# TeleBot - Privacy-First E-Commerce Telegram Bot A privacy-focused Telegram bot for the LittleShop e-commerce platform, featuring anonymous shopping, cryptocurrency payments, and optional Tor support. ## 🔒 Privacy Features - **No Account Required**: Shop anonymously without registration - **Ephemeral Sessions**: Data auto-deletes after 30 minutes of inactivity - **PGP Encryption**: Optional encryption for shipping information - **Tor Support**: Can operate through Tor network for maximum privacy - **Anonymous References**: Orders use random identifiers, not user IDs - **Cryptocurrency Only**: Bitcoin, Monero, and other privacy coins - **Zero Analytics**: No tracking unless explicitly enabled - **Data Deletion**: Delete all your data instantly with `/delete` ## 🚀 Quick Start ### Prerequisites - .NET 9.0 SDK - Telegram Bot Token (from @BotFather) - LittleShop API running locally or accessible - (Optional) Redis for persistent sessions - (Optional) Tor for anonymous routing ### Installation 1. Clone the repository: ```bash git clone https://github.com/yourusername/littleshop.git cd littleshop/TeleBot/TeleBot ``` 2. Configure the bot: ```bash cp appsettings.json appsettings.Production.json # Edit appsettings.Production.json with your settings ``` 3. Set your bot token: ```json { "Telegram": { "BotToken": "YOUR_BOT_TOKEN_FROM_BOTFATHER" }, "LittleShop": { "ApiUrl": "https://localhost:5001", "Username": "bot-user", "Password": "bot-password" } } ``` 4. Run the bot: ```bash dotnet run --environment Production ``` ## 📱 Bot Commands ### Shopping Commands - `/start` - Start shopping and view main menu - `/browse` - Browse product categories - `/cart` - View your shopping cart - `/orders` - View your order history - `/clear` - Clear shopping cart ### Privacy Commands - `/privacy` - Privacy settings menu - `/ephemeral` - Toggle ephemeral mode - `/pgpkey [key]` - Set PGP public key for encryption - `/delete` - Delete all your data immediately - `/tor` - Get Tor configuration instructions ### Help - `/help` - Show all available commands ## 🛍️ Shopping Flow 1. **Browse Products** - Start with `/browse` or main menu - Select category → View products → Select product 2. **Add to Cart** - Choose quantity with +/- buttons - Click "Add to Cart" - Continue shopping or checkout 3. **Checkout** - Click "Proceed to Checkout" from cart - Enter shipping information step-by-step: - Name - Address - City - Postal Code - Country - Review and confirm order 4. **Payment** - Select cryptocurrency (BTC, XMR, USDT, etc.) - Receive wallet address and amount - QR code generated for easy payment - Payment expires after set time 5. **Order Tracking** - Use `/orders` to view all orders - Click on order to see details - Track payment and shipping status ## 🔐 Privacy Configuration ### Ephemeral Mode (Default: ON) ```json { "Privacy": { "EphemeralByDefault": true, "DataRetentionHours": 24, "SessionTimeoutMinutes": 30 } } ``` ### PGP Encryption Users can enable PGP encryption for shipping information: ``` /pgpkey -----BEGIN PGP PUBLIC KEY BLOCK----- [Your PGP public key here] -----END PGP PUBLIC KEY BLOCK----- ``` ### Tor Configuration Enable Tor routing for all bot communications: ```json { "Privacy": { "EnableTor": true, "TorSocksPort": 9050, "TorControlPort": 9051 } } ``` ### Redis Session Storage (Optional) For non-ephemeral sessions across bot restarts: ```json { "Redis": { "Enabled": true, "ConnectionString": "localhost:6379", "InstanceName": "TeleBot" } } ``` ## 🧅 Tor Setup ### 1. Install Tor ```bash # Ubuntu/Debian sudo apt install tor # Start Tor service sudo systemctl start tor ``` ### 2. Configure Hidden Service Edit `/etc/tor/torrc`: ``` HiddenServiceDir /var/lib/tor/telebot/ HiddenServicePort 80 127.0.0.1:5000 HiddenServiceVersion 3 ``` ### 3. Get Onion Address ```bash sudo cat /var/lib/tor/telebot/hostname ``` ### 4. Configure Bot ```json { "Privacy": { "EnableTor": true, "OnionServiceDirectory": "/var/lib/tor/telebot/" }, "LittleShop": { "OnionUrl": "http://your-shop-onion.onion", "UseTor": true } } ``` ## 🚢 Deployment ### Docker ```dockerfile FROM mcr.microsoft.com/dotnet/runtime:9.0 WORKDIR /app COPY ./publish . ENTRYPOINT ["dotnet", "TeleBot.dll"] ``` ### Docker Compose with Tor ```yaml version: '3.8' services: telebot: build: . environment: - ASPNETCORE_ENVIRONMENT=Production - Privacy__EnableTor=true volumes: - ./appsettings.Production.json:/app/appsettings.Production.json - ./data:/app/data depends_on: - tor - redis tor: image: dperson/torproxy ports: - "9050:9050" - "9051:9051" volumes: - ./tor:/etc/tor - tor_data:/var/lib/tor redis: image: redis:alpine command: redis-server --save "" volumes: - redis_data:/data volumes: tor_data: redis_data: ``` ### Systemd Service ```ini [Unit] Description=TeleBot Privacy E-Commerce Bot After=network.target [Service] Type=simple User=telebot WorkingDirectory=/opt/telebot ExecStart=/usr/bin/dotnet /opt/telebot/TeleBot.dll Restart=on-failure Environment=ASPNETCORE_ENVIRONMENT=Production [Install] WantedBy=multi-user.target ``` ## 🔧 Advanced Configuration ### Supported Cryptocurrencies ```json { "Cryptocurrencies": [ "BTC", // Bitcoin "XMR", // Monero (recommended for privacy) "USDT", // Tether "LTC", // Litecoin "ETH", // Ethereum "ZEC", // Zcash "DASH", // Dash "DOGE" // Dogecoin ] } ``` ### Order Mixing (Privacy Feature) Adds random delays to order processing: ```json { "Features": { "EnableOrderMixing": true, "MixingDelayMinSeconds": 60, "MixingDelayMaxSeconds": 300 } } ``` ### Disappearing Messages Auto-delete sensitive messages after display: ```json { "Features": { "EnableDisappearingMessages": true, "DisappearingMessageTTL": 30 } } ``` ## 📊 Monitoring ### Logs - Console output for real-time monitoring - File logs in `logs/telebot-YYYYMMDD.txt` - Privacy-safe logging (no PII) ### Health Check ```bash curl http://localhost:5000/health ``` ## 🔒 Security Best Practices 1. **Never commit real bot tokens** - Use environment variables 2. **Run as non-root user** in production 3. **Use HTTPS** for API connections 4. **Enable Tor** for maximum privacy 5. **Rotate bot tokens** regularly 6. **Monitor for abuse** - Implement rate limiting 7. **Backup PGP keys** securely 8. **Use strong passwords** for API authentication ## 🐛 Troubleshooting ### Bot not responding - Check bot token is correct - Ensure bot is not blocked - Check network connectivity - Review logs for errors ### Can't connect to API - Verify LittleShop API is running - Check API credentials - Test API connection manually - Check firewall rules ### Tor connection issues - Ensure Tor service is running - Check SOCKS proxy settings - Verify onion address is correct - Check Tor logs: `sudo journalctl -u tor` ### Session issues - Clear Redis cache if enabled - Delete `telebot.db` if using LiteDB - Restart bot service - Check session timeout settings ## 📝 Privacy Policy This bot implements privacy-by-design principles: - Minimal data collection - Ephemeral by default - No third-party tracking - User-controlled data deletion - Optional encryption - Anonymous identifiers - No KYC requirements ## 🤝 Contributing 1. Fork the repository 2. Create a feature branch 3. Make your changes 4. Add tests 5. Submit a pull request ## 📄 License This project is part of the LittleShop platform. All rights reserved. ## 🆘 Support - Open an issue on GitHub - Contact via Telegram: @yoursupport - Email: support@littleshop.onion (Tor) ## 🔮 Roadmap - [ ] Voice message support for product search - [ ] Group shopping carts - [ ] Multi-language support - [ ] Web app integration - [ ] Lightning Network payments - [ ] Decentralized order storage (IPFS) - [ ] AI-powered product recommendations - [ ] End-to-end encrypted group orders --- **Remember**: Your privacy is our priority. Shop safely! 🔒