Home How It Works Security Who It's For
Overview Features How It Works Regulatory
Overview Threat Landscape How It Works Enterprise
Patterns Use Cases Architecture SDK Talk to Ren
Talk to Ren
Developer platform

Your app.
Their inbox.

Xail Deliver lets your application send verified, identity-authenticated messages directly to any Xail inbox. No spam filters. No intermediaries. Cryptographic proof of who sent it.

Talk to Ren See Patterns
What is Xail Deliver
SDK + Gateway.
Two components, one platform.
The SDK gives your app a cryptographic identity. The Gateway routes messages to human inboxes, other agents, or IoT devices. Same envelope format everywhere.
@xail/agent-sdk
Ed25519 identity, DID:key encoding, AES-256-GCM signed envelopes, replay prevention, trust registry integration. Your agent gets a verifiable cryptographic identity with a few lines of code.
Coming soon
Xail Gateway
Universal router on Xail infrastructure. Verifies sender identity, resolves recipients, routes envelopes via WebSocket, webhook, or email shares. Never decrypts content.
Coming soon
Communication patterns
Every pattern.
One platform.
App to human, human to app, agent to agent, IoT to human — all six patterns use the same envelope format, same identity system, same trust registry.
Pattern Sender Recipient Delivery path
App → Human SDK agent Xail inbox user Gateway → P2P WebSocket / email shares
Human → App Xail inbox user SDK agent Gateway → agent webhook / WebSocket
Agent → Agent SDK agent SDK agent Gateway → recipient webhook / WebSocket
IoT → Human SDK agent (device) Xail inbox user Gateway → P2P WebSocket / email shares
Human → IoT Xail inbox user SDK agent (device) Gateway → agent webhook / MQTT bridge
Broadcast SDK agent Multiple recipients Gateway → fan-out to all paths
Use cases
What developers build
with Deliver.
Every use case gets the same cryptographic identity, verified sender badge, and instant delivery. No spam folder. No lost messages.
AI agent communication
Your AI agent gets a verifiable identity. Sends authenticated messages to users or other agents. The recipient knows exactly who sent it — not a spoofed email, a cryptographic proof.
Killer use case
Transaction alerts
Bank transactions, order confirmations, security alerts. Delivered instantly with a verified sender badge. No one can spoof your brand in a Xail inbox.
Secure document delivery
Legal documents, medical records, financial statements. Split-channel delivery means no single provider can read the content. Proven reconstruction on the recipient device.
IoT device messaging
Smart home alerts, industrial sensor notifications, fleet telemetry. Lightweight SDK agents on constrained devices. Each device gets its own identity.
Machine-to-machine
Microservice notifications, automated workflows, agent-to-agent coordination. Webhook or WebSocket delivery. Same trust registry, same identity verification.
Broadcast notifications
Product updates, emergency alerts, system announcements. One sender, many recipients. Fan-out through the gateway with per-recipient split-channel security.
Architecture — Roadmap
The gateway never
sees your content.
The gateway is a dumb router. It verifies sender identity, resolves recipients, and routes envelopes. Content is encrypted client-side. The gateway cannot decrypt it.
Gateway endpoints
MethodEndpointPurpose
POST/gateway/deliverSend envelope to any recipient
GET/gateway/lookup/:hashCheck if email is Xail user
GET/gateway/messages/:didPoll for pending messages
WS/gateway/streamReal-time bidirectional stream
POST/gateway/ack/:idConfirm received + reconstructed
Trust registry
MethodEndpointPurpose
POST/registry/registerRegister DID + public key
GET/registry/resolve/:didResolve DID → public key
GET/registry/scope/:did/:scopeCheck scope permission
POST/registry/revoke/:didRevoke a DID
Trust registry = network effect moat. Every DID registration adds value to the network. Developers register once, recipients verify instantly. The registry is the identity layer that makes Xail Deliver an Authenticated Cryptographic Interface — not just another messaging service.
SDK
Install. Create. Send.
Install the SDK, create an agent, send a message. The identity, encryption, signing, and registry registration happen automatically.
import { Agent, MemoryTrustRegistry } from '@xail/agent-sdk';
import { GatewayTransport } from '@xail/deliver';

// Create an agent with identity + gateway transport
const agent = await Agent.create({
  name: 'My App',
  registry: new MemoryTrustRegistry(),
  transport: new GatewayTransport({ apiKey: 'xail_live_...' }),
  scopes: ['notification', 'message'],
});

// Send a verified message to any Xail inbox
await agent.value.send({
  to: 'did:key:z6MkRecipient...',
  payload: { subject: 'Order shipped', body: 'Your order is on the way.' },
  scope: 'notification',
});
Ed25519 identity
Every agent gets an Ed25519 keypair and a DID:key identifier. Deterministic, portable, verifiable. No API keys to rotate, no secrets to store on your server.
Envelope v1
AES-256-GCM encrypt-then-sign. 12-byte IV, 16-byte nonce, Ed25519 signature. Replay prevention built in. The same envelope format works across all six communication patterns.
Coming soon

Your app.
Their inbox.

A2A tells agents how to talk. MCP gives agents tools. Xail tells agents who they're talking to.

Talk to Ren Back to xail.io
R
Ask Ren
Here to help
Have a question about Xail Deliver? I can explain.
Ask Ren to set up a call · contact@xail.io