http://harmony.one/telegram-wallets
| Env variable name | Required | Default | Description |
|---|---|---|---|
| TELEGRAM_BOT_AUTH_TOKEN | true | - | Telegram bot auth token |
| TELEGRAM_API_ID | true | - | Telegram API id |
| TELEGRAM_API_HASH | true | - | Telegram API hash |
Bot paid features includes audio-to-text translations, AI image generator, QR code generator, etc.
The bot should support payments in ONE token
Each bot user (telegram user) should be mapped to a deposit blockchain account.
Deposit account must have the following properties:
- Each account should be unique to the Telegram userId
- Deposit address should be available for the user and the bot
- Bot should be able to transfer ONE tokens from deposit address as a payment
- Private key of deposit account data should not be stored in the persistent storage
Each telegram userId can be mapped to the deposit account with sha hash function. To make it impossible to create the same account, knowing the mapping algorithm, we can add a secret string on the bot side.
Example of creation of the deposit account:
const privateKey = web3.utils.sha3("<BotSecret>_<TelegramUserId>");
const account = web3.eth.accounts.privateKeyToAccount(privateKey);
console.log(account.address); // 0xd10063CFC4fEea79367Be6d8C1eC6a2251ebCAD1- BotSecret is a random string stored in the bot RAM
- TelegramUserId is a 8-digit number representing the telegram userId
Pros:
- Almost unique mapping userId -> deposit account (sha3 collisions probability is very low)
- Private key is not stored in the persistent storage
- Deposit account can be computed by bot on the fly, based on secret from RAM and telegram userId from the request
Cons:
- Deposit blockchain account created in centralized way. Considering that the user doesn't need this account to store tokens, but only to refill for the bot's services, this shouldn't be a problem.
