MeshKit

Messages

Send encrypted message payloads through provider-backed mailboxes.

Messages are encrypted payloads delivered through provider-backed mailboxes. They use the same envelope and capsule model as sharing, but the API is shaped around sending to and reading from an inbox.

Use messages for small app notifications, private handoff payloads, or workflow signals. Use files or records when your app mainly needs content storage by CID.

Send And Open A Message

import { meshkit } from "@meshkit/meshkit";

const mesh = await meshkit({ identity: "owner" });

await mesh.identity.create("alice");

const message = await mesh.messages.to("alice").send("The encrypted payload is ready.", {
  expiresIn: "2h",
});

const inbox = await mesh.messages.inbox("alice");
const queued = inbox.find((item) => item.id === message.id);

if (!queued) {
  throw new Error("Message did not arrive in the mailbox");
}

const opened = await mesh.messages.open(queued, {
  as: "alice",
});

console.log(await opened.text());

How Messages Work

messages.to(recipient).send(...) stores the message body as encrypted content, creates a share capsule for the recipient, and enqueues a MeshMessage in the recipient mailbox. messages.open(...) opens that capsule as the current or specified identity.

The provider sees encrypted content, capsule metadata, and mailbox entries. It does not receive plaintext message bodies.

API

await mesh.messages.to(recipient).send(message, options);
await mesh.messages.inbox(recipient);
await mesh.messages.open(message, options);
APIReturnsNotes
messages.to(recipient).send(message, options)MeshMessageStores encrypted content and queues a capsule-backed message
messages.inbox(recipient)MeshMessage[]Reads mailbox entries from the provider
messages.open(message, options)MeshContentApplies share checks and decrypts the message body

Message Versus Share

Use messages when...Use sharing when...
You want inbox semanticsYou already have a file or record and want access control
The payload is small text or app signal dataThe payload is a durable object users may revisit
The provider mailbox is part of your workflowYour app stores capsule IDs directly

What To Persist

  • Message ID
  • Recipient identity
  • Content CID
  • Capsule ID
  • Delivery or read state in your application

Failure Modes

SymptomLikely causeAction
Inbox is emptyProvider mailbox does not contain messages for that identityConfirm recipient ID and provider boundary
Message cannot openRecipient identity cannot unwrap the capsuleOpen as the recipient or resend after resolving identity
Message expiredThe capsule expiry passedSend a new message
Works locally but not in productionProvider does not support mailbox recordsChoose or implement a provider with mailbox support

Production Notes

  • Messages depend on provider mailbox support, not just raw byte storage.
  • Keep recipient identity resolution explicit.
  • Do not log plaintext message bodies while debugging.
  • Use expiries for transient messages and application retention rules for durable messages.

Next Steps

Sharing

Share encrypted content with recipient identities.

Streaming

Upload and download large encrypted content in authenticated chunks.

On this page

Send And Open A MessageHow Messages WorkAPIMessage Versus ShareWhat To PersistFailure ModesProduction NotesNext Steps