Backend Service

The Backend is the message transport layer in DeadLetter. It never sees plaintext and has no ability to decrypt messages. Its sole responsibility is to accept encrypted envelopes from senders and deliver them to the correct recipient inbox.

Responsibilities

The backend handles:

Receiving encrypted message envelopes from ESP32 sender devices
Storing envelopes temporarily until fetched by the receiver
Serving inbox contents to receivers
Verifying delete acknowledgements
Purging expired messages automatically

At no point does the backend have access to message plaintext or encryption keys.

Data Model

Each stored message is an envelope:

Field	Description
`id`	Unique message identifier
`ephemeral_pub`	Sender ephemeral X25519 public key (base64)
`iv`	AES‑GCM IV (base64)
`ciphertext`	Encrypted payload (base64)
`tag`	AES‑GCM authentication tag (base64)
`receivedAt`	Server timestamp

Endpoints

Fetch inbox

GET /inbox/{handle}

Returns all encrypted envelopes for the specified handle.

Delete message (acknowledge)

POST /ack-delete

Body:

{
  "id": "<message_id>",
  "handle": "<handle>",
  "sig": "<base64-ed25519-signature>"
}

The backend verifies the signature against the recipient certificate before deleting the message.

Security Properties

Backend never holds encryption keys.
Messages are end‑to‑end encrypted between ESP sender and CLI receiver.
Delete requests are signed with the receiver’s private signing key.
Backend is safe to run over Tor or clearnet.

Expiration

Messages are stored with a TTL and are purged automatically even if never fetched.

This ensures the backend never becomes a long‑term message archive.

Threat Model

The backend is assumed to be:

Curious
Potentially compromised
Observable

Even in this worst case:

No plaintext is exposed
Tampering is detected via AES‑GCM
Deletions require cryptographic proof of ownership

Summary

The backend is a blind courier.

It moves opaque cryptographic envelopes between parties, but cannot read, forge, or impersonate any participant.