Back to Home

Telega Detector in Chats on Go: VK Calls API

Go utility antitelega scans Telegram chats for Telega users through public VK Calls API. Describes architecture, ban protection with jitter and risk_level, typical errors with gotgproto.

Go-bot for searching Telega in Telegram chats
Advertisement 728x90

Telega User Detector for Telegram Chats: Go Implementation

Installing VK's Telega client registers your Telegram ID in the VK Calls database without explicit user consent. This happens via anonymous login to calls.okcdn.ru. The mapping from Telegram ID to OK ID becomes publicly accessible through an unauthenticated API.

The Go-based antitelega detector scans chats, pulls member IDs, and checks if they're in the database. The whole process takes just three HTTP requests: anonymous login, OK ID lookup by external ID, and parsing the response.

POST https://calls.okcdn.ru/api/auth/anonymLogin

application_key=CHKIPMKGDIHBABABA
session_data={"device_id":"antitelega","version":2,...}

The CHKIPMKGDIHBABABA key is pulled from the Telega APK (appId: 512001570726). The server responds with a session_key for follow-up requests.

Google AdInline article slot
POST https://calls.okcdn.ru/api/vchat/getOkIdByExternalId

application_key=CHKIPMKGDIHBABABA
session_key=<from step 1>
externalId=123456789

A response with ok_id confirms registration; a 300 error means no record found.

Scanner Architecture: From /scan Command to Report

The bot kicks off with /scan @chatname in Saved Messages. The pipeline covers:

  • Enumeration: Pulling members via ChannelsGetParticipants with pagination, jitter, and filtering out bots/deleted accounts.
  • Cache lookup: Checking SQLite cache (TTL 6 hours).
  • Batch checking: Distributing across a worker pool with rate limiting and jitter.
  • Report: Formatted output in Saved Messages, split into chunks if over 3800 characters.

Binary is ~26 MB, pure Go with modernc.org/sqlite, no CGO. ARM support included.

Google AdInline article slot

Risk_level: Presets to Avoid Bans

func jitteredDuration(d time.Duration, jitterPct float64) time.Duration {
    factor := 1.0 + jitterPct*(2*rand.Float64()-1)
    return time.Duration(float64(d) * factor)
}

Jitter mimics human behavior to dodge detection. Risk level presets:

  • paranoid: 1 worker, 1 req/s, 30 members/page, ±50% jitter (16 min for 700 users).
  • careful (default): 2 workers, 3 req/s, 80/page, ±40% (5 min).
  • normal: 4 workers, 6 req/s, 150/page, ±30% (2.5 min).
  • aggressive: No jitter, max speed (high ban risk).

Common Userbot Development Pitfalls

  • Wrong DeviceConfig: gotgproto defaults to GoTGProto, Helsinki, triggering bans. Fix: Use DeviceConfig mimicking Telegram Desktop.
  • Fixed Intervals: Exactly 350 ms is a dead giveaway for anti-spam. Jitter is essential.
  • API Changes: Endpoint shifted from getOkIdsByExternalIds to singular; key can be revoked by OK. Make application_key configurable.

Method Limitations

A positive ok_id shows past Telega install, not current use. It mirrors Telega's exact protocol—no exploits involved.

Key Points:

Google AdInline article slot
  • Mapping created on first Telega anonymLogin.
  • API is public; key from APK.
  • Userbots risk bans—use throwaway accounts.
  • Cache and jitter cut detection odds.
  • ~2000 lines of Go, MIT license.

— Editorial Team

Advertisement 728x90

Read Next