I suppose tunneling over Telegram isn't really more ridiculous than tunneling over DNS. Indeed, someone seems to have tried it: https://github.com/PiMaker/Teletun
I use a signal api on a daily basis for all my agentic chatting and notifications about energy prices and server downtime notification.
Setup was quick enough but it needs a real phone number once during setup which is kind of a hassle. still better than using telegram which has no encryption for the bot backend so the devs can read everything you write
WhatsApp does appear to have some "business" account/API type stuff which I assume is scriptable. But I don't believe it's got a free tier for personal use (although I haven't personally looked).
It is always preferable to use WhatsApp to contact a business than calling up.
Yes, but it's nowhere near the maturity of Telegram's Bot API.
And unlike Telegram, for a WhatsApp bot you need to apply with a bunch of paperwork. If you're an SMB, you got little chances of ever getting access. They'll tell you to go with their Technology Partners and make a chatbot with these other BigTech companies like Freshworks, etc.
Same. I used to use telegram for everything and then stopped after I realised it wasn’t really and to end encrypted. The bots were super useful. I used to have one I could ask different bus times for. Was so much better than the app the local bus company had made.
Why? Bots using the bot API can't send unsolicited messages to people. (Bots that control regular user accounts without using the API can of course do this, but Signal's not immune to that either.)
Not having a bot API is what stops me from moving to Signal. I have 10-ish telegram bots running for myself, I just use telegram as UI for a script running on backend, and results are easily shareable with my other telegram contacts. I have no clue why not having this is amazing in any way.
Clever idea! Although after reading it briefly I see a need for secrets storage.
I've made one Telegram bot hosted on VPS with Docker and cloud LLM. It also interacts with a few other outside services and all credentials are injected via env vars now.
Should I push them as `.env` file for Telegram serverless?
Pretty sure you can't do this, you'd need to instead move them into a lib/secrets.js file (which you'd then add to .gitignore).
It does seem kind of odd that they have so little support for developer amenities like secrets management, dependency management, cron tasks, TypeScript, etc, and didn't shape their API in a way that suggests that stuff's coming later. I don't think it'd be that hard to clone the parts of the Cloudflare Workers API that offer that stuff (workerd is even open source, and offers out of the box the V8-based tenant isolation that they need). Perhaps they don't want to support npm packages because this'd make people more likely to run into undocumented code-size limits?
The have a massive advertising business, and charge for premium accounts. Not sure what makes you doubt them when other platforms, like Signal, have zero business model and are just providing services "out of the goodness of their heart" (not suspicious at all).
But will it stay free, once enough people invested in it?
Telegram engaged in a bit shady crypto stuff, and let scammer bots roam freely. Also there are perks, if someones troll/harass/spam and scam groups and enough people report them, they get temporary or permanently restricted - unless they pay money to Telegram. Then they are free to troll again.
It looks like they are making their own cloud, with such a little team?
Also we should be using Matrix but it doesn't have half of the features (no channels, no mini apps etc).
Also I wonder whether compiling JS to native code is worth the hassle or not. In browser, it would slow down page load, but here you need to compile only on deploy.
This is barely a cloud, since it only serves one particular purpose and everything runs in V8 isolates. Although they would need to ensure they're appropriately capping each tenant's compute and bandwidth; the article mostly doesn't get into that.
Fully AOT compilers for JavaScript are basically research projects rather than production-ready platforms, because the extensive dynamicity of JavaScript's semantics makes this a hard problem. (The most mature one I'm aware of is https://porffor.dev.) But even if that weren't the case, the thing Telegram is doing requires V8's low-overhead tenant isolation, so they're bound to V8's architectural choices. V8 does have APIs for code caching and startup snapshots; Telegram could be generating those at deploy time.
> Each invocation runs in a lightweight V8 isolate, close to Telegram's own systems, so calls to the Bot API and your database are quick and reliable.
Telegram’s servers are distributed worldwide. I understand that the calls to the Bot API may be quick because the serverless code would be propagated to the edge, but how does it handle an SQLite DB? Is that also replicated to guarantee quick access from anywhere?
Telegram's servers are far from "distributed worldwide": In fact, it currently has only 5 logical "data center"s, and while DC3 is still on, clues [0] seem to suggest DC3 doesn't actually carry user data at all now, and both DC2 and 4 are in Amsterdam, so essentially they just need to serve 3 locations.
Also, Telegram's protocol design only allows for connecting to user's home DC for any write interactions (except media, which in most cases still is home DC, or a "media DC" alongside the home DC). Bots are based on the same DC of the user, so almost all meaningful interactions will happen only on one DC for any specific bot.
My first guess would be replicaton isn't that critical, because a user would mostly interact with an instance that's nearby, and this instance has their data. But the page mentions:
> Games and Tools — including leaderboards, quizzes and more.
A leaderboard that's globally consistent, huh, that's not trivial.
Maybe they just propagate the SQL commands to all their servers...
"My first guess would be replicaton isn't that critical, because a user would mostly interact with an instance that's nearby, and this instance has their data. But the page mentions"
Apparently not
"Each account is associated with a DC upon registration and does not change with the user’s phone number or geographic location. Users cannot freely choose a DC—if connected to the wrong DC, the server returns an error message, requiring the client to connect to the correct DC associated with the account."
The post doesn't say anything about runtime resource limits, which I agree is a strange omission given the architecture they've chosen. I suppose someone could try building a bot that uses more and more resources, and see when it stops working.
There's a section about making HTTP requests (https://core.telegram.org/bots/serverless#http), which mentions "two constraints: * Response content is textual (binary payloads aren't supported). * The total response is capped at 32 MB. That cap covers the whole response — streaming with res.body lets you process a large body incrementally, but it does not raise the limit." Unclear whether the 32 MB limit is per outgoing request, or shared among all outgoing requests made by a single handler invocation. Also unclear what other limits apply. Non-HTTP protocols presumably are not available.
If you're talking about the lack of support for binary responses, I don't think this'd stop people from using Base64 to tunnel arbitrary payloads? Otherwise I'm not sure what the alternative would be to "passing the URL in cleartext" to an HTTP client.
I thought this was about P2P messaging (without servers, hence server "less"), but no, obviously "serverless" on HN has to mean "run code on someone else's servers"..
Lets you write a Telegram bot in JavaScript and have Telegram run the code for you on their own servers (with authentication and such handled automatically) instead of having to separately wrangle a cloud deployment.
This is off-topic, but I was kind of surprised to see this page written by Claude. I guess I shouldn't really be surprised, but I somehow didn't expect it.
It could be, it could also be that they wanted to produce it more cheaply, could be a few valid reasons. It just looks cheap to me, and I thought companies would want to show a better face.
Then again, like a sibling said, only LLMs will be reading this anyway.
I often see replies to AI-generated posts being pointed out here asking what makes it obvious. Is it that difficult to notice the indicators? Is it mostly undetected by English-as-a-second-language speakers, people inexperienced with generative AI, or is it something else?
"it doesn't silently go unnoticed", "would be silently inert", "instead of silently overwriting", "you can never silently overwrite"
The biggest tell for me is overuse of the term "silently". "quietly" is another one you often see from Claude in particular. Models love adverbs for whatever reason, whereas a human writer would use them in moderation for emphasis or prefer terms like "by accident".
In my experience, "silently overwrite" appeared regularly in technical writing long before LLMs were a thing, because it's a useful concept to be able to point at. "Silently go unnoticed" is kind of redundant, though.
Accidental things and silent things are very different. Accidental means you didn't mean to do it, silent means you don't know you've done it (or might not if you want to get picky, you could notice).
Have you ever “wired” anything to anything else when developing software? No, because software doesn’t involve wires, but LLMs are quite convinced that it does.
I can't quite tell you, it wasn't something specific, Claude's writing is just a specific sort of punchy. The "directly on X - no Y, no Z, no A" and the "this is the part you no longer have to do" just smell a lot like Claude. Also "removes that layer entirely", "they map cleanly onto each other", it's all just Claude.
It's how you see a painting and you know it's by Picasso, let's say, or you read an author and you know it's Hemingway. Everyone has their own unique style, and so does Claude. It's just that Claude is the most prolific writer in human history now.
Hit the nail on the head. I find it surprising people give a fuck any more. Who likes writing documentation? Us devs being horrible at and hating to write documentation was a standard trope before llms. They do a better job and dont complain.
I always wondered how telegram could afford being free. A chat is expensive to run, a chat with gigantic media quotas even more, and they don't have ads.
There is no way their premium pman cover their cost, espacially with their extensive bot API that multiplies their traffic tenfold.
Good lord. This reeks of LLM... why should I use your product when you can't be bothered to have a human write it? Why should I trust it to work correctly or have been decently tested, neither of which is a given when having an AI vibe-code it?
And why is it one huge single page of word salad instead of self-contained units?
Anyway, good to see someone post a fully self contained example demonstrating core concepts. At least one thing done right.
It's been a core feature of Telegram since almost the beginning, and one of the main reasons I end up using Telegram, not sure why you'd think this is a drawback. The spam sucks though, not sure how they haven't got a handle on it yet.