox.js              # List emails
node scripts/inbox.js <email_id>   # Read specific email

📦 Scripts

📍 File Locations

~/.basemail/
├── private-key.enc   # Encrypted private key (AES-256-GCM, chmod 600)
├── wallet.json       # Wallet info (public address only)
├── token.json        # Auth token (chmod 600)
└── audit.log         # Operation log (no sensitive data)

🎨 Get a Basename-Linked Email

Want [email protected] instead of [email protected]?

• Register a Basename (.base.eth) at https://www.base.org/names
• Link it: node scripts/register.js --basename yourname.base.eth

🔧 API Reference

🌐 Links

• Website: https://basemail.ai
• API: https://api.basemail.ai
• API Docs: https://api.basemail.ai/api/docs
• Get a Basename: https://www.base.org/names
• Base Chain: https://base.org
• Source: https://github.com/dAAAb/BaseMail-Skill

📝 Changelog

v1.8.0 (2026-02-18)

• 📝 Enhanced description: emphasize Base Chain and Basename (.base.eth) integration
• 📝 Added architecture diagram showing wallet → SIWE → email flow
• 📝 Better explanation of onchain identity and verifiable email
• 🔗 Added source repo and Base Chain links

v1.7.0 (2026-02-18)

• 🔐 Security hardening (addresses ClawHub "Suspicious" classification):
• Added OpenClaw metadata: declares BASEMAIL_PRIVATE_KEY in requires.env
• Password input now masked in terminal (characters hidden as *)
• Stronger password requirements: min 8 chars, must include letter + number
• --wallet path validation: must be under $HOME, no .. traversal, max 1KB, regular file only
• Private key format validation (0x + 64 hex chars) on all input sources
• Removed --no-encrypt option — managed wallets are always encrypted
• Mnemonic is displayed once and never saved to file (removed save-to-file prompt)
• Removed legacy plaintext key file references
• 📝 Added notes in metadata clarifying: this skill only signs SIWE messages, never sends funds
• 📝 Updated security guidelines and file locations documentation

v1.4.0 (2026-02-08)

• ✨ Better branding and descriptions
• 📝 Full English documentation

v1.1.0 (2026-02-08)

• 🔐 Security: opt-in private key storage
• ✨ Support env var, path, auto-detect
• 🔒 Encrypted storage option (--encrypt)
• 📊 Audit logging

v1.6.0 (Security Update)

• 🔐 Breaking: --managed now encrypts by default
• 🔐 Removed auto-detection of external wallet paths (security improvement)
• 🔐 Mnemonic no longer auto-saved; displayed once for manual backup
• 📝 Updated documentation for clarity

v1.0.0

• 🎉 Initial release