Loading...
private.me Docs
Get Transport
PRIVATE.ME PLATFORM

Transport: Multi-Provider Email Transport

Stateless adapters for Gmail, Outlook, and Yahoo handling both regular email and encrypted share operations. Includes deferred delivery for non-Xail recipients and WebRTC P2P acceleration.

Core / Transport AVAILABLE NOW XorIDA Powered
Section 01

The Problem

Email transport adapters for different providers are fragmented. No unified interface exists for sending both regular email and encrypted shares across Gmail, Outlook, and Yahoo.

Each email provider exposes a different API surface. Gmail uses REST with base64url message encoding. Microsoft Graph uses a JSON-based payload format. Yahoo requires IMAP over OAuth. Building reliable transport across all three means maintaining three completely separate codebases with different authentication, error handling, and rate limiting models.

When shares from XorIDA split operations need to be routed through these providers, the problem compounds. Each share must travel through a different provider to achieve channel independence, but the transport layer must handle this routing transparently without the application layer knowing which provider carries which share.

The Old Way

Gmail Adapter REST / base64url Outlook Adapter MS Graph / JSON Yahoo Adapter IMAP / OAuth 3 SEPARATE CODEBASES Different auth, errors, rate limits, share routing
Section 02

The PRIVATE.ME Solution

A unified TransportAdapter interface abstracts provider differences. One API for regular email, share routing, token refresh, and reconnection across Gmail, Outlook, and Yahoo.

The adapter pattern encapsulates provider-specific logic behind a common interface. Application code calls sendShare() or sendEmail() without knowing which provider handles the request. The transport layer automatically routes shares to the correct provider channel based on the sender's connected accounts.

Deferred delivery handles the case where a recipient is not yet on Xail: Share 1 is delivered as a "message waiting" teaser, Share 2 is held locally in a Pending folder until the recipient joins. When they do, the held share auto-delivers and the sender is notified.

The New Way

APP LAYER sendShare() Transport Unified API Auto-routing Gmail REST API Outlook MS Graph Yahoo IMAP/OAuth SPLIT CHANNEL
Section 03

How It Works

The transport layer detects available provider channels, routes shares across independent channels for maximum security, handles token refresh transparently, and implements deferred delivery for non-Xail recipients.

Message or Shares Mode Detect Regular/Secure Route Channel map Deliver or Defer Ch. 1 Ch. 2 Pending
Key Design Properties
Stateless adapters: No connection state stored between calls. Each operation is self-contained with its own token. Auto-routing: Shares are automatically assigned to different provider channels for channel independence. Deferred delivery: Non-Xail recipients get a "message waiting" teaser. Full delivery fires when they join.
Section 04

Use Cases

Email
Multi-Provider Email Sending

Send regular email through Gmail, Outlook, or Yahoo with a single API call. Automatic token refresh, retry with exponential backoff, and rate limit handling.

3 providers
🔒
Security
XorIDA Share Routing

Route XorIDA shares across independent email channels automatically. Each share travels through a different provider for maximum channel independence and security.

split-channel
Growth
Deferred Delivery

When recipients are not on Xail, hold shares locally and deliver a "message waiting" teaser. Auto-deliver when the recipient joins and the sender is online.

viral growth
Performance
P2P Instant Delivery

WebRTC peer-to-peer channel for instant share delivery when both parties are online. Falls back to email channels when P2P is unavailable. Sub-second secure messaging.

WebRTC
Section 05

Integration

Quick Start
import { createAdapter, sendShare } from '@private.me/transport';

// Create a provider adapter
const gmail = createAdapter('gmail', oauthToken);

// Send regular email
await gmail.sendEmail({
  to: 'recipient@example.com',
  subject: 'Hello',
  body: 'Regular email content',
});

// Route an XorIDA share through this channel
await sendShare(gmail, {
  share: shares[0],
  recipient: 'user@private.me.io',
  uuid: messageUuid,
});
createAdapter(provider: 'gmail' | 'outlook' | 'yahoo', token: string): TransportAdapter
Creates a stateless transport adapter for the specified email provider. The adapter handles provider-specific encoding, authentication headers, and error mapping. Token refresh is handled transparently.
sendShare(adapter: TransportAdapter, opts: { share: Share, recipient: string, uuid: string }): Promise<SendResult>
Sends an XorIDA share through the specified adapter channel. Formats the share in the standard Xecret/PRIVATE.ME email body format. Returns delivery confirmation or deferred status.
Section 06

Security Properties

PropertyMechanismGuarantee
Channel IndependenceMulti-provider routingShares traverse separate infrastructure
Token SecurityMemory-only storageNo persistent token exposure
Retry SafetyExponential backoffNo duplicate share delivery
Format IntegrityStandard body formatConsistent share encoding
Deferred SecurityClient-side share holdingNo server-side share storage
3
Providers
OAuth
Authentication
P2P
WebRTC fallback
100%
Test coverage
PRIVATE.ME · Transport WHITE PAPER

© 2026 StandardClouds Inc. dba PRIVATE.ME. All rights reserved.

VERIFIABLE WITHOUT CODE EXPOSURE

Ship Proofs, Not Source

Transport generates cryptographic proofs of correct execution without exposing proprietary algorithms. Verify integrity using zero-knowledge proofs — no source code required.

XPROVE CRYPTOGRAPHIC PROOF
Download proofs:

Verify proofs online →

Use Cases

🏛️
REGULATORY
FDA / SEC Submissions
Prove algorithm correctness for email providers without exposing trade secrets or IP.
Zero IP Exposure
🏦
FINANCIAL
Audit Without Access
External auditors verify Gmail/Outlook/Yahoo adapters without accessing source code or production systems.
FINRA / SOX Compliant
🛡️
DEFENSE
Classified Verification
Security clearance holders verify email providers correctness without clearance for source code.
CMMC / NIST Ready
🏢
ENTERPRISE
Procurement Due Diligence
Prove security + correctness during RFP evaluation without NDA or code escrow.
No NDA Required

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

  • Zero infrastructure setup
  • Automatic updates
  • 99.9% uptime SLA
  • Enterprise SLA available
View Pricing →
📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

  • npm install @private.me/transport
  • TypeScript/JavaScript SDK
  • Full source access
  • Enterprise support available
Get Started →
🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

  • Complete data sovereignty
  • Air-gap capable deployment
  • Custom SLA + dedicated support
  • Professional services included
Request Quote →

Enterprise On-Premise Deployment

While Transport is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

  • Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
  • Air-gapped environments — SCIF, classified networks, offline operations
  • Data residency requirements — EU GDPR, China data laws, government mandates
  • Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →

Other Requirements? Need white-label deployment or custom integration? Contact our enterprise team →