SilverLABS/littleshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fa5e5fb9fa
littleshop/TeleBot/INTEGRATION_SUMMARY.md
sysadmin eae5be3e7c Add customer communication system
2025-08-27 18:02:39 +01:00

5.8 KiB
Raw Blame History

TeleBot - LittleShop Integration Summary

Completed Implementation

1. Privacy-First Architecture

  • Anonymous user identification (SHA-256 hashed Telegram IDs)
  • Ephemeral sessions by default (30-minute timeout)
  • PGP encryption support for shipping information
  • Tor support for routing (SOCKS5 proxy configuration)
  • Zero-knowledge cart storage (encrypted with session keys)
  • Privacy-preserving logging (PII redaction)

2. Core Components Created

Models (/Models/)

  • UserSession.cs - Privacy-focused session management
  • ShoppingCart.cs - Cart and item management
  • OrderFlowData.cs - Checkout flow state tracking

Services (/Services/)

  • PrivacyService.cs - Encryption, hashing, Tor client creation
  • SessionManager.cs - Session lifecycle with Redis/LiteDB support
  • LittleShopService.cs - Wrapper for LittleShop Client SDK

Handlers (/Handlers/)

  • CommandHandler.cs - Telegram command processing (/start, /browse, etc.)
  • CallbackHandler.cs - Button interaction handling
  • MessageHandler.cs - Text message processing (checkout flow)

UI Components (/UI/)

  • MenuBuilder.cs - Dynamic Telegram keyboard generation
  • MessageFormatter.cs - Rich text formatting for products/orders

3. Features Implemented

Shopping Flow

  1. Browse categories → View products → Product details
  2. Add to cart with quantity selection
  3. Cart management (view, update, clear)
  4. Multi-step checkout (name, address, city, postal, country)
  5. Payment method selection (8 cryptocurrencies)
  6. Order confirmation with payment instructions
  7. QR code generation for crypto addresses

Privacy Features

  • /ephemeral - Toggle ephemeral mode
  • /pgpkey - Set PGP public key
  • /delete - Instant data deletion
  • /tor - Tor configuration guide
  • /privacy - Privacy settings menu

Order Management

  • Anonymous order references (ANON-XXXXXXXXXXXX)
  • Order history viewing
  • Payment status tracking
  • Shipping status updates

4. Configuration System

appsettings.json Structure

{
  "Telegram": { "BotToken": "..." },
  "LittleShop": { "ApiUrl": "...", "UseTor": false },
  "Privacy": { "EphemeralByDefault": true, "EnableTor": false },
  "Redis": { "Enabled": false },
  "Features": { "EnableQRCodes": true, "EnablePGPEncryption": true }
}

5. Dependencies Integrated

  • LittleShop.Client SDK
  • Telegram.Bot framework
  • PgpCore for encryption
  • LiteDB for local storage
  • Redis for distributed cache
  • QRCoder for payment QR codes
  • Serilog for logging
  • Hangfire for background jobs

🔧 Integration Points

LittleShop Client SDK Usage

// Authentication
await _client.Authentication.LoginAsync(username, password);

// Fetch categories
var categories = await _client.Catalog.GetCategoriesAsync();

// Get products
var products = await _client.Catalog.GetProductsAsync(categoryId: id);

// Create order
var order = await _client.Orders.CreateOrderAsync(request);

// Generate payment
var payment = await _client.Orders.CreatePaymentAsync(orderId, currency);

Privacy Implementation

// Anonymous user identification
var hashedId = SHA256(telegramUserId + salt);

// PGP encryption for shipping
if (user.RequiresPGP) {
    shippingInfo = await EncryptWithPGP(data, publicKey);
}

// Tor routing
var httpClient = await CreateTorHttpClient();

📊 Data Flow

User → Telegram → TeleBot → [Tor?] → LittleShop API → Database
                     ↓
                 Session Manager
                     ↓
                 [Redis/LiteDB]

🚀 Deployment Architecture

Docker Compose Setup

services:
  telebot:     # Main bot service
  tor:         # Tor proxy (optional)
  redis:       # Session cache (optional)
  littleshop:  # API backend
  btcpay:      # Payment processor

🔒 Security Features

  1. No Personal Data Storage

    • Only hashed identifiers
    • Ephemeral sessions
    • Auto-cleanup after timeout

  2. Encrypted Communications

    • Optional Tor routing
    • HTTPS for API calls
    • PGP for sensitive data

  3. Payment Privacy

    • Cryptocurrency only
    • No payment data stored
    • Anonymous order references

📝 Next Steps for Production

Required

  1. Set up actual Telegram bot token
  2. Configure LittleShop API credentials
  3. Set up BTCPay Server integration
  4. Configure proper encryption keys

Optional Enhancements

  1. Enable Redis for distributed sessions
  2. Set up Tor hidden service
  3. Configure Hangfire for background jobs
  4. Implement order status webhooks
  5. Add multi-language support

🎯 Key Achievements

  • Complete e-commerce flow through Telegram
  • Privacy-first design with multiple layers of protection
  • Clean architecture with separation of concerns
  • Extensible framework for future enhancements
  • Production-ready configuration system
  • Comprehensive documentation for deployment

💡 Technical Lessons

  1. Telegram.Bot API Evolution: Methods change between versions
  2. Session Management: Balance between privacy and UX
  3. Tor Integration: Manual SOCKS5 proxy more reliable than libraries
  4. PGP Implementation: PgpCore simplifies encryption
  5. QR Code Generation: Essential for crypto payments

🏗️ Architecture Decisions

  1. No User Accounts: Privacy through anonymity
  2. Ephemeral by Default: Data minimization
  3. Cryptocurrency Only: No traditional payment tracking
  4. Modular Handlers: Easy to extend functionality
  5. Configuration-Driven: Environment-specific settings

This integration successfully bridges the LittleShop e-commerce platform with Telegram, providing a privacy-focused shopping experience through a familiar messaging interface.