TiTs isn’t Tits, sorry 

Telegram implementation

Tit is a kind of bird!

official name: ω IM





Satisfy Taiwanese user habits


Client + server cloud, the could architecture should be flexible and scalable.

A server should connect with at least 3 servers in the cloud.

When a server wants to join the cloud, the topology of the cloud should be bridgeless.

Each server will remember available server list (topology of the network).

A connection between two servers should be a directed-or-forwarded.

Shortest path routing is recommended but optional for servers.

We should display the active user-proxy list on dbs’ website

XXX: routing algorithms: ronmi’s job

Take GPG fingerprint as identity of a user.


Text messages should be signed and encrypted in client with public key algorithm (GnuPG) and a session key, respectively.

All media (including pictures, stickers or any kind of files) will **not** be encrypted (in any cases).

Media are recommended but optional to be signed by sender’s private key.


Group id: nothing to do with servers, it’s just a identity for clients.

Do not provide any guarantee about security.

Speed is No. 1.

secure chatting

All secure chatting are encrypted by a session key.

Key-exchanging is done by GPG (using GPG to protect the session key).

All data (including text messages and media) are signed by sender’s private key before transmission.

The session is generated by the inviter’s client, in group chatting case, more key-exchanging to multiple members in the chatting room.

C-C header and payload are encrypted by shared session key.

The session key should be revoked in a time period.

Security is No. 1.

 the protocol


client use his private key and server’s public key to encrypt "e2014b07b02c3359a370343edc03b0808b129892"

server use client’s public key and it’s private key to decrypt that -> "I love big tits"

    Client sends: my_private_key( server_public_key( MAGIC_WORD ) )

    Server decodes: client_public_key( my_private_key( PACKET_DATA ) )

 To fix

multiple device

Key Server

We should build our own key server in order not to impact original PGP network. Existing public key server might be queried as a fallback, but PROXIES AND CLIENTS MUST NOT UPLOAD ANY KEY TO PUBLIC KEY SERVER.

TODO & wish list



slash command

tag people (@)

beware of fake-clients/implementation