In-TGr

We have created a Telegram bot that showcases a method for interacting with defi and web3 without any additional trust assumptions or requiring users to share or turn over control of their funds to any bot or other third party.

Existing Telegram bots require users to deposit funds into wallets the bots create for them. When a user first interacts with the bot it will generate new wallets which it links to the user's telegram ID. The bot then uses these wallets to store funds for the user and execute interactions on their behalf - however the user has no access to the private key of these wallets nor has any control over what the bot might do once it has their funds.

We have to provide better security and protections for web3 users than this.

Using Account Abstraction via a SAFE smart contract wallet module extension we have created a system where a Telegram bot needs only to be granted allowances to perform actions on the user's behalf like swapping tokens or interacting with defi contracts.

To demonstrate this, we have built an NFT trading bot that allows the user to trade NFTs. When the user connects their wallet to the bot (done simply by pasting their ENS or Safe wallet address) they can set conditions on anything the bot can do on their behalf.

For example, a user can give access to the Bot to buy a specific NFT from a certain marketplace, but restrict the maximum amount the Bot can take in exchange. When this is triggered by the bot the swap of funds for the NFT is performed atomically further eliminating any trust the user needs to place in the Telegram bot. The same holds true for selling NFTs.

The way this works is we have created a Safe Delegate module that connects to a user's SAFE smart contract wallet. Interactions between tokens and NFTs are driven by this flow with the user using a front end to select what they want to buy and sell and for how much which will set the allowances. Once these allowances are set, they can use the Telegram bot to execute the buying or selling of NFTs directly without any further wallet interaction and no additional trust assumptions or access to funds.

With this solution we show that it's possible to have a better on-the-go UX provided by Telegram without sacrificing security and introducing additional trust assumptions.

Telegram bot coded in Typescript using Ethers to make on chain calls.

Safe Delegate Proxy Module is a smart contract that integrates with the SAFE SDK and smart contract wallet to send funds and NFTs atomically. Full description of how this works can be found : https://github.com/superhack-eu091/SafeDelegatedProxy/blob/main/README.md#logic-flow-for-telegram-bot--safe-smart-contract-wallet-interactions