ZK-Email is a cryptographic protocol that enables a user to generate a zero-knowledge proof (ZKP) attesting to the content of an email they have received, without revealing the email's body, sender, or other sensitive metadata. It works by cryptographically verifying the DKIM (DomainKeys Identified Mail) signature, a standard email authentication method, to prove that a specific message was legitimately sent from a domain. The user's client parses the raw email, and a ZK circuit generates a proof that certain statements about the email (e.g., "this email contains a specific transaction hash" or "the sender's domain is @example.com") are true. This proof is succinct and can be verified by anyone without access to the underlying data.
LABS
Glossary
ZK-Email
A privacy-preserving protocol that generates a zero-knowledge proof to verify the content of an email was received by a specific address, without exposing the email's full contents.
Chainscore © 2026
definition
CRYPTOGRAPHIC PROTOCOL
What is ZK-Email?
ZK-Email is a cryptographic protocol that enables users to generate a zero-knowledge proof of the content of an email they have received, without revealing the email itself.
The core innovation lies in its use of existing email infrastructure as a decentralized data source and identity layer. By leveraging DKIM, ZK-Email allows users to prove facts derived from their communications with trusted entities like banks, exchanges, or employers. This bridges the gap between the traditional, verified world of email and the on-chain world of decentralized applications (dApps). For instance, a user could prove they received a confirmation for a bank transfer above a certain amount to access a DeFi loan, or verify they hold an account with a specific institution for a credentialing service, all while maintaining complete privacy over their financial details.
Key technical components include a circuit compiler that transforms email parsing logic into an arithmetic circuit, and a DKIM verifier within the ZK-SNARK proving system. Developers define a template (e.g., looking for a specific keyword or regex pattern in the subject or body), and the circuit generates a proof that an email matching that template was validly signed. This makes it a powerful primitive for privacy-preserving attestations, moving beyond simple social logins to granular, provable claims. Projects are exploring its use for wallet recovery, credit delegation, anonymous airdrops based on proven membership, and DAO governance where voting rights are gated by verified real-world actions.
how-it-works
MECHANISM
How ZK-Email Works
ZK-Email is a cryptographic protocol that enables users to generate a zero-knowledge proof about the content of an email without revealing the email itself.
ZK-Email works by cryptographically verifying the DKIM signature attached to an email. This signature, created by the sender's mail server using a private key, is a standard email authentication method. The protocol parses the raw email, extracts the DKIM header and body, and uses it as a public input to a zero-knowledge circuit. The circuit's logic proves that a valid signature exists for an email matching specific, user-defined criteria—such as containing a certain sender, subject line, or transaction amount—without exposing the email's full contents.
The core technical process involves three main steps. First, the user provides their raw email file (.eml). Second, a ZK prover (like circom or halo2) executes a circuit that hashes the email's relevant components and verifies the DKIM-SHA256 cryptographic signature against the sender's public key (published in DNS). Finally, the circuit generates a succinct zk-SNARK proof attesting to the statement "I possess a validly signed email from sender@domain.com confirming a deposit of $X." This proof is tiny and can be verified by anyone in milliseconds.
This mechanism enables powerful applications by turning email into a verifiable data source for blockchains. For example, a user can prove they received a bank statement or a flight confirmation to trigger an on-chain action, a process known as proof of email. The system's security inherits from the robustness of DKIM and the soundness of the underlying zk-SNARK protocol. Importantly, the user never needs to share private email credentials; they only need access to the email file itself, which can be exported from any standard client.
key-features
ZK-EMAIL
Key Features
ZK-Email is a protocol that uses zero-knowledge proofs to cryptographically verify the content of an email without revealing its underlying data, enabling private, trustless interactions with web2 services.
01
Email Header & Body Verification
The protocol generates a zero-knowledge proof (ZKP) that cryptographically attests to specific content within a standard email (e.g., a sender, subject line, or confirmation code). This allows a user to prove they received a specific email from a service like Gmail or Coinbase without revealing the email's full contents, their email address, or their private key.
02
DKIM Signature Validation
Core to its security, ZK-Email verifies the email's DomainKeys Identified Mail (DKIM) signature. This is a cryptographic signature added by the sender's email server (e.g., @gmail.com). The ZK circuit checks this signature against the sender's public DNS record, proving the email is authentic and unaltered, without needing to trust the verifying party.
03
Selective Disclosure & Parsing
Users can prove precise statements about an email. The ZK circuit parses the email to extract and prove only the necessary fields.
- Example: Proving a bank statement shows a balance > $1000, or that a travel booking site sent a confirmation for a specific flight number.
- The rest of the email data remains completely private.
04
On-Chain Action Triggers
The generated ZK proof can be submitted to a blockchain smart contract, enabling permissionless, automated actions based on verified real-world events.
- Use Case: Automatically mint an NFT after proving you donated to a charity (via receipt email).
- Use Case: Gain access to a token-gated Discord channel by proving ownership of a specific domain via a verification email.
05
Decentralized Identity & Attestations
ZK-Email enables portable, privacy-preserving verifiable credentials. Instead of storing sensitive KYC data on-chain, a user can generate a ZK proof from an email attestation (e.g., from a government service or financial institution) and reuse it across multiple dApps, maintaining control over their personal data.
06
Interoperability with Web2 Infrastructure
The system is designed to work with existing SMTP, DKIM, and RSA cryptography standards. It does not require email providers (like Google or Microsoft) to change their systems, making it a non-invasive layer that bridges the gap between centralized web2 services and decentralized web3 applications.
primary-use-cases
ZK-EMAIL
Primary Use Cases
ZK-Email uses zero-knowledge proofs to cryptographically verify the content of an email without revealing its sensitive data, enabling privacy-preserving on-chain applications.
02
On-Chain KYC & Compliance
Users can generate a ZK proof that they have completed a KYC process with a trusted provider (e.g., by verifying an email from Coinbase or Binance) without submitting their personal data on-chain. This allows DeFi protocols and DAOs to enforce compliance requirements while preserving user privacy and data sovereignty.
03
Verified Credential Attestations
Prove possession of real-world credentials attested via email. Examples include:
- Proof of employment from a company email.
- Proof of graduation from an educational institution.
- Proof of event ticket purchase from a confirmation email. The proof verifies the email's DKIM signature and specific content, creating a portable, private credential.
04
Decentralized Identity & Reputation
Serves as a foundational primitive for decentralized identity (DID) systems. By generating proofs from verified email interactions, users can build a private, persistent reputation graph across applications. This enables soulbound tokens (SBTs), undercollateralized lending based on proven income, and access-gated communities without exposing the underlying data source.
05
Wallet Recovery & Authentication
Enable secure, non-custodial wallet recovery using a verified email address as a social recovery factor. A user can generate a proof of ownership of their email to recover access, eliminating single points of failure like seed phrases. This also enables passwordless, phishing-resistant logins for dApps.
06
Verifiable Communication & Notarization
Create an immutable, timestamped record that a specific communication occurred, verified by the email's cryptographic signatures. Use cases include:
- Proving receipt of a legal notice or contract.
- Verifying the content of an agreement or commitment.
- On-chain dispute resolution with cryptographically verified evidence. This provides tamper-proof attestation of digital correspondence.
technical-mechanics
ZK-EMAIL INFRASTRUCTURE
Technical Mechanics: DKIM & Zero-Knowledge Circuits
This section details the cryptographic and infrastructural components that enable ZK-Email, focusing on how email authentication protocols are integrated with zero-knowledge proof systems.
ZK-Email is a cryptographic primitive that uses zero-knowledge proofs (ZKPs) to cryptographically verify the content and sender of an email without revealing the underlying message data. It achieves this by generating a proof that a valid DomainKeys Identified Mail (DKIM) signature exists for a specific email header and body, proving the email's authenticity and that it contains certain predefined data, such as a transaction authorization code. This allows sensitive information within emails to be used as trustless inputs for on-chain actions, like claiming an airdrop or executing a transaction, while preserving user privacy.
The core technical dependency is the DKIM protocol, an email authentication standard that allows a receiving mail server to verify an email was sent and authorized by the owner of a specific domain. A DKIM signature is a cryptographic signature added to an email's headers, created using the sender's private key. The corresponding public key is published in the sender's domain DNS records. A ZK-Email circuit does not verify the DKIM signature directly on-chain; instead, it proves knowledge of a valid DKIM signature for a given email, along with the fact that the email's content matches certain constraints, all within a zero-knowledge Succinct Non-interactive Argument of Knowledge (zk-SNARK).
Constructing a zero-knowledge circuit for email verification involves several complex steps. The circuit must: parse the raw email to separate headers from the body, extract the DKIM signature and its associated headers, implement the precise canonicalization algorithms specified in the DKIM standard, and perform the RSA signature verification—all within the constraints of an arithmetic circuit. This requires translating string parsing, hash functions (like SHA-256), and RSA public key cryptography into a format compatible with finite field arithmetic, making it one of the more complex real-world applications of zk-SNARKs.
A primary use case is permissionless attestation, where an email from a trusted entity (e.g., a government domain for KYC, a university for credentials, or a exchange for transaction confirmations) serves as a private proof of eligibility. For example, a user could prove they received a specific email from rewards@protocol.org containing a unique code, enabling them to claim tokens in a privacy-preserving airdrop without revealing their email address or the full contents of the message to the blockchain or the claiming contract.
The development stack for ZK-Email typically involves specialized tools like the zk-email-verify circuit, which is often written in Circom, a domain-specific language for defining zk-SNARK circuits. Developers must provide the raw email and the sender's public RSA key as private inputs to the circuit. The public output is a cryptographic commitment to the verified data (e.g., a hash of the relevant email content). This proof can then be verified on-chain by a smart contract using a verifier contract, which checks the zk-SNARK proof against the public parameters, enabling trustless execution based on verified email data.
ecosystem-usage
ZK-EMAIL
Ecosystem Usage & Protocols
ZK-Email is a protocol that uses zero-knowledge proofs to cryptographically verify the content of an email without revealing its full contents, enabling private, trust-minimized identity and communication on-chain.
02
Primary Use Case: On-Chain Identity & KYC
ZK-Email enables privacy-preserving identity verification by proving possession of an email from a trusted institution (e.g., a .edu or .gov domain). This can be used for:
- Sybil resistance in airdrops or governance, proving unique personhood.
- Selective KYC, where a user proves they are over 18 or a resident of a country via an email from a bank or utility provider, without submitting full documents.
- Access gating to token-gated communities or services based on verified affiliations.
03
Use Case: Transaction Verification & Notifications
The protocol can verify off-chain events for on-chain conditional logic. For example, a user can prove they received a payment confirmation email from PayPal or a bank, enabling them to claim a corresponding NFT or unlock funds in a smart contract. This creates a cryptographically secure bridge between traditional financial notifications and decentralized applications, automating processes without exposing sensitive transaction details.
04
Technical Components: Prover & Verifier
A ZK-Email system consists of two main components:
- Prover (Client-side): Takes a user's raw email (
.emlfile), extracts the DKIM signature and relevant email headers/body, and generates a zero-knowledge proof (e.g., using Circom or Halo2) that the data matches certain constraints. - Verifier (Smart Contract): A lightweight on-chain contract that checks the validity of the submitted proof against the public verification key and the public inputs (e.g., the sender's domain hash). The contract never sees the email content.
05
Example: Email Wallet Recovery
ZK-Email can facilitate secure, non-custodial wallet recovery. A user sets up a recovery condition based on an email from their own verified address. If they lose their keys, they can generate a ZK proof that they control that email account (by receiving and proving a specific recovery code) to authorize a social recovery module or a smart contract to transfer wallet access, all without a centralized service ever holding their private key or email data.
security-considerations
ZK-EMAIL
Security & Trust Considerations
ZK-Email uses zero-knowledge proofs to verify email contents without revealing the underlying data, creating a new paradigm for trust and privacy in web3 applications.
01
Privacy-Preserving Verification
The core security feature is the ability to prove a statement about an email's content (e.g., "I received a bank statement with a balance > $1000") without revealing the email itself, the sender, or the exact balance. This is achieved using zero-knowledge proofs (ZKPs), which allow a prover to convince a verifier of a statement's truth while maintaining data confidentiality.
02
Trust in the Email Infrastructure
ZK-Email's security model inherits trust from the existing DomainKeys Identified Mail (DKIM) cryptographic signature standard. The protocol verifies the DKIM signature on the email header to prove the email was genuinely sent from a specific domain (e.g., @coinbase.com) and was not altered in transit. This creates a cryptographic bridge between web2 trust (email) and web3 verifiability.
03
Selective Disclosure & Data Minimization
Users maintain control over what specific data is proven. The system enables selective disclosure, allowing a user to prove only the necessary claim. For example, proving you are over 18 by verifying a date-of-year field, without revealing your full birth date, name, or other personal information from the email. This principle of data minimization is fundamental to user privacy.
04
On-Chain Verification & Immutable Proofs
Once a ZK proof is generated from an email, it can be verified on a blockchain. This provides cryptographic guarantees and immutable audit trails. The verification is trustless and does not require a centralized authority to vouch for the email's authenticity. This makes it suitable for on-chain actions like token-gated access, credit scoring, or attestations.
05
Relayer Privacy & Front-running Risks
A common architecture uses a relayer to submit the proof and transaction to the blockchain to preserve the user's on-chain identity. Key considerations include:
- Ensuring the relayer cannot front-run the user's transaction for profit.
- Using commit-reveal schemes or encrypted mempools to protect transaction intent.
- The relayer should not be able to learn the contents of the proven email from the proof data.
06
Email Source Authentication Limitations
Security depends on the authenticity of the DKIM-signed email. This does not protect against:
- Phishing emails from look-alike domains that also have valid DKIM (e.g.,
coinbasse.com). - Compromised email accounts or servers where an attacker can send valid signed emails.
- Spoofed headers within the DKIM-signed body. Applications must carefully define which trusted domains and email header formats are accepted for proofs.
ARCHITECTURAL COMPARISON
ZK-Email vs. Traditional Email Verification
A technical comparison of verification methods based on privacy, security, and decentralization.
| Feature / Metric | ZK-Email Verification | Traditional Email Verification |
|---|---|---|
Underlying Technology | Zero-Knowledge Proofs (ZKPs) | Centralized API Calls |
Data Privacy | ||
User Sovereignty | ||
Verification Latency | < 2 sec (proof generation) | < 200 ms (API call) |
On-Chain Verification Cost | $0.50 - $2.00 (gas) | N/A (off-chain) |
Censorship Resistance | ||
Trust Assumption | Cryptographic (ZK-SNARKs) | Third-Party Service Provider |
Proves Email Ownership | ||
Reveals Email Content/Header |
ZK-EMAIL
Frequently Asked Questions (FAQ)
Common technical questions about ZK-Email, a protocol for generating zero-knowledge proofs from standard email content.
ZK-Email is a protocol that allows users to generate a zero-knowledge proof (ZKP) from the contents of a standard email, enabling them to cryptographically verify specific claims about the email without revealing its full content. It works by parsing the raw email data (headers, body, DKIM signature) and using a ZK circuit to prove statements like "I received an email from domain X containing text Y" or "This email's timestamp is before a certain date." The core innovation is leveraging the existing DomainKeys Identified Mail (DKIM) cryptographic signature, which is already used for email authentication, as a source of trust. The protocol outputs a succinct proof that can be verified on-chain, enabling privacy-preserving applications like anonymous credential verification, Sybil resistance, and attestation of off-chain events.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall