Altermail: Secure data integrity sharing model based on three-tier system

[MrX01010101010]

Altermail: Secure data integrity sharing model based on a three-tier system

Project Description

"Altermail intends to be a privacy-preserving secure communication platform leveraging Secret Contracts on the Secret Network blockchain."

The main goal of this product is to create and implement a secure data integrity sharing model using blockchain technology. Altermail's secure data integrity sharing models use a digital signature, a proxy encryption scheme, and Secret Network's encryption schema with smart contracts.

Data owners can use Altermail's information-sharing system to ensure that this information is not available to everyone. Only delegated users can view the data; as keys will be available only at the User side and will not be sent even to Altermail.

Altermail's system architecture consists of three layers - application, access, and data. The base layer is the application layer, it ensures the receipt and transmission of information and encryption are private secure by default. Secret Contracts on the Secret Network blockchain serve as the data verification and authentication storage mechanism for Altermail. Secret Contracts metadata is encrypted. Additionally, Secret Contracts serve as neutral and automated intermediaries for data integrity on Altermail. The data layer is required to store user-sent data that is encrypted. This architectural part of the system also uses the encryption module needed for the delegation process. The three-tier architecture used in the secure, seamless data model ensures application performance and security.

The support from Secret Network at an early stage can make the project successful in a short timeframe. This grant request will allow us to continue the implementation and creation of Altermail - specifically Secret Contract development. Additionally, SCRT may become increasingly valuable as it can be used in the communication sector and team collaboration apps empowered by Altermail and all of the potential features on the product roadmap.

Problem / Solution

There is an illusion of security and privacy of communication by current solutions such as Gmail/Protonmail/Whatsapp/Telegram/Discord/Slack/cTemplar. Sadly, many privacy communities unwittingly use unsecured communication apps that do not have truly privacy-preserving communications as promised. Altermail aims to fill this gap by offering truly secure and private email based on blockchain technology, specifically Secret Network.

Why is Altermail needed? Primarily, because we believe privacy is not only a human right, but also an important utility. Without privacy, users are in danger of damaging their social life, finances, control of data, and control of identity (via impersonation). Surveillance by “Big Brother” and a range of applications widely adopted compromise our data - allowing malicious entities to use data as means to manipulate politics, economy, culture, global relations, and even “truth” itself.

Altermail will provide decentralized communication that is safe, secure, and private. All of this is made possible by the three-layer architecture outlined earlier. Secret Network is a crucial part of one of the layers, and is what makes Altermail a truly unique solution.

Detailed product description

Sequence diagram Minimal registration fields: Username, password, or authentication token. Authorization via Username and Password/Token

1st scheme - Encryption key generation (ECDH/ECIES to be used) After authentication on the website, the user generates (on a client-side) two keypairs - KEK (Key Encryption Key) and DEK (Data Encryption Key). KEK will never leave the user computer/environment, and DEK will be stored in encrypted form in a Smart Contract (as well as key recovery metadata in case user loses his KEK). After generation completion of both key pairs, DEK will be encrypted using KEK and both DEK parts will be uploaded and stored in the Smart Contract. Key usage: • KEK public key - to encrypt DEK private key (once or whenever KEKs are compromised [DEK must be re-encrypted with newly generated KEK] or lost [in that case DEK is useless and must be re-generated. All previous messages will be unreadable]). It is possible to recover DEK using recovery information stored alongside in the Smart Contract; • KEK private key - to decrypt DEK private key (every time user signs in the system to work with his messages); • DEK public key - to encrypt messages addressed to the user (by the sender); • DEK private key - to decrypt received messages.

2nd scheme - Sending a message After authentication, the user will retrieve his DEKs from the Smart Contract using ALTERMail service and decrypts them locally using his KEK private key (private KEK part must be inserted into the browser for in-browser decryption). • The user will sign a message using his private DEK and then request the message recipient’s public key (the recipient's DEK public key) to encrypt the message locally. • The encrypted message then is transmitted to the ALTERMail server, where it is persisted for further decryption by the receiver. Additionally, the Smart Contract is updated to put a new record describing sending event meta-data (originator, receiver, timestamp, message hashes).

3rd scheme - Receiving a message • After authentication the user will retrieve his DEKs from the Smart Contract via ALTERMail service and decrypts them locally using his KEK private key (private KEK part must be inserted into the browser for in-browser decryption). • The user will retrieve an encrypted message from the ALTERMail servers and decrypt it using a pre-decrypted DEK private key. • After message decryption, the signature is verified by checking the sender's DEK public key. Also, the fact that the sending event originated from that particular sender is verified by querying the blockchain's Smart Contract.

This setup allows the user to securely and privately send and receive messages.

Go-to-Market plan

Altermail aims to have a sustainable long-term budget for marketing to achieve the most noticeable impact. Specifically, the go-to-market plan requires extensive awareness building, credibility garnering, and partnerships between various blockchain networks and privacy communities (specifically Secret Network). During and after product creation, Altermail will aim to participate on social networks, partake in multiple events, and engage in weekly community calls and updates.

The initial aim for the Altermail product and team is to reach $10m in ARR within a year (July 2021 as a starting point). The current stage is the so-called “start of the race,” where we will build the Altermail MVP, Problem and Solution product roadmap, and create traction via the multiple available marketing channels. Our goal is to have our MVP built with $1m marks within the next three months. After this initial stage, Altermail will then transition into intensive user acquisition strategies (“Growth Machine” as we call it internally) leveraging channel expansion. This growth traction will be driven by organic growth; more than 50% of growth will be organic because in order for a user to interact with Altermail they must invite their contacts to join as users on Altermail. The Altermail team strongly believes word-of-mouth marketing (WOM) marketing is the fastest way to grow the Altermail user base.

Reaching organic growth of 50% from new users by having 10k users milestones makes a compelling case for investors to help catapult Altermail (and by extension Secret Network) into a truly global scale. After reaching the 10k users milestone, the focus of Altermail will shift to global retail users (those who are not familiar with blockchain/cryptocurrency or people who might care about their privacy and security on the internet). Specifically, the team will prepare a light version of the service known as “freemium.” This can be achieved later on once we scale the technology part (speed on verifications, multiple party acknowledgments of messages distributed between them). All of these features we believe will be part of pulling in a wave of t millions of new users to try out the Altermail product and then buy the full-stack service.

Meanwhile, sales will still happen on a B2B basis, where companies seeking safer solutions than what is currently offered on the market will be happy to partner and purchase the Altermail service. We believe B2B is a strong vector for us because of the constant cyber-attacks and data leaks existing with a variety of industries where privacy and security are key components of the respective businesses' value proposition.

Altermail will also be targeting privacy key opinion leaders (KOLs). The right tweet from the right KOL can change the entire course of a product's future. “Altermail is an interesting privacy solution leveraging the Secret Network blockchain that you can use today. Dedicated to privacy and anonymity - Altermail”, /Edward Snowden/. Imagine how that could change the history of Secret Network and Altermail.

The subscription is on a recurring annual fee of $50- in the Beta version (MVP with a discount of 40%). Scaling the product with additional features will increase the price per year. We predict that the full-stack service within 3 months will be a $75 per annum charge. People who enroll at first have the benefit of having it much cheaper.

Value capture for Secret Network ecosystem

A secure and private data-sharing application built on Secret Network will drive network usage growth as well as user acquisition. Because Altermail uses Secret Network, there will be regular batches of transactions used - all of which can help increase gas usage on Secret Network and ultimately drive demand for the acquisition of SCRT.

The kick-start is crucial for Altermail and Secret Network, and the Altermail team believes the synergy and impact will be tremendous.

On top of mentioned functionalities, we will be implementing in the scaling process the following things:

• Payment implementation of SCRT by using as means of payments for the Altermail service. Within time connect stable coins and swaps.
• Wallet integration into the solution to easier hold SCRT, do swaps and acquire items from Fardels as a potential side Dapps integration.
• To use Altermail for direct messages between Fardels users (like between sellers and buyers, or just between buyers), also integrate the communication into any other future Dapps that will be built on Secret contracts.
• Secret Contracts can be used as means of “agreement by parties” and conclude a transaction based on SCRT as the value versus immovable/movable property (car, real estate, service, etc.). Since we want to create an ecosystem for not just communication in the future.

1. Secret Network is fundamentally focused on empowering privacy-preserving technologies built with blockchain technology. A key vertical for privacy is communication - Altermail aims to be a key product on the application layer of Secret Network, increasing product differentiation from other networks. Altermail will help continue cement Secret Network as a valuable layer-1 solution.
2. Altermail as a service is tightly integrated with the Secret Network. As such, the Altermail team pledges to help grow the Secret Network community on the community discord. Users that discover Altermail will by extension find Secret Network. Users that are active participants of Secret Network will discover Altermail. We believe there is long-term alignment on this community growth vector that will add an immense amount of value to Secret Network as we scale Altermail.
3. A grant is integral to help us to grow at the early stage of this product development cycle. We want to share and contribute to the community by offering SCRT for the first 10k early access sign-ups, resulting in 5 USD per subscription to Secret Network. After reaching 10k users, 1% of subscription income will be donated to the Secret Network grant program, beginning from the launch of Altermail and into perpetuity. a. Altermail will give 10,000 Secret Network paid subscribers a 40% discount for the 1st year of Altermail subscription. This means that the Altermail team will give Secret Network 10,000 unique registration links that Secret Network can offer to the community. b. With every registration through Secret Network, Altermail will give 5 euros as a reward to Secret Network, including the 10,000 registrations with the 40% discount. So by getting 5000 paid subscribers, Secret Network will get 50.000 dollars/equivalent in SCRT.
4. Secret Network community growth. With every new subscriber to Altermail, Secret Network can gain another community member via advertisements and partnership awareness from both Altermail and Secret Network.
5. Secret Network and Altermail will become the 1st genuinely decentralized and safe communication provider - trailblazing the way for the largest privacy-focused blockchain communication product existing on any network.
6. When Altermail begins its marketing initiatives Secret Network will mutually benefit from our advertisements and exposure since they will also be mentioned since part of the tech stack is from Secret Network
7. Community members of Secret Network are also members of other different channels. If those members spread the word in other communities, Secret Network will get more exposure and new community members.
8. Users will be able to pay with SCRT coins - driving demand for SCRT, and increasing network traffic metrics.
9. Secret Network will also have an Altermail team of specialists ready to help in any way possible with network growth.

Team members

• Oskars Jepsis (MrFreeman) – CEO, Co-Founder, management
• Aleksejs Grocevs (Alexey) – CTO, Co-Founder, main dev
• Andrius Bartminas (Bruce Wayne) – CINO, Co-Founder, R&D
• Marius Barends (Minigunner) – CMO, Founding Employee, digital marketing, comms
• Valters Buko (vbuko) – Designer
• Boris B. – Front-end developer
• Murai Ryo – senior back end developer

Team Website

• https://altermail.co

Team's experience

• Oskar has 6 years of project management, mostly in fin-tech. Worked for banks and P2P platforms, founded a company called XHEERO that was concentrating on DeFi in AML/Compliance side.
• Aleksejs has 10+ years of extensive experience with complex web-based solution architecting and full-stack development, as well as server software/hardware management and provisioning as a former CTO of the payment processor company was responsible for infrastructure/code/policy preparation for annual on-site PCI DSS audits.
• Andrius has been researching blockchain and implementing large-scale innovative projects for 10 years now.
• Marius is a web developer and an SEO specialist. He also has experience in Content creation, HR, Social Media, Marketing, and Communications.
• Murai Ryo – is a determined full stack developer with more than 10 years of experience. I have been specializing in web, hybrid mobile apps, and blockchain development using React, Angular, Vue, React Native, Web3, Solidity, Node, Express, PHP, Python, Ruby on Rails. I am experienced in MySQL, PostgreSQL, MongoDB database management as well.

We've been a team for four months, and we are just getting started since we want to scale our team as soon as possible by adding more backend devs, QA, another front-end dev, and add digital marketing specialists to support us on social media platforms.

Team Code Repos

• https://github.com/MrGFreeman
• https://github.com/AleksejsGrocevs *Alexey has been under the NDA since “serious business” :)
• https://github.com/totop716 (Murai Ryo)

Team LinkedIn Profiles

• https://www.linkedin.com/in/oskarjepsen/
• https://www.linkedin.com/in/aleksejsgrocevs/
• https://www.linkedin.com/in/andrius-bartminas/
• https://www.linkedin.com/in/murai-ryo-4b497820a/

Development Roadmap

0-2 weeks MVP (end of June) – sending/receiving messages, profile alteration, login and back-end functionality of encryption set up, server setup, finished front-end/UI, keypair generation; 3-4 (MVP) weeks (by mid - July) to implement Secret Network smart contract creation/alteration, implement payment option with Secret, including Keys and recovery keys are stored on SN. 5-12 (product launch) weeks (Aug - mid-Sep) / 1st part of scaling the product functionalities and resources: • Improving the user interface and experience • sSCRT wallet built in, where people can pay either with sSCRT directly to an e-mail address (as opposed to a SCRT address) • Obtain additional exposure of server set up and increase throughput; • Implement group messaging functionality; • Add channel/group set up functionality and tie them to the smart contract; • Add/remove users of the channel (tied smart contract alteration); • Improve the FAQ section and support/help-desk for the users; • Plan out and implement the integration with Fardels to use Altermail as the communication between buyer & seller 13-24 weeks (mid-Sep - Dec) - 2nd feature set implementation: • Voice-call functionality; • Automatic/scheduled/auto-expiring messaging functionalities; • App for iOS/Android

The team stack:

• 1 senior back-end (Java) -$5k/month (we have already one – Alexey but additional is needed for scaling) • 1 senior full-stack (Java/front-end) -$5k/month • 1 QA ~$3k/month • 1 senior DevOps (+1 middle, in the long run, depending on the users) -$2,4/month • Project Management costs -$5k /month (partly funded by EIT Digital investment)

The infrastructure:

Initial infrastructure to deliver the server set up and maintenance • 2-3 servers ($800-1300/month) handling 10 simultaneous messages per timeframe/seconds. Gradually increase as per demand. • Ensure within two months to have our own physical server and maintenance • Gradually use private/decentralised instances

Ideally, we can receive payments in 3 disbursements (total of $30,000 in SCRT), one at the beginning of the grant ($10,000), one after implementation of MVP ($10,000), and the last payment ($10,000) when the development work is completed for Beta.

Marketing and sales funnel are ~$20,000 and are connected to the following milestones. We firmly believe that the ROI on network growth and awareness would be x40 greater than the cost to fund this portion of this initiative: • 1k users – disbursement of $4,000 • 10k users - disbursement of $9,000 • 20k users - disbursement of $7,000

We would be willing to consider part payment in SCRTs, up to 90% since some of the costs are related to the marketing and sales funnel.

Additional Information

The budgeting can be decreased by having people who are dedicated to contributing to the project long-term and offer founding employee stock options + we want to achieve a solid revenue stream within the next two months after releasing the 1st version to the public. That will give us the possibility to decrease or cancel it.

[MrX01010101010]

Updating the architecture part:

Application architecture on multiple single-purpose servers, tied in clusters behind a single endpoint, serves as a mediator between external (Internet-originated) requests and the internal ecosystem, which does not have access to the Internet and is not available on the Internet as well. Two leading server roles in the system are authentication servers and message processing servers. Auth servers are primarily responsible for user session initiation/termination and existing session validity confirmation. Another function of auth servers is to manage user-supplied certificates, register public keys in the Smart Contract of the Secret Network, and confirm that they are still valid. Auth servers will use stored user account data in a clustered PostgreSQL database to make decisions about authentication/authorization user requests. Messaging and mailing servers are the core of the service - designed to check supplied encrypted messages and persist/fetch them upon user request. Messages are stored in a NoSQL database for better scalability/clustering and message/other sendable object hashes are stored in the Smart Contracts to ensure sending fact/originator credibility. All communication with the outside world using the Internet is done in the TLS-protected connections and protected Edge locations with anti-DDoS and Web-Application Firewall solutions.

The architecture is subject to change while scaling the solution.

[guyz]

Approved! Very cool stuff