This TelegramBot uses state-of-the-art encryption algorithm (ECDSA) and pixel manipulation (steganography) to masque any given <text> within any given <image>.
-
If you truly have a paranoia about security. A VPN is recommended during /encrypt and /decrypt.
-
PNGs are recommended better performance.
- Saves
Hashesinstead of username. unique constraintprevents duplicacy.- Message is first
encryptedthensteganographyis performed. ECDSAis used, which means less time on computation and powerful encryption.Dynamic URL: URL changes every6 hours and 5 minutes, with130 char long, making it impossible to send through any means other than telegram since URL remains unknown to everyone except telegram.Gunicorncreates multiple workers hence supporting parallel processing.- Process Management: All processes are cancelled before starting a new one.
Triggersare added to delete any process with a timestamp older than 10 minutes. A few coolEaster Eggsare there as well.
Video Tutorial: LRBY | YouTube
<iframe id="odysee-iframe" style="width:74vw;height:42vw;" src="https://odysee.com/$/embed/MasquerBot/11376992c29c54efde884284b298a1290ae8d7f8?r=45vpskZGbEGUURSfgbmqd6b53WGvvGuh" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
How this works is, that everyone is given a public key, which is used to lock information, we call it "public key" as it can be publicly distributed.
So to masque a message both sender and receiver must initiate MasquerBot's Service. Each message is masqued only for the receiver, if the receiver changes their key then decryption would be impossible.
- /start: It starts and calls /help and /get_key
- /lbry or /youtube: Return a link of video tutorial.
- /help: Returns the
WorkflowandAvailable Commands. - /get_key: Returns your
public key. - /encrypt: Returns the
encoded image.- Step 1: Send the
messageto encrypt. - Step 2: Send the recipient's
public key(not yours). - Step 3: Send the
image(as a document).
- Step 1: Send the
- /decrypt: Returns the
hidden text.- Step 1: Send the
encoded image(as a document).
- Step 1: Send the
- /cancel: Cancels any ongoing events.
- /request_new_key: Deletes your account and creates another one. Beware! Once deleted you cant retrieve any text masqued using the previous key.
The following are the bare necessities for this project.
Lets start the standard procedure for python project setup.
- Clone the repository
$ git clone https://github.com/ra101/MasqureBot.git- Create the virtualenv and activate it
$ cd MasqureBot
$ virtualenv .
$ source ./bin/activate # unix
$ .\Scripts\activate.bat # windows- Install requirements
$ pip install -r requirements.txtTo run the project locally download and install
Following are the steps to run locally
- copy content of .env.template into .env (one can use dump-env as well)
$ cat .env.template > .env- Fillup the basic info.
DOMAIN_NAME=
# Flask Variables
# ------------
FLASK_DEBUG=True
FLASK_ENV=development
FLASK_SECRET_KEY=my_precious
# SQLAlchemy Variables
# ------------
DATABASE_URL=
SQLALCHEMY_TRACK_MODIFICATIONS=True
# Telegram Credentials
# ------------
TELEGRAM_BOT_TOKKEN=<your_bot_token>-
For
DOMAIN_NAME-
run the following command
$ ngrok http 8000
-
This will create a local tunnel with address like
https://<nonce>.ngrok.iothat is your value for domain.
-
-
For
DATABASE_URL-
If you use SQLite, that create a file and it does not need any other software.
sqlite:///foo.dbis the value for
DATABASE_URLis that case. -
For any other SQL the syntax is
dialect+driver://username:password@host:port/database, heredialectrefers to SQL. We have used postgreSQL which usespsycopg2as default driver which is installed fromrequirements.txt
-
-
Run the application!
$ makeor
$ gunicorn wsgi:application -c scheduler.pyFollowing are the steps to run on server.
-
If you can host .env, then the steps are pretty much same as running locally, except for
DOMAIN_NAME, it will be provided by hosting provider. -
If you can't host .env like in case of
heroku, then you need to export each variable into hosting providers environment.
| Dependency | Usage |
|---|---|
| APScheduler | Creates a background scheduler in scheduler.py which changes webhook URL in every 6 hours and 5 minutes |
| eciespy | Generates ECDSA key pair and also provides encryption and decryption functionality |
| Flask | Flask is a lightweight WSGI web application framework. |
| Flask-RESTful | Adds support for quickly building REST APIs. |
| Flask-SQLAlchemy | Provides a Object Relation Mapper which is meant to integrate with |
| gunicorn | It is a Python WSGI HTTP server. It is a pre-fork worker model, used to create concurrency for resources. |
| psycopg2-binary | Driver for postgreSQL used by Flask-SQLAlchemy |
| pyTelegramBotAPI | A simple, but extensible Python implementation for the Telegram Bot API. |
| python-dotenv | Reads the key-value pair from .env file and adds them to environment variable. |
| stegano | A pure Python Steganography module. |
