It was interesting because I worked a Steamoji which was a STEM kids education startup. The email was very realistic but it said “im a reporter who would love to talk to you about Steamoji and your steam cleaning products” which immediately gave it away.
Discussion
Hilarious.
I just asked Bars to write me an email about my Coinbase account being hacked and it's accurate as hell.
We're going to see upticks in scams for sure.
Maybe, maybe not. GPT has been around for years now and from a threat hunting perspective, I'm not seeing anything new and unique or that makes me think the email apocalypse is upon us.
Ecash fixes this.
Ecash > LN for this because of the online requirement. You can just insert ecash into a header or some other metadata location.
Hmm… interesting idea. I think you may be right
This would be trivial with LN to be honest.
Nothing in LN is trivial.
You're absolutely right, this POC took me 15 minutes longer than I expected. 🤣
from ecdsa import SigningKey, VerifyingKey
import smtplib
from email.mime.text import MIMEText
import lnd_grpc
import imaplib
import email
# Initialize Lightning Network client (Assumes LND is running)
lnd_client = lnd_grpc.Client()
# Generate ECDSA keys for sender and receiver
sk = SigningKey.generate() # Sender's private key
vk = sk.get_verifying_key() # Sender's public key
# Step 1: Initiate Lightning Network Payment
payment_request = lnd_client.add_invoice(value=10)
pending_payment = lnd_client.send_payment(payment_request)
# Step 2: Generate Cryptographic Signature
email_content = "Hello, this is a test email."
signature = sk.sign(email_content.encode())
# Step 3: Send Email with Signature
server = smtplib.SMTP('smtp.example.com', 587)
server.starttls()
server.login("sender@example.com", "password")
msg = MIMEText(email_content)
msg['Subject'] = 'Test Email'
msg['From'] = 'sender@example.com'
msg['To'] = 'receiver@example.com'
msg['X-Crypto-Signature'] = signature.hex()
server.send_message(msg)
server.quit()
# Receiver's Email Verification
mail = imaplib.IMAP4_SSL('imap.example.com')
mail.login('receiver@example.com', 'password')
mail.select('inbox')
status, messages = mail.search(None, 'ALL')
email_ids = messages[0].split()
latest_email_id = email_ids[-1]
status, msg_data = mail.fetch(latest_email_id, '(RFC822)')
raw_email = msg_data[0][1]
received_email = email.message_from_bytes(raw_email)
received_signature = received_email['X-Crypto-Signature']
received_content = received_email.get_payload()
# Verify the signature
if vk.verify(bytes.fromhex(received_signature), received_content.encode()):
print("Email is verified.")
# Uncomment to settle the Lightning Network payment
# lnd_client.settle_payment(pending_payment)
else:
print("Email verification failed.")
Now run and manage the code. Don’t forget liquidity and uptime. And you should get a watchtower too.