← Back to Skills Marketplace
MTProto 2.0
by
zhihang9978
· GitHub ↗
· v1.0.1
· MIT-0
247
Downloads
0
Stars
0
Active Installs
2
Versions
Install in OpenClaw
/install mtproto-2-0
Description
MTProto 2.0 protocol implementation guide for Telegram backend development. Use when implementing MTProto encryption, handshake, message serialization, or bu...
README (SKILL.md)
MTProto 2.0 Protocol
Complete implementation guide for Telegram's MTProto 2.0 encryption protocol.
⚠️ IMPORTANT SECURITY NOTICE
This skill provides educational guidance on MTProto 2.0 protocol. Before using in production:
- Verify Auth Key ID size: Ensure 8-byte alignment throughout your implementation
- Use crypto/rand: Never use math/rand for cryptographic operations
- Test against official vectors: Validate against Telegram's reference implementations
- Audit by experts: Have cryptographers review before handling real keys
- Check off-by-one errors: Carefully validate all buffer sizes and offsets
See references/security-notice.md for detailed corrections.
Quick Reference
Core Components
- Auth Key: 256-bit symmetric key from DH exchange
- Server Salt: 64-bit anti-replay nonce
- Message Key: 128-bit message identifier
- AES-256-IGE: Encryption mode with error propagation
When to Use
Use this skill when:
- Implementing MTProto handshake (req_pq → req_DH_params → set_client_DH_params)
- Encrypting/decrypting MTProto messages
- Serializing TL objects
- Building Telegram-compatible gateways
- Debugging connection issues
Handshake Flow
Client Server
| |
| 1. req_pq |
|----------------------------------->|
| |
| 2. server_public_key_fingerprints|
|\x3C-----------------------------------|
| |
| 3. req_DH_params |
|----------------------------------->|
| |
| 4. server_DH_params |
|\x3C-----------------------------------|
| |
| 5. set_client_DH_params |
|----------------------------------->|
| |
| 6. dh_gen_ok |
|\x3C-----------------------------------|
See references/handshake.md for detailed implementation.
Encryption
AES-256-IGE Mode
// Key derivation from Auth Key + Message Key
func deriveKeys(authKey, msgKey []byte) (aesKey, aesIV []byte) {
x := sha256.Sum256(append(msgKey, authKey[:36]...))
y := sha256.Sum256(append(authKey[40:76], msgKey...))
aesKey = append(x[:8], y[8:24]...)
aesIV = append(y[:8], x[24:32]...)
return
}
See references/encryption.md for complete algorithm.
Message Format
Encrypted Message Structure
┌─────────────────────────────────────────────────────────┐
│ Auth Key ID │ 8 bytes │ SHA1(authKey)[96:128] │
├─────────────────────────────────────────────────────────┤
│ Message Key │ 16 bytes │ SHA256(plaintext)[8:24] │
├─────────────────────────────────────────────────────────┤
│ Encrypted Data │ Variable │ AES-256-IGE encrypted │
└─────────────────────────────────────────────────────────┘
Plaintext Structure
┌─────────────────────────────────────────────────────────┐
│ Salt │ 8 bytes │ Server Salt │
├─────────────────────────────────────────────────────────┤
│ Session ID │ 8 bytes │ Unique session ID │
├─────────────────────────────────────────────────────────┤
│ Message ID │ 8 bytes │ Timestamp + sequence │
├─────────────────────────────────────────────────────────┤
│ Sequence No │ 4 bytes │ Packet sequence │
├─────────────────────────────────────────────────────────┤
│ Length │ 4 bytes │ Message body length │
├─────────────────────────────────────────────────────────┤
│ Message Body │ Variable │ TL-serialized data │
├─────────────────────────────────────────────────────────┤
│ Padding │ 0-15 B │ Random padding │
└─────────────────────────────────────────────────────────┘
See references/message-format.md for details.
TL Language
Type Serialization
// Constructor with ID
user#938458c1 id:long first_name:string = User;
// Method definition
checkPhone#6fe51dfb phone_number:string = Bool;
See references/tl-language.md for TL schema reference.
Security Features
Forward Secrecy
- Auth Key derived from ephemeral DH exchange
- Keys rotated periodically
- Old key compromise doesn't expose history
Anti-Replay Protection
- Server Salt changes per connection
- Message ID includes timestamp
- Sequence number verification
- Time window validation
Integrity Verification
- Message Key from SHA256 hash
- AES-IGE error propagation
- Length field validation
Go Implementation
Basic Connection
type MTProtoConn struct {
conn net.Conn
authKey []byte
salt int64
sessionID int64
seqNo int32
}
func (m *MTProtoConn) Send(msg TLObject) error {
// 1. Serialize
plaintext := msg.Encode()
// 2. Calculate Message Key
msgKey := calcMsgKey(plaintext, m.authKey)
// 3. Derive AES keys
aesKey, aesIV := deriveKeys(m.authKey, msgKey)
// 4. Encrypt
encrypted := encryptAESIGE(plaintext, aesKey, aesIV)
// 5. Construct packet
packet := constructPacket(m.authKey, msgKey, encrypted)
// 6. Send
_, err := m.conn.Write(packet)
return err
}
References
- Handshake Details - Complete DH exchange
- Encryption Algorithm - AES-256-IGE
- Message Format - Binary protocol
- TL Language - Type serialization
- ⚠️ Security Notice - CRITICAL FIXES FOR PRODUCTION
Official Resources
Usage Guidance
This is a documentation/implementation guide (no installation or network behavior). It is internally coherent and appropriate for implementing MTProto, but several example code snippets are insecure if copied verbatim: they use math/rand for cryptographic nonces/padding, sometimes ignore errors (e.g., aes.NewCipher returned error ignored), and show padding/IV handling that must be carefully reviewed. The bundle itself includes a 'Security Notice' that identifies and corrects many of these issues — follow those corrections. Before using any example code in production you should: (1) replace all math/rand usages with crypto/rand, (2) ensure constant-time comparisons for MACs, (3) handle errors properly and avoid panics, (4) validate DH primes and parameter sizes, (5) test against official Telegram reference vectors, and (6) obtain a cryptographer/security audit. If you need the skill to perform runtime actions (build/run code, handle real keys, or contact networks), do not use these examples directly; instead implement corrected, reviewed code and treat all sample keys/IDs as documentation-only.
Capability Analysis
Type: OpenClaw Skill
Name: mtproto-2-0
Version: 1.0.1
The skill bundle is a comprehensive technical guide for implementing the MTProto 2.0 protocol. It contains educational documentation and Go code snippets for AES-256-IGE encryption, Diffie-Hellman handshakes, and TL serialization. Notably, the bundle includes a dedicated security notice (references/security-notice.md) that proactively identifies and corrects common implementation vulnerabilities, such as the use of non-cryptographic random number generators (math/rand). No indicators of malicious intent, data exfiltration, or prompt injection were found.
Capability Assessment
Purpose & Capability
Name/description match the provided content: all files are MTProto protocol references, handshake, encryption, TL language, and implementation examples. There are no unrelated env vars, binaries, or installs requested.
Instruction Scope
SKILL.md and referenced files are purely implementation guidance and do not instruct the agent to read system files, exfiltrate data, or call external endpoints. However, multiple code examples demonstrate insecure practices (use of math/rand, improper IV handling, panic-based error handling, ignoring returned errors) — the package includes a clear security-notice that calls these out and provides corrections.
Install Mechanism
Instruction-only skill with no install spec and no code to be downloaded or executed at install time, so there is no install-time code execution risk.
Credentials
No environment variables, credentials, or config paths are requested. There are no surprising permissions or cross-service credentials required.
Persistence & Privilege
Skill is not always-enabled and uses default invocation behavior. It does not request to persist configuration or modify other skills or system-wide settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install mtproto-2-0 - After installation, invoke the skill by name or use
/mtproto-2-0 - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.1
v1.0.1: Added security notice document with critical fixes for production use. Fixed Auth Key ID size documentation, crypto/rand usage, and off-by-one error warnings.
v1.0.0
Initial release: MTProto 2.0 protocol implementation guide for Telegram backend development
Metadata
Frequently Asked Questions
What is MTProto 2.0?
MTProto 2.0 protocol implementation guide for Telegram backend development. Use when implementing MTProto encryption, handshake, message serialization, or bu... It is an AI Agent Skill for Claude Code / OpenClaw, with 247 downloads so far.
How do I install MTProto 2.0?
Run "/install mtproto-2-0" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is MTProto 2.0 free?
Yes, MTProto 2.0 is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does MTProto 2.0 support?
MTProto 2.0 is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created MTProto 2.0?
It is built and maintained by zhihang9978 (@zhihang9978); the current version is v1.0.1.
More Skills