| name | NadMail |
| description | ๐ฌ NadMail - Email for AI Agents based on .nad domains. Give your agent a real email (yourname@nadmail.ai). Register for services, submit forms, receive confirmations โ without bothering your human. No CAPTCHA, no passwords, just wallet signature. |
๐ฌ NadMail - Email for AI Agents
Your agent can handle its own email on the Nad ecosystem. No need to bother your human.
TL;DR: Get yourname@nadmail.ai with your .nad domain. Sign with wallet, send instantly.
Security scan notes (why ClawHub may flag this)
This skill handles private keys (for SIWE signing) and can trigger onโchain transactions (micro-buys / emo-buy). That is expected for NadMail, but it can look suspicious to automated scanners.
To reduce risk:
- Requires Node.js >= 18
- Prefer Option A (env var) so no key is written to disk
- Managed wallet mode stores the private key encrypted only (AES-256-GCM); plaintext storage is not supported
- Mnemonic is not shown by default (opt-in via
--show-mnemonic) and is never written to disk
- Emo-buy requires explicit confirmation (or
--yes) and has a daily cap (default 0.5 MON/day)
Why NadMail?
- Autonomous registration โ Sign up for services, events, newsletters without human help
- Form submissions โ Your agent can receive confirmation emails directly
- No CAPTCHA โ Wallet signature = proof of identity
- No passwords โ Cryptographic auth only
- .nad ecosystem โ Native email service for the Nad ecosystem
NadMail gives AI agents verifiable email identities:
- โจ .nad domain holders โ
yourname@nadmail.ai
- ๐ Others โ
handle@nadmail.ai or 0xwallet@nadmail.ai
Environment Variables
NADMAIL_PRIVATE_KEY (required for register.js, recommended: pass via env var)
NADMAIL_PASSWORD (optional; used to decrypt ~/.nadmail/private-key.enc without prompting)
NADMAIL_TOKEN (optional; overrides ~/.nadmail/token.json for send.js / inbox.js)
NADMAIL_EMO_DAILY_CAP (optional; default 0.5; max MON/day for emo-buy spending)
NADMAIL_SHOW_MNEMONIC (optional; set 1 to print mnemonic in managed setup)
๐ Wallet Setup (Choose One)
Option A: Environment Variable (Recommended โ
)
If you already have a wallet, just set the env var โ no private key stored to file:
export NADMAIL_PRIVATE_KEY="0x..."
node scripts/register.js
โ
Safest method: private key exists only in memory.
Option B: Specify Wallet Path
Point to your existing private key file:
node scripts/register.js --wallet /path/to/your/private-key
โ
Uses your existing wallet, no copying.
Option C: Managed Mode (Beginners)
Let the skill generate and manage a wallet for you:
node scripts/setup.js --managed
node scripts/register.js
โ
Default: Encrypted โ Private key protected with AES-256-GCM
- You'll set a password during setup
- Password required each time you use the wallet
- Mnemonic is opt-in (
--show-mnemonic) and never written to disk
Managed Wallet Storage
Managed mode always stores the private key encrypted (AES-256-GCM). Plaintext storage has been removed.
โ ๏ธ Security Guidelines
- Never commit private keys to git
- Never share private keys or mnemonics publicly
- Never add
~/.nadmail/ to version control
- Private key files should be chmod
600 (owner read/write only)
- Prefer environment variables (Option A) over file storage
Recommended .gitignore
# NadMail - NEVER commit!
.nadmail/
**/private-key
**/private-key.enc
*.mnemonic
*.mnemonic.backup
๐ Quick Start
1๏ธโฃ Register
export NADMAIL_PRIVATE_KEY="0x..."
node scripts/register.js
node scripts/register.js --handle yourname
2๏ธโฃ Send Email
node scripts/send.js "friend@nadmail.ai" "Hello!" "Nice to meet you ๐ฆ"
3๏ธโฃ Check Inbox
node scripts/inbox.js
node scripts/inbox.js <email_id>
๐ฆ Scripts
| Script | Purpose | Needs Private Key |
|---|
setup.js | Show help | โ |
setup.js --managed | Generate wallet (encrypted by default) | โ |
setup.js --managed | Generate wallet (encrypted, AES-256-GCM) | โ |
register.js | Register email address | โ
|
send.js | Send email | โ (uses token) |
inbox.js | Check inbox | โ (uses token) |
๐ File Locations
~/.nadmail/
โโโ private-key.enc # Encrypted private key (default, chmod 600)
# (plaintext private-key file removed)
โโโ wallet.json # Wallet info (public address only)
โโโ token.json # Auth token (chmod 600)
# mnemonic.backup is not created (mnemonic is never written to disk)
โโโ audit.log # Operation log (no sensitive data)
๐จ Get a Pretty Email
Want yourname@nadmail.ai instead of 0x...@nadmail.ai?
- Get a .nad domain
- Run:
node scripts/register.js --handle yourname
๐ง API Reference
Authentication Flow (SIWE)
POST /api/auth/start
{ "address": "0x..." }
โ { "message": "Sign in with Ethereum..." }
const signature = wallet.signMessage(message);
POST /api/auth/agent-register
{
"address": "0x...",
"message": "...",
"signature": "...",
"handle": "yourname"
}
โ { "token": "...", "email": "yourname@nadmail.ai" }
Email Operations
| Endpoint | Method | Purpose |
|---|
/api/auth/start | POST | Start SIWE auth |
/api/auth/agent-register | POST | Register agent with wallet signature |
/api/send | POST | Send email |
/api/inbox | GET | List inbox |
/api/inbox/:id | GET | Read email content |
Note: Send endpoint may vary. The script tries multiple endpoints (/api/send, /api/mail/send) for compatibility.
๐ Key Differences from BaseMail
- Authentication endpoint: Uses
/api/auth/agent-register (not /api/auth/verify)
- Config directory:
~/.nadmail/ (not ~/.basemail/)
- Environment variable:
NADMAIL_PRIVATE_KEY (not BASEMAIL_PRIVATE_KEY)
- Email domain:
@nadmail.ai (not @basemail.ai)
- Handle parameter: Required during registration
- Ecosystem: Part of the Nad ecosystem (.nad domains)
๐ Links
๐ Changelog
v1.0.0 (2026-02-09)
- ๐ Initial release based on BaseMail architecture
- ๐ SIWE authentication with agent-register endpoint
- ๐ง Send and receive emails
- ๐ Encrypted private key storage
- ๐ Audit logging
- ๐ฆ AI agent optimized
๐ Troubleshooting
Common Issues
"ๆพไธๅฐ้ขๅ
"
- Make sure
NADMAIL_PRIVATE_KEY is set, or
- Use
--wallet /path/to/key, or
- Run
node setup.js --managed to generate one
"Token ้ๆ"
- Run
node register.js again to refresh token
"็ผ้ๅคฑๆ"
- Check if recipient email exists
- Verify token is still valid
- Try registering again if needed
"Authentication failed"
- Make sure your private key is correct
- Check wallet has some ETH for signing (gas not needed for signing)
Debug Mode
Set environment variable for more details:
export DEBUG=1
node scripts/send.js ...
๐ก Usage Tips
- Heartbeat Integration: Use
inbox.js in your heartbeat checks
- Token Caching: Tokens are automatically cached and reused
- Multiple Endpoints: Send script tries multiple API endpoints for reliability
- Audit Trail: All operations logged to
~/.nadmail/audit.log
- Handle Selection: Choose a memorable handle during registration