CoreSend

Temporary email service with Ed25519 signature-based authentication.

Overview

CoreSend provides disposable email addresses with cryptographic authentication. Each address is derived from an Ed25519 public key, ensuring only the key holder can access the inbox.

Features

Cryptographic Authentication - Ed25519 signature-based auth, no passwords
Disposable Addresses - Self-destructing emails after 24 hours
Rate Limiting - Prevents abuse with configurable limits
REST API - Full REST API with OpenAPI/Swagger documentation
SMTP Server - Standard SMTP for receiving emails

Project Structure

coresend/
├── backend/          # Go HTTP API + SMTP server
│   ├── cmd/server/   # Entry point
│   ├── internal/     # API, SMTP, storage, validation
│   └── docs/         # Swagger documentation
└── app/              # React frontend (Vite + TypeScript)

Quick Start

Prerequisites

Go 1.21+
Node.js 18+ (or Bun)
Redis 6.0+

1. Start Redis

redis-server

2. Start Backend

cd backend
make deps
make run

Backend runs on:

HTTP API: http://localhost:8080
SMTP: localhost:1025
Swagger UI: http://localhost:8080/docs/

3. Start Frontend

cd app
bun install
bun run dev

Frontend runs on http://localhost:5173

Documentation

Backend README - Backend setup, configuration, and API
API Documentation - Authentication flow and usage examples

Architecture

┌─────────────┐     ┌─────────────┐     ┌─────────────┐
│   Client    │────▶│  HTTP API   │────▶│    Redis    │
│  (Frontend) │     │  (Go/8080)  │     │  (Storage)  │
└─────────────┘     └─────────────┘     └─────────────┘
                           │
                           ▼
                    ┌─────────────┐
                    │ SMTP Server │
                    │  (Go/1025)  │
                    └─────────────┘

Authentication

CoreSend uses Ed25519 signatures instead of passwords:

Generate Ed25519 keypair
Derive address: sha256(publicKey)[:20] (hex)
Sign each request: timestamp:method:path
Include headers: X-Public-Key, X-Signature, X-Timestamp

See API Documentation for detailed examples.

API Endpoints

Method	Path	Description
`POST`	`/api/register/{address}`	Register address
`GET`	`/api/inbox/{address}`	Get all emails
`GET`	`/api/inbox/{address}/{id}`	Get specific email
`DELETE`	`/api/inbox/{address}/{id}`	Delete email
`DELETE`	`/api/inbox/{address}`	Clear inbox
`GET`	`/api/health`	Health check

Development

Backend

cd backend
make test           # Run tests
make swagger        # Generate swagger docs
make build          # Build binary

Frontend

cd app
bun run lint        # Run linter
bun run build       # Build for production

License

AGLP-3.0 License. See LICENSE for details.

Name		Name	Last commit message	Last commit date
Latest commit History 34 Commits
.husky		.husky
app		app
backend		backend
docs		docs
terraform		terraform
.commitlintrc.json		.commitlintrc.json
.env.example		.env.example
.gitignore		.gitignore
Caddyfile		Caddyfile
LICENSE		LICENSE
README.md		README.md
SECURITY.md		SECURITY.md
bun.lock		bun.lock
docker-compose.yml		docker-compose.yml
package.json		package.json
prometheus.yml		prometheus.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CoreSend

Overview

Features

Project Structure

Quick Start

Prerequisites

1. Start Redis

2. Start Backend

3. Start Frontend

Documentation

Architecture

Authentication

API Endpoints

Development

Backend

Frontend

License

About

Uh oh!

Releases

Packages

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

License

lirinlabs/coresend

Folders and files

Latest commit

History

Repository files navigation

CoreSend

Overview

Features

Project Structure

Quick Start

Prerequisites

1. Start Redis

2. Start Backend

3. Start Frontend

Documentation

Architecture

Authentication

API Endpoints

Development

Backend

Frontend

License

About

Resources

License

Security policy

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Packages