Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
teleproto
A modern Telegram client library written in TypeScript for Node.js, forked from GramJS with performance and size improvements.
Quick Start
Here's how to get started with teleproto:
Installation
$ npm i teleproto
Authentication Setup
- Login to your Telegram account
- Click "API development tools" and create an application
- Save your API ID and hash (never share these with anyone)
Basic Usage
import { TelegramClient } from "teleproto";
import { StringSession } from "teleproto/sessions";
import readline from "readline";
const apiId = 123456; // Replace with your API ID
const apiHash = "123456abcdefg"; // Replace with your API Hash
const stringSession = new StringSession(""); // Save the string session for later use
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
});
async function main() {
console.log("Starting teleproto client...");
const client = new TelegramClient(stringSession, apiId, apiHash, {
connectionRetries: 5,
});
await client.start({
phoneNumber: async () =>
await new Promise(resolve => rl.question("Phone number: ", resolve)),
password: async () =>
await new Promise(resolve => rl.question("Password: ", resolve)),
phoneCode: async () =>
await new Promise(resolve => rl.question("Verification code: ", resolve)),
onError: (err) => console.error(err),
});
console.log("Connected successfully!");
console.log("Session string:", client.session.save()); // Save this to avoid login next time
// Send a message to yourself
await client.sendMessage("me", { message: "Hello from teleproto!" });
// Disconnect when done
await client.disconnect();
rl.close();
}
main();
You can also use StoreSession to save auth data to a folder instead of a string:
import { StoreSession } from "teleproto/sessions";
const storeSession = new StoreSession("session_folder");
const client = new TelegramClient(storeSession, apiId, apiHash, {});
API Usage
Calling Raw API Methods
await client.invoke(new Api.RequestClass({ param1: "value1" }));
Event Handling
import { NewMessage } from "teleproto/events";
client.addEventHandler(async (event) => {
console.log("New message received:", event.message.text);
if (event.message.text === "Hello") {
await event.message.reply("Hi there!");
}
}, new NewMessage({}));
Ask a question
If you have any questions or need help, feel free to join our Telegram group or open an issue on GitHub
FAQs
NodeJS MTProto API Telegram client library,
The npm package teleproto receives a total of 91 weekly downloads. As such, teleproto popularity was classified as not popular.
We found that teleproto demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 09 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025