Data Privacy in BotBasher for Telegram

Data Privacy in BotBasher for Telegram

Proof of Uniqueness in crypto is a hot topic right now. Everyone’s talking about it. Big guys like a16z are calling for ideas and projects to solve this puzzle. But let’s not kid ourselves – this isn’t a new problem.

The crypto world has debated proof of uniqueness for ages. Here’s a fun fact: The first comprehensive study on Proof of identity in Blockchain came out in 2018, according to Wikipedia. Some say it’s necessary to prevent Sybils from ruining projects. Others argue it goes against the core values of Web3: anonymity and privacy.

So the real question isn’t whether we need it - it’s about how to do it right. Can we prove uniqueness without sacrificing privacy and anonymity? Some say it’s impossible while others like Humanode team disagree.

Humanode has been solving this problem for a long time, finding ways to prove “one person, one account” without compromising anonymity and keeping data secure, one step at a time.

And with more than 2 million bioauthentications already under the belt, the Humanode team decided to develop BotBasher for Telegram. It is hard to deny that Telegram is a great tool if used properly. It is easy, it is private, and it is somewhat secure.

BotBasher allows a user to go through a 15-second private biometric authentication process that will tie your face to one Telegram account. 

What does this do? Well, it allows the user to join Telegram channels and groups that are designated Sybil-resistant channels/groups, meaning that everyone in the channel is a verified human being, and not a bot, and not the guy with 100 other accounts in the same channel. Why develop it for Telegram? Well, there are lots of reasons

But today, we’re not here to explain what BotBasher is (if you’re curious, read this). Instead, we’re diving into the big question: How does BotBasher keep users' data private and secure? Let’s explore. 

How BotBasher protect User privacy and anonymity?

The technology behind BotBasher for Telegram or even Biomapper is Humanode’s cryptobiometric technology which not only verifies that a user is unique and alive but also ensures that the biometric data remains encrypted and anonymized throughout the verification process. Here’s a step-by-step process:

1. Data Collection

To verify that a user is a living human being, they have to go through a live video-based 3D face scan using any device with a camera of at least 3 megapixels. It is a 10-15 seconds process. During this process, the platform's algorithms transform the video feed into a 3D template simultaneously verifying liveness.

2. Data Encryption and Transmission

When a user’s biometric data is captured, before it even leaves the user’s device, it is encrypted with asymmetric cryptography. This encrypted data is transmitted to the Confidential Virtual Machines (CVMs) powered by AMD SE-SNP servers. This guarantees that your project never handles raw biometric data, keeping sensitive information completely out of reach.

3. Data Verification

The encrypted 3D template and liveness data are transmitted to Confidential Virtual Machines (CVMs) powered by AMD SEV-SNP. This hardware-based encryption protects the entire memory of the virtual machine, ensuring the data remains inaccessible to anyone – including server administrators, Humanode, or potential attackers.

Here’s what makes this critical for your project:

  • Tamper-proof Environment: CVMs isolate sensitive data, preventing unauthorized access even if someone gains physical control of the server.
  • Attestation and Verification: Before deployment, CVMs verify their integrity using a launch attestation report. This guarantees the hardware and software are running as intended and hasn’t been tampered with. Even after the CVMs are deployed, you can verify that the servers are running as intended. 
  • Zero Admin Access: Even Humanode’s team has no access to the CVMs. The servers are configured without admin keys, passwords, or SSH access, ensuring no backdoors exist.

Learn more about the deployment and configuration of the Verifiable CVMs here.

For users to get verified, two components are required: an encrypted 3D face template and liveness data. The already encrypted Confidential Computing servers compare the newly arrived encrypted 3D face templates against those already registered in the system.

As for the liveness data, it is timestamped and immediately deleted after verifying that the user is an actual live human being, not a facemask, photograph, or a deepfake.

4. Data Storage

After verification, your encrypted 3D template is stored securely. The system creates a random string of data linked to your Telegram ID. Here’s the cool part: the random string is useless outside of BotBasher. Even if someone got hold of it, it wouldn’t reveal anything about the user.

Another important thing to keep in mind is that we create a single CVM at a time and recreate them approximately every six months. With the deletion of the existing CVM, all the data it contains (including biometric information) is entirely discarded, and a new, empty CVM is created.

When the CVM is reset, all previous uniqueness proofs are cleared, requiring users to prove their uniqueness again. Until they complete this process, they won’t be able to participate in BotBasher-protected groups or channels.

This reset, known as a generation switch, also allows users to link their biometrics to a different account if needed.

Bottom Line

The need for a Sybil resistance tool like BotBasher for Telegram is clear. Telegram communities often start with real, engaged people driving meaningful conversations. But then bots start creeping in. Sybils flood the space.

Polls stop reflecting real opinions. Giveaways get exploited. The community vibe shifts.

No matter how many accounts you ban, the problem keeps growing. And you’re left wondering: how many of these users are real?

BotBasher offers a way to keep your space authentic – ensuring it’s full of unique, real people all while keeping their privacy intact. No KYC. No private information. Just seamless verification that won’t scare users away. 

Check this step-by-step guide on Setting up a Sybil-resistant Telegram Group or Channel

Join the Sybil Resistant Humanode chat

Interact with the BotBasher Telegram Bot.