Blog — TwinMail

March 29, 20263 min readDylan DahalSecurity

Role-based delegation without password sharing: architecture walkthrough

A complete architecture overview of how TwinMail enables permissioned access to accounts and people without exposing credentials.

delegation permissions security

March 22, 20263 min readDylan DahalEngineering

MBOX/PST archive ingest at scale: checkpoint recovery and progress determinism

How TwinMail handles multi-gigabyte archive imports with deterministic progress tracking, checkpoint resume, and corruption-tolerant parsing.

archive MBOX PST

March 15, 20263 min readDylan DahalProduct

Designing the per-action AI consent model: tradeoffs and UX constraints

Every AI action in TwinMail shows its inputs and outputs in a glass-box pattern. We describe the design process, UX tradeoffs, and the consent sheet architecture.

AI consent glass-box

March 8, 20263 min readDylan DahalSecurity

Why we chose XChaCha20-Poly1305 over AES-GCM for vault encryption

A detailed comparison of cipher suite tradeoffs for local-first email storage, including nonce safety, key derivation, and performance on consumer hardware.

encryption XChaCha20-Poly1305 AES-GCM

March 1, 20263 min readDylan DahalEngineering

Building a local-first CRDT sync layer for encrypted email vaults

How we designed a conflict-free replicated data type layer that operates on encrypted vault boundaries without exposing plaintext to any sync server.

local-first CRDT sync

Request a technical preview

Get early access to evaluate TwinMail for your team.

Read trust documentation