EmailPay

Problem Statement

EmailPay — Detailed Project DescriptionEmailPay turns email into a fully functional, seedless crypto wallet and payment rail. It lets non-crypto users send and receive on-chain value with plain email commands — no seed phrases, no wallet extensions, and no addresses to copy. The product combines email UX familiarity with decentralized signing (Lit PKPs), stablecoin rails (PYUSD), and standard smart contract execution (Ethereum via Hardhat) so anyone can transact using the interface they already know.⸻Problem Statement • Web3 onboarding is painful: seed phrases, private-key management, wallet extensions, and confusing addresses block mainstream adoption. • Everyday users already know email; it’s ubiquitous, trusted, and simple. But email doesn’t natively map to on-chain identity or payments. • Objectives: remove key management, reduce friction, and allow secure, verifiable crypto payments initiated entirely from email.⸻High-level Solution • Bind a seedless programmable key (PKP) to each user’s email. When a user creates an account, EmailPay mints/assigns a PKP and stores the association server-side. • Users authenticate with email + OTP flow (no wallet required). • Users send instructions via email (e.g., send 0.001 eth to alice@gmail.com) to a dedicated relayer inbox. EmailPay parses the command, validates the sender, signs the transaction using the PKP (via Lit Protocol), and relays the transaction to the blockchain or a stablecoin settlement rail (PYUSD). • EmailPay sends confirmation emails back to sender and recipient; the confirmation includes a transaction hash linking to the on-chain proof.⸻Demo Flow (what you’ll show) 1. Create wallet (OTP verification) — user enters email → receives OTP → upon verification, a Lit PKP wallet is generated for that email and user dashboard is created. 2. Login (email + OTP) — user logs in and sees the dashboard: wallet address, balance, and templates for commands. 3. Send via email — compose email to emailpay.demotest@gmail.com with body send 0.001 eth to sherwinrod10@gmail.com. 4. Backend processing — EmailPay parses the email, validates sender, prepares tx, obtains PKP session signatures via Lit, and submits transaction through relayer. 5. Confirmation — both parties receive an email with transaction metadata and a hash that links to the chain explorer.⸻Architecture & ComponentsFrontend • Framework: Vite + React • Styling: Tailwind CSS, supports light/dark themes • Routing: React Router • Animations: Framer Motion • Pages: Landing, Login, Create Wallet (OTP), Dashboard (balance, address, send templates) • Security: OTP flow (server verifies ownership of the email)Backend (Node.js) • Inbox Poller: Polls/receives emails (Gmail API / IMAP) and enqueues commands. • Command Parser: Deterministic parser that extracts commands (SEND <amount> <token> TO <recipient_email>) and validates syntax & amounts. • Authorization: Verifies sender email → maps to PKP; rate limits and anti-spam checks. • PKP Wallet Manager: Creates or loads PKP wallets; requests session signatures from Lit; caches sessionSigs where safe (server-side storage, e.g., Redis). • Relayer / Transactioner: Prepares transactions (PYUSD or ETH), estimates gas (if on-chain), and relays via an EVVM-compatible relayer or RPC node. • Notifications: Sends confirmation emails with status and tx hash. • Persistence: MongoDB (or equivalent) stores users, PKP mappings, transactions, and job state.Lit Protocol Integration • Role: PKP-based signing; removes need for user-held private keys. • Flow: 1. Backend requests getSessionSigs() for a PKP with resourceAbilityRequests containing the PKP resource (lit-pkp:<pkpId>) and pkp-signing ability. 2. Use a controller private key (server) to sign the SIWE message or use a configured controller wallet to produce the authSig. 3. Submit signed session to Lit nodes, obtain signing shares, and use them to sign transaction payloads. • Node/SDK Notes: Node environments must handle SIWE ReCap and capability formatting carefully (session URIs, nonces, expirationTime, and resources). For stable compatibility, project has a tested SDK version and server adapters to persist session state.PayPal / PYUSD Integration • Role: Option to use PYUSD stablecoin for USD-settled payments to reduce volatility and gas costs. • Integration: On “send PYUSD” command, backend routes transfer via on-chain PYUSD contracts (or via PayPal integration if bridging is available). Contracts are treated like ERC-20 assets — transfer transactions are signed by PKP wallets and relayed on the chosen chain.Smart Contracts & Hardhat • Hardhat used for: • Local contract development (ERC-20 wrappers, relayer helpers), • Tests (unit + integration), • Deployment scripts for staging and production networks. • Testing: Comprehensive Hardhat tests for command parsing → tx creation → successful execution.⸻Security & UX Considerations • No seed exposure: Users never see private keys or seed phrases. PKP is held/managed via Lit nodes. • OTP + email ownership: OTP verification is required for wallet creation and login. • Rate limiting & anti-spam: Throttle emails to prevent abuse and replay attacks. • Reputation & anti-fraud: Transaction heuristics, thresholds, and optional 2nd-factor for high-value transfers. • Server-side storage: SessionSigs and ephemeral auth materials stored in secure server-side storage (Redis or encrypted DB) not in browser localStorage. Rotate keys and handle revocation flow. • Auditability: Transactions include on-chain hash visible in confirmation emails; backend logs include processing trace IDs for debugging.

Solution

EmailPay was built as a hybrid Web2 + Web3 application that transforms email into a secure, on-chain payment interface. The system combines Vite + React on the frontend, a Node.js backend, and key Web3 infrastructure — Lit Protocol, Hardhat, and PayPal PYUSD — to enable seedless wallet creation, delegated signing, and real stablecoin transfers.⸻⚙️ Core Tech Stack • Frontend: • Vite + React for a fast, modular, and lightweight UI. • Tailwind CSS for styling, Framer Motion for animations. • Features: landing page, OTP-based wallet creation, login, and dashboard (wallet address, balance, and quick mail commands). • Backend (Node.js + Express): • Handles email command parsing, wallet mapping, OTP verification, and transaction orchestration. • Connected to Gmail API to read and process incoming payment commands (like SEND 0.001 ETH TO user@gmail.com). • Implements validation, rate-limiting, and secure signing flows. • Smart Contracts: • Built and deployed using Hardhat, which powered all contract compilation, testing, and local node development. • Hardhat’s plugin ecosystem (ethers.js, dotenv, console logs) made it easy to simulate transaction flows and relayer interactions before deploying on testnets. • Lit Protocol (Partner Technology): • Used to mint and manage Programmable Key Pairs (PKPs), allowing every user to own a seedless email-bound wallet. • Each transaction initiated via email is signed through Lit nodes using session signatures. • This completely removed the need for users to manage private keys or browser wallets. • To handle SIWE + ReCap complexities, we built a custom auth callback wrapper to properly construct and sign session payloads in NodeJS — one of the more hacky but necessary workarounds. • PayPal (PYUSD Integration): • Implemented PYUSD as a payment token option for stable, gas-efficient transactions. • Users can send either ETH or PYUSD, both executed via PKP-signed on-chain transactions. • The use of PYUSD demonstrates the potential for regulated stablecoins in mainstream user experiences.⸻🧩 System Flow 1. User Onboarding: Email + OTP verification → triggers PKP creation via Lit Protocol → wallet address generated. 2. Login: User re-enters email and OTP → dashboard loads wallet info and balance. 3. Payment Command: User sends an email (e.g., send 0.001 eth to alice@gmail.com). 4. Backend Processing: • EmailPay backend parses the command using regex, validates syntax and sender. • Requests session signatures from Lit nodes using the associated PKP. • Uses the signed session to relay the transaction to Ethereum or the PYUSD contract. 5. Confirmation: Sends email back to sender + recipient with transaction hash and success message.⸻🧠 Hacky / Interesting Bits • Overcame Lit Protocol v7 ReCap incompatibility with NodeJS by custom-building a SIWE signing adapter to produce valid sessionSigs. • Built a minimal command grammar parser that converts plain-text email instructions into structured blockchain actions. • Used email as a transaction queue — the Gmail inbox effectively became a lightweight command relay. • Implemented a server-side OTP auth layer to verify email ownership without any wallet extension. • Leveraged Hardhat local node for end-to-end testing — simulating transactions exactly as they would appear on-chain before hitting testnets.⸻💡 Benefits from Partner Technologies • Lit Protocol: Enabled trustless signing without exposing private keys, perfect for onboarding non-crypto users. • Hardhat: Simplified smart contract workflow, enabling rapid iteration and debugging. • PayPal PYUSD: Provided a regulated, stable on-chain asset for fiat-like transfers, bridging Web2 familiarity with Web3 infrastructure.