Fighting Scammers and Bots

To combat fraud, we built our protection system around an algorithm that includes not only a classic anti-spam model but also two key components:

1. Invitation System
Users can invite their friends, who can freely join the messenger.
Those who invite bots will be banned.
We don’t like spam bots. No one likes spam bots.

This forms a tree of users. Accounts that generate spam are like infected branches - and we'll prune them.

2. Proof of Humanity (optional and anonymous)
Only users who want to invite others need to complete this procedure.
Registration itself remains simple - it only requires an invitation link.

We use this mechanism to prevent spammers from recreating accounts.
Unlike KYC systems used by CEXs or Fragment, which require you to submit personal data, Proof of Humanity works as a zero-knowledge proof (ZKP)
That means you stay anonymous while spammers lose the ability to re-register.
We only know one fact - that you are a real human being.

We've chosen World ID (world.org) as our initial provider. Over 14 million real people already trust this service.
Its main advantage is that it runs on blockchain technology, which means even if a central server is compromised, verification data cannot be forged.
We plan to integrate other providers in the future.

As a small bonus, verified users will have a check mark next to their username. Verification is optional and can be completed anytime.

Once your group or channel reaches a certain size, it will also receive a verification check mark.
This will help users trust channels more, knowing that real people stand behind them.

If you think we'll stop at verification - you’re mistaken.
We're adding support for polls and giveaways limited to real, verified humans.

Sometimes, it's essential to ensure that only real people participate in a vote - especially today, when freedom is under threat and propaganda bots flood channels and polls with fake votes, misleading communities.
From now on, votes will truly carry weight - while still remaining anonymous.

If you want to thank your subscribers, the best way will be through giveaways.
We’ll share more details about polls and giveaways later, as we plan to base them on smart contracts for full transparency and verifiable fairness.
This will help unlock the full potential of decentralization within the messenger.

Now, back to anti-spam protection.
What if an account is mistakenly blocked?

To ensure fair resolutions, we plan to introduce a hybrid appeal system:

1. Centralized appeals review - works faster but may be subject to human error or algorithmic bias.
2. Decentralized appeals review - avoids these issues and has priority over centralized decisions.
Through community consensus, a user, group, or channel can be reinstated.
Consensus takes more time but produces fairer outcomes.

The reputation algorithm (or "vote weight") for consensus members won't depend solely on finances.
It will factor in account age, verification status, interactions, past decisions, activity, and more.

The exact participant-selection algorithm will be defined later - it requires careful tuning to maintain balance.
We can't rely purely on wealth, since scammers often control large sums of stolen funds.
Money alone doesn't equal fairness.

This system aims to eliminate spam accounts while keeping registration easy for ordinary users.
Without access to mass bot networks, most scammers won’t be able to operate as actively as they do now.
We estimate this system could neutralize over 70% of fraudulent activity.

If you have questions or suggestions, we'd love to hear them. You can share your thoughts using the button below.

Our next post will cover our weaknesses.
We'll be completely honest - because we believe transparency is the best way forward.
Some weaknesses we're already addressing. Others we still need to solve.
Perhaps you'll be among those who help us do it

Official list of our domains

tonm.org / tonm.app
Main domain for the application

tonm.dev
Will host documentation and developer tools

tonm.cc / tonm.chat
Used for short links like tonm.cc/draco or draco.tonm.cc

ton-messenger.ton
Web3 domain on the TON Blockchain

At the moment, all of these redirect to tonm.org

We reserved the .app domain to protect our users, since we use the username tonm-app on social media.
For other TLDs, we consider repeating this unnecessary.
The recent "rnicrosoft" case proves that scammers will always find ways to register similar domains, even targeting large companies.

Our project hasn't launched yet, but scammers may already try to misuse its name.
We'll update this channel if any domain information changes.
Be careful!

— Weaknesses —

As promised, this week we will reveal the weaknesses of our project. We aim to be as honest as possible and will immediately describe how we plan to address these issues.

— Legal Matters —
We don’t have a legal department. We understand its importance, especially for a project entering the global market. For now, we rely on our own legal knowledge, which means mistakes are possible. We will strive to comply with all major laws that do not contradict our principles.
If you represent law enforcement, you can always contact us to report any violations.

We also want to emphasize that we strongly oppose actions aimed at harming people. That is why we have implemented an anti-fraud algorithm. As mentioned earlier, users can also participate in content moderation. These platform rules are constant.

- - Lack of Independent Audit
To increase user trust, independent security audits are essential. At the moment, we are not partnered with any such organizations. However, since our project is open source, anyone can act as an auditor.

— Lack of "Popularity" —
We often hear questions like:

- Who is developing this project?
- Is it worth our attention and time?
- What projects has the team worked on before?

You may have heard of us, or maybe not. We haven't had large public projects before, and information about other projects we've created is under NDA.

Two main doubts you might have:

1. Will the project reach release? Is it worth my attention now?
These are logical questions. Many good and unique projects never make it to launch. We can’t predict everything to give a 100% guarantee, but we have solid planning and time management. We’ve also anticipated most potential challenges, and we have a clear roadmap for the next year. We share our current progress here, confirming our determination to move forward.

2. Could my money or data be stolen?
Developers can easily verify a project's integrity, but what about regular users? In the era of AI (LLMs), anyone can review open-source projects, even without coding knowledge. This still isn’t an absolute guarantee, but such verification should be enough for most users. Later, we'll publish a detailed guide on how to check a project and stay safe online.

— Lack of Personnel —
Unfortunately, some members of our small team have left for personal reasons. There are currently two people on the team, which is not enough for active development. Maintaining three parallel clients (Desktop, iOS, Android) requires at least three developers.

Since we are an open-source project, anyone can join development. However, at early stages, it's hard to find active contributors. Therefore, we decided to build the foundation ourselves first to demonstrate capabilities before expanding the team.

Recruiting new members requires verifying their qualifications and work quality. We also need strict access control, which requires additional preparation. Selecting the right people demands careful screening from a large pool of candidates.

As a project focused on user trust and security, we treat this matter with special care. Even large companies sometimes employ dishonest workers. We intentionally limit the number of core team members to reduce such risks, as we are not yet fully equipped to monitor all work processes. Developing tools that balance oversight and employee freedom will take time.

We have efficiently distributed our current tasks so that the minimal team can handle them. At this protocol development stage, there is no need to expand the team yet.

But here's some good news: we already have a date for the first recruitment phase. After the beta release, we will open testing positions for anyone who wishes to participate.

Self-Funding
We have designed a strategy that requires minimal financial input. The project can be funded by the team and future project revenue.
We also decided to decline offers from funds and investors for now to maintain user trust in our neutrality. If we ever decide to change this, we will hold a public vote.

After launching version two of the protocol (federation system), the project will be able to operate independently on users' private servers, remaining secure and global without central funding.

Our project is open source and aims for a decentralized approach, similar to blockchain. This adds technical complexity as it requires balancing security and architecture. We are introducing this feature gradually to ensure a well-thought-out and stable implementation. Our current priority is the core functions we previously announced: post-quantum protection, end-to-end encryption, wallet (client-side), and the anti-spam system.

Although some of this might discourage certain users, we believe honesty is essential. We hope this post was structured more clearly and did not create any false impressions. If you have doubts or questions, feel free to contact us via the "chat" button below.

We would love to hear what else you want to learn about the project. We currently have three ideas for upcoming posts:
- Opportunities for content creators
- Our opinion on Chat Control
- Hidden benefits for every user

For what Telegram 2.0?

Many people are understandably puzzled and ask: why enter the crowded messenger space?

Telegram is an excellent messenger with a huge feature set: bots, TMAs, a built‑in Web3 browser, Instant View. There are so many features that listing them all in one post would be difficult. It's a great platform, so why build a separate TON Messenger?

It comes down to privacy.

Telegram (MTProto 2.0 Part I Cloud Chats) uses client‑server encryption. This is not end‑to‑end (E2E), it's point‑to‑point (P2P) encryption. This means that your messages from private one‑to‑one chats, groups, and channels are in plaintext on Telegram's servers after receipt.
Messages are additionally encrypted on the server so that a database compromise without Telegram's keys would not let an attacker decrypt them. But this does not change the fact that Telegram already has the full context of your message.

E2E encryption is implemented in MTProto (Part II - Secret Chats), and according to the official source they are gaining popularity.
However, we looked for usage statistics for Secret Chats and found none.

Secret Chats have several drawbacks:
— No support in the desktop app on Windows and Linux, which together account for ~70-80% of desktop operating‑system market share
— No multi‑device sync
— No reactions and some other conveniences available in Cloud Chats
— Private group chats and channels still lack E2EE

Note: End‑to‑End encryption is on by default for one‑to‑one voice and video calls, which is great. It is absent for group calls.

To sum up: you can switch to end‑to‑end encryption, but you will lose many messenger advantages.

This is not an expose of Telegram, because everything cited from official Telegram public sources.
But many regular users are under the illusion that private one‑to‑one chats and Secret Chats are the same. We simply want to remind you that the classic mode of communication most people use in Telegram is not private and not fully secure.

Pavel Durov has already answered the question "why isn't end‑to‑end encryption on by default":

So after some research we decided to introduce 2 kinds of chats – Secret chats and Cloud chats.
Secret chats are e2e-encrypted chats that never under any circumstances get backed up.
Cloud chats are encrypted in the same way, but also have a built-in cloud backup.

The phrase "encrypted in the same way" is the core sleight of hand/wording error here.
End‑to‑End encryption in the context of messengers means a message is delivered from one client to another without decryption on the server. In Telegram’s case, this rule is broken for Cloud Chats.

Unlike WhatsApp, criticized for data‑sharing practices, Telegram keeps its promises. But the privacy of your data depends solely on Telegram's own goodwill. After Telegram began moving away from some of its original principles promised to users, compliance with other principles also begins to be questioned.

Just as there is a claim about Signal being unsafe on iPhone, we are ennoscriptd to assume there may be an insufficient level of security for our Telegram messages, since we cannot independently audit this.

To clarify what kinds of encryption we are even talking about, consider this list:
- Telegram (Secret Chats): DH
- Signal: X3DH
- TON Blockchain: ECDH

Notice the similarity? Exactly.
Diffie–Hellman (DH) is a cryptographic key‑exchange protocol. On top of it, X3DH and ECDH were developed to improve security.
We chose to adapt PQXDH for our needs.
By this we mean that messengers use protocols from the same family.
But none of them meet all the rules of end-to-end encrypted chats.

We respect and value Pavel Durov's fight for free speech, so we believe our personal chats on Telegram's servers are kept safe.
But trust alone is not enough to prove that this is actually the case.
Secret Chats are limited in functionality. Private groups and channels still lack E2E encryption.

Back to the original problem, which is simple in essence: how to make cloud backups safe?
Our solution is to store private keys on the server in encrypted form.
At the user's discretion this option can be disabled, in which case access to a chat remains on a single device.
The robustness of this approach is comparable to the security of encrypted transaction comments in the TON Blockchain.

We have tried in this post to stick to facts, but please verify them independently. If you spot any error, you can notify us by tapping the "chat" button below.

We decided to create not just another messenger, but a messenger that truly adheres to these principles. If we say a messenger is private, it means it has end-to-end encryption for all chat types, open source, reproducible build and synchronization between devices with cross-platform client support.
This isn't the only reason, but it's a basic one.
Users shouldn't be misled.
Users should have privacy.

TON Messenger Q&A
We would also like to address this week a misconception among users caused by the limited amount of publicly available information about the project.
This is our fault, as we should have published all upcoming features earlier. However, many of them are still pending approval or require additional verification, so we share updates gradually as they are confirmed.

Will messages be paid?
No. Quite the opposite. That would contradict the principles of free, basic communication between users.
Only the storage of large media files might become paid. Unfortunately, we do not have our own data center to be as generous with file limits as some major tech companies.
For transferring large media files, we recommend using dedicated storage services for big data.

Are polls available only for verified users?
No. We do not plan to force users to go through verification. That would restrict the actions of regular users, which we do not accept.
You can read more about this here.

Are you part of the TON Foundation?
No. Our project was not founded by representatives of the TON Foundation and is not funded by them.
We did register on TON Builders, but we do not participate in any partnership programs.
We wanted to take part in the project presentation sessions, but unfortunately, we currently don’t have a suitable speaker for such events.
You can read more about our origin story here.

Authentication via phone number?
No. You can start using our messenger immediately, as login is based on a mnemonic phrase - similar to creating a crypto wallet.
We decided not to use phone number authentication for several reasons:
- In most countries, phone numbers are linked to passports and reveal the user’s country - data unnecessary for messenger operation
- Dependence on telecom providers
- The method is not effective enough for bot protection
- Network and carrier issues may arise when changing countries
- Losing access to the number means losing access to the account
- Requires keeping the number active, and obtaining a new one for a new account
- If a SIM card is compromised, an attacker can gain access to the account without 2FA

We are ready to answer any further questions. We also always appreciate well-reasoned criticism and suggestions.

Additionally, we would like to thank everyone who has already shown initiative and supported us. We truly value it. 🩵
Thanks to you, we learn new things and better understand what matters across different parts of the community. We listen to every suggestion to create a comfortable space for everyone.

Hidden Potential

Last week we openly admitted our weak points. This week we will talk about the strengths that are not so visible.
We have identified 3 core factors.

— Reinforcing Value —

We will start with the obvious. A strong product inside an ecosystem strengthens that ecosystem. A healthy ecosystem raises the product's value and, as a result, supports the price of Toncoin.

You are a new investor who understands the risks. You enter the TON ecosystem through Telegram. The first thing you see is a friendly person offering, for example, to buy your username. The offer looks profitable. You agree.

Congratulations. You just fell for a scam. Not the best first impression, right?
And this keeps happening for years.

Our goal is to reduce the number of scammers by cutting off their main tool: spam bots. When you enter TON Messenger you are not greeted by spam bots. You are greeted by creators who are actually building something.

The foundation of Toncoin's growth is new investors.
If new people stop coming into the ecosystem the product starts to decline.
If nothing is being bought or sold in the ecosystem it declines.
If nothing new is being built for the ecosystem it declines.

Here is the chain:
1. Product creation. A creator starts with a unique idea.
2. Product promotion. This is where we step in. The messenger strengthens communication and new connections.
3. Product sale. Investors and other users become the buyers.
4. Profit. The loop closes. The profit can then be reinvested into step 1 or 2.

Creators get a way to show what they can do without spending money on marketing.
Investors get access to early, original, high-upside projects.
Users get a chance to discover and buy something interesting using a currency that reflects real value.
The blockchain shows higher real activity.

We leave big partnerships with big funds and celebrities to the big players. That raises TON's status among other blockchains.
We focus on greeting newcomers and keeping them in the ecosystem using decentralized tools and real communication.

— Real Numbers —

Imagine you are trading on an exchange and you see a new token with a reported daily volume of 10 million dollars. The price is low. The chart is going up. You conclude: this looks promising.

You enter a position. Then you learn there was an error. The exchange showed fake volume. The numbers lied. That is unpleasant.

Now imagine something else.
You open a channel and it shows 2 million subscribers. But every post barely reaches 3-5 thousand views.
Let us say this channel promotes a new game.

When you decide whether the project is worth attention numbers are the first filter. They are not a guarantee but they signal how many people trust this channel.

For 2 million subscribers a normal view rate might be around 25%. In this case the view rate is barely 0.5%.

You can draw several conclusions:
- The project is not interesting.
- The project was abandoned. The audience is no longer active.
- The number was inflated with bots.

The last one is usually true.

One more small example. You enter a group with 1,000 members. You say hello. Nobody answers. Complete silence. You already know what kind of group this is.

Instead of wasting time sorting channels and checking if they are real just use TON Messenger.
You will see how many real people are actually subscribed.
You will know your real conversion rates and real sales.
When you give out gifts to your community you will get a real reaction from humans, not pour those gifts into a graveyard of bots. You will not be tricked by fake numbers inflated by spam bots.

We are not chasing one billion installs. Every single install from a real person matters. Every real subscriber matters. That is true today and it will still be true when there are a million users.

— The Canvas —

This part is obvious too but people forget it. The project is a public canvas. It gives room to everyone: developers, designers, musicians, copywriters, and any kind of founder or creative.

The platform is meant to be a launchpad.
Right now we are focused on private chats, but we also plan to give real life to public channels.

Instead of a paid and restricted search you will be able to browse topics you care about or navigate a catalog of channels and bots. Your project will actually be visible. You will receive organic traffic. If you have ever tried to grow a project from zero you know how hard that is.

If you are an artist create sticker packs and emoji.
If you are a developer build bots.
If you are a musician publish music and ringtones.
If you are a writer write posts.

Small spoiler: NFT books?

You will be able to monetize your work directly in a decentralized network.
Blockchain is not moved forward by greed. Blockchain is moved forward by talent. We are actively looking for that talent.
We want new, unique projects.
We want to promote not the destructive idea of easy money, but the desire to build something useful for the world and for yourself.
We want to give the ecosystem a second breath, a solid base for long term growth.

TON Messenger is not just another chat app. It is a different mindset.
We will keep working so people can find each other more easily, instead of giving up on new connections because they are afraid of yet another scam attempt.

Also, contributing to the project itself can become valid IT experience for your portfolio. Your name can end up in the history of the product. Sometimes it is one bug report, one design suggestion, or one line of code that changes everything. Change long press to open the message menu to single tap and suddenly the UX is on another level.

— Conclusion —

Ask yourself. What has value for you? What has value for people?

We want you to find real value.
We want to make it clear that the price of Toncoin and of other crypto assets does not appear from nowhere.
We want to detach the price of the token from mood and attach it to real utility.

We ask ourselves these same two questions every day and we keep building to give you these options.

Stay safe. Stay with us 🤍

Weekly Development Progress

We have not published progress updates for a while. Time to fix that.
Even though we are not moving as fast as we would like, we can still share some of what has been done.
If you are not a developer, you can skip the first 2 points.

1. Multiple Cryptography Types

We had a problem: post-quantum cryptographic algorithms are not fast enough in the browser environment.

Since the first public release is planned for browser and desktop, it was important for us to support JavaScript, which is relatively weak for heavy cryptography.

We decided to allow both users and developers to choose between different options in the protocol:

- ECDH for browser / weaker devices, or post-quantum ML-KEM
- Ed25519 or post-quantum ML-DSA

This will apply both to the connection itself and to the messages.

2. JavaScript SDK

Right now we are working on the SDK for the web application.

This will include modules such as:
@tonm/core – shared core utilities
@tonm/client – for convenient client development
@tonm/bot – for the future Bot API, structured similarly to @tonm/client

The modules will provide:

- Auto-generation of types and code from schemas, so client code updates instantly when the API version changes
- 3 transport layers: HTTP, WebSocket, TONMP
- All required cryptographic functions
- TONMP requests serialization and deserialization
- Handle events with automatic decryption and message signature verification

We care about DX, so the SDKs will feel familiar. If you have worked with libraries like grammy or openai you already understand the experience we aim for.

3. Backend

Right now we are working on the protocol, including schema serialization and deserialization, sharing and versioning.
Previously we designed a custom architecture for our needs and the utilities required to support it.
We also worked on optimizing certain parts of the pipeline to reach maximum throughput. Our current estimate is that even the first version will be able to handle millions of RPS (requests per second). This is only a projection and will require benchmarking once we have the final version.

4. Documentation

We evaluated many options and narrowed it down to two: VitePress and Mintlify.
We currently prefer VitePress because it is fully open source.
In the future we may mirror the documentation in Mintlify.

The primary language of the documentation will be English. We also plan to use an LLM for automatic translation into other widely used languages to improve developer accessibility.

5. Fundraising and NFTs

Most of the points above are technical and not very transparent to non-technical users. So for everyone else we decided to just show a concept of the fundraising flow and NFT previews.

6. What’s next?

After we complete the JavaScript SDK and backend parts, we plan to start building the application interface and SDKs for Rust/Go or Python.
We're also planning to work on optimizing the processes needed to counter restrictions on free speech.
Even though the federation system is set for late 2026, we can already use ADNL as a decentralized network.
Right now, the issue to fix is latency.

🤍 Stay with us!

"No" to data collection! "No" to bots on the TON Blockchain!

We recently announced our user verification system via World ID.
That service had two major drawbacks:
- you exposed your data to World Chain
- limited country support (15 countries as of now)

Despite the Orb's cutting-edge tech, the platform falls short on global coverage. We planned to use the Secure Passport verification level, but even it has a limited country list. We can't geofence users - that would violate our principle of freedom.

We decided to revisit this. After five cups of coffee we found a solution!
From now on, passport verification is fully private. How? The passport check happens right on your phone. Your private data never leaves the device.

At first, we considered building this algorithm from scratch on the TON Blockchain. But we chose not to reinvent the wheel and looked for ready-made solutions that meet our requirements. To our surprise, such a project already exists.

We're glad to introduce our integration with Self Protocol.
ZK on-device passport verification, validation on Self Chain, and support for ~129 countries. You can review the country list in the docs or on the interactive map.
The project was built specifically to fight bots on blockchains, so it fits perfectly with our idea of a #NoBots messenger.

From now on, we can confidently say our messenger fully follows the privacy principle - no phone numbers for registration, no personal data.
Privacy on the Internet in 2025 is a safety guarantee. It's not just a desire, it's a necessary extra layer of protection against attackers. It's a guarantee of a calm night's sleep.

We hope this rollout will increase trust in our app and attract more users to complete private verification.
We're launching an initiative to clean the TON Blockchain from spam.
We want REAL votes in polls, REAL comments, and REAL subscribers.
Saving the TON Blockchain from the bot wave is in our hands only.
React if you're with us.

— Our Position on EU Laws —

— 1. Chat Control —

The regulation is ineffective with respect to messengers that use end-to-end encryption.
Beyond intruding into users’ privacy and crossing the boundaries of private life, the regulation is completely ineffective in combating crime.

For end‑to‑end encrypted chats, a proposal was made to perform client‑side content scanning. This approach does not work in practice because the client application can be modified, which is common. The moderation code can be removed or replaced. No level of code obfuscation prevents disassembly.

With all due respect to Parliament, we cannot accept this regulation.

Moreover, in our view we will have a more effective system for combating fraud and crime. We share the same goal, but we also uphold people’s rights. It is possible that our method of decentralized moderation will prove more effective and become a standard.

Thanks to our integration with the Self Protocol, offenders will receive effective, lasting penalties. This stands in contrast to other messengers, where one can simply recreate an account and continue unlawful activity.

— 2. Fact‑checking of content —

This is a good initiative if implemented correctly. But that raises a core question: what is the source of truth? Who will determine what is true and what is false? Does a correct implementation even exist? Does truth exist?

How can we claim to know the truth in order to prohibit what we do not deem to be true?

This recalls the story of the "banning" of Copernicus’s "On the Revolutions of the Heavenly Spheres" in 1616. The Inquisition acted as "centralized moderation" and as the "sole source of truth"

Over time it turned out they were wrong. More than 200 years later the book was removed from the Index. For over two centuries society was forbidden to state the truth. Consider the impact: the progress of science and related fields was slowed for two centuries. Galileo Galilei was forced to recant the truth to save his life after condemnation by the Inquisition. People were subjected to fear of the authorities, who had the power to punish. Such influence still exists in many countries today.

One cannot deny that centralized moderation is always susceptible to subjectivity. It was true 400 years ago, and it is true today.

Historical sources:
Maurice A. Finocchiaro, "The Galileo Affair: A Documentary History"
Arthur Koestler, "The Sleepwalkers"

How, then, should we combat disinformation?
In the crypto industry there is a basic rule: DYOR (Do Your Own Research).

"The more a person learns, the more he realizes how little he knows"
Metaphysics, Aristotle

No matter how much the world strives toward truth, truth will always recede. What we consider truth at any given moment is only the version accepted by the majority. In that sense, the source of truth is a democratic process of adopting what is regarded as true. And decentralization is democracy at its best.

You should always conduct your own investigation and question even the accepted truth. This is how new discoveries are made.

We plan to integrate LLMs (AI) to make fact‑finding more convenient. AI can be biased and make mistakes, so it must be treated as a tool for vector search and text generation, not as a super‑intelligence. Vector search is based on information from a dataset or the internet. Models are typically trained on real scientific publications. By design, a model is not biased toward any particular source of information. We will also attach a link to the source on which the model’s output is based.

In this way, each of you will be able to check with one click whether the text corresponds to reality. A topic may have several sources of truth. What to regard as truth is your choice and yours alone.

Thus, if EU fact‑checking carries weight for you, you will be able to examine it alongside other sources. Such a system does not violate EU law while preserving users’ rights to know and to consider other viewpoints.

It will likely be fair to give users a choice among LLMs. A request may go to a centralized provider or potentially to a decentralized provider such as @Cocoon. We do not limit your choice. We provide a tool that you can use at your discretion.

— 3. Interoperability between messengers —

Although we are not among the designated "gatekeepers", we would like to offer our view. The initiative is interesting, but it requires agreement on a single E2EE protocol for all messengers as well as the ability to verify its implementation through open‑source code.

Consider this scenario: our users send messages to WhatsApp users. We implement E2EE and open our source code, thereby proving that we truly implemented it. In that case, we also expect WhatsApp to follow the same rules. Otherwise, a leak on WhatsApp’s side would affect our messenger’s reputation. We would be blameless, yet we do not want to be associated with negative headlines. We oppose this initiative if our partners will not open their source code.

It is worth remembering that laws, like coins, have two sides. It is incorrect to claim that all laws bring only harm. One should carefully weigh pros and cons, rights and duties. The core principle of law is to protect people from harming one another. What is harm? It is not for us to judge, since we do not possess the truth. You determine truth yourselves. You have the right to speak, and you have the right to be heard. If you spread disinformation, be ready for criticism. If you speak the truth, be ready for criticism as well. This is the power of the internet. Only bots are standing in the way - and we'll challenge them. ⚔️

Fun fact: under the GPL public license, all third‑party Telegram clients based on its source code must publish their code openly.

We would also be glad to present future integration with Telegram’s Secret Chats, as they fully comply with our policy.
Unfortunately, integration with regular Telegram chats is impossible due to the lack of end‑to‑end encryption on Telegram’s side. We look forward to a protocol update from Telegram. To achieve this, we must demonstrate the value of encryption across all chat types. We cannot do this without your support. The louder the community’s voice, the greater the chance we will be heard. The more serious the competition we pose to Telegram, the more often it will listen to its users.

Keep your private data safe
Seek the truth and find your own understanding of it
Communicate freely with your friends

We continue our work thanks to your support ⚙️
We continue to stand for peace, safety, and freedom. 🕊
Thank you to everyone who is with us. 🤍

UPD: Correction to clarify up-to-date information. The data is transmitted into Secure Enclaves. More details at Self Protocol Architecture Docs
What are Secure Enclaves?
Simply put, your data is still completely safe with cryptographic verification. You remain the sole owner of your data.

Bots have started unsubscribing from the channel. Can we say we're on the right way? Can we say that we have taken the first step?

#NoAdSpam

We originally spoke out against integrated ads in the messenger.
But what about ad spam from channel authors?

Most channels publish hundreds of promotional posts per month. That's more than the channel's actual themed content.
From now on, users will be able to see how many promotional posts the channel publishes per month.
Every promotional post must be labeled with a small "ad" badge.
It's barely noticeable to users, but if a post contains advertising and doesn't include the label, the channel can be reported.
If there are many violations, the channel will receive an "ad spam" badge (like "scam" or "spam" badges)

We do not restrict creators who want to monetize their channels through advertising
We do not limit project growth - you are free to buy ads from channel owners
We give users the ability to know what kind of channel they are subscribing to

This post is a test of the new short-post format. But maybe after the shorter context you still have a lot of questions. Let us know which format you prefer.
If you have any remaining questions, contact us

When AWS was down - tonm.app was working
When Cloudflare was down - tonm.org was working
ton-messenger.ton was working all the time