I’m thinking about creating my own Telegram bot for personal use but I have some security concerns. I want to make sure my private conversations with the bot would be properly encrypted.
From what I understand, Telegram uses encryption but I’m not completely sure if this applies to bot interactions too. Since I might be sending sensitive information to my bot, I need to know if these messages are protected with end-to-end encryption.
I’ve looked through some documentation but couldn’t find a clear answer about bot security specifically. Can someone confirm whether private chats with Telegram bots use the same encryption as regular private messages? I want to be absolutely certain before I start building my bot.
yeah, bot chats ain’t end-to-end encrypted like secret chats. telegram can see those msgs since they only use server encryption. if ur sending really private stuff, encrypt it urself b4 sending to the bot. better safe than sorry.
No, Telegram bot conversations are not protected by end-to-end encryption. While regular Telegram chats use server-client encryption, Secret Chats provide true end-to-end encryption, which bots cannot access. Messages to and from your bot are encrypted in transit and stored encrypted on Telegram’s servers, but Telegram possesses the keys to decrypt them. If you’re dealing with sensitive information, it’s advisable to implement your own encryption in the bot’s code to ensure safety, as I learned while developing a personal finance bot.
Nope, bot conversations don’t have end-to-end encryption. Bots need to process messages on Telegram’s servers, so the architecture won’t allow it. I ran into this exact issue on a project last year - all bot messages go through Telegram’s infrastructure where they can be accessed. You only get encryption between your device and their servers, not true end-to-end like Secret Chats. I solved it by adding AES encryption on the client side before sending anything to the bot. That way, even if someone intercepts the messages, they just see encrypted gibberish. If you’re serious about protecting sensitive info, grab a crypto library and handle encryption/decryption locally.