Everything we can do fits in one open file.
Every action the guard can take on your account is the short, fixed list below, running in sealed AWS Nitro hardware you can verify. Check it yourself, or have an AI check it for you.
This is what an attacker sees.
This is the complete account-management surface the guard is designed to expose.Unverified snapshot. Once the gateway is attested, this card binds the running image to this exact published source before showing it as proven.
| what it does | MTProto method | r/a | in plain words |
|---|---|---|---|
| listSessions() | account.getAuthorizations | read | Lists the devices logged into your account, the same roster Telegram shows you in Settings. It reads this list and does not change it. |
| evictSession({hash}) | account.resetAuthorization | act | Removes a single session that isn't on your keep-list, found by its hash. One at a time, never a bulk wipe. |
| declineReset() | account.declinePasswordReset | act | Says no to a 2FA-password reset an attacker started. It has no method to start or change a password. |
| readSecurityState() | account.getPassword (+TTL) | read | Reads whether 2FA is on and your auto-delete timer. It is not handed your actual password. |
| logOutSelf() | auth.logOut | act | Logs out the guard's own session, for example when you revoke it. It has no method to log out you or your other devices. |
| whoAmI() | users.getUsers{Self} | read | Reads your own profile to confirm whose account it guards. It has no method to look up anyone else. |
| onNewAuth(evt) | UpdateNewAuthorization | read | Receives a four-field “a new login happened” alert. It carries no message content. |
| catchUpEvents() | updates.getDifference | read | Re-syncs the event stream after a gap so a new login is caught in real time. Its reply can include message updates; the guard discards those unread and reads only the login and session events. |
One-time setup only · switched off once armed
- auth.sendCode · send the one-time login code
- auth.signIn · complete the login
- auth.checkPassword · verify the 2FA SRP proof
What the gateway has no method to do
- ✕Read or send your messages. No messages.* method exists, and the one call that can surface message updates (updates.getDifference) discards them unread.
- ✕See your chats, dialogs, or contacts. No contacts.* and no getDialogs.
- ✕Open or download your files. No upload.* and no download method.
- ✕Change or reset your password, or export or back up your account. No password setter, no takeout, no login-token export.
- ✕Wipe your sessions in bulk or clear your keep-list in one shot. It removes a session that isn't on your keep-list one at a time, by its hash.
- ✕Send a Telegram call of its own choosing. There is no generic invoke; anything off the list has no path to the wire.
- ✕Look up anyone's profile but your own. getUsers is restricted to your own profile.
- ✕Log anyone out except its own guard session.
- ✕Reach the setup login calls once your account is armed.
- ✕Mint a login for another account, or hand your login to another device. It can only move its own connection between Telegram's datacenters for your account.
Don’t trust us?
Let an AI read every line.
Proof it is the real thing
That list is the code actually running, in real hardware.
AWS itself signs a document saying exactly which code booted inside the sealed enclave, and you can rebuild that open source to get the same fingerprint. So the list above is the code holding your account, not a promise. Here is that proof, checked live in your browser.
Verifying live in your browser…
The code you can read is the code running right now. Every line below was checked in your browser, with no server of ours involved.
1· AWS itself signed this proof. Your browser checked that signature against AWS’s own hardware key, so it genuinely came from a real sealed AWS enclave.
ES384 over the COSE structure · chain: leaf → CA bundle → pinned AWS Nitro Root G1
The raw signed document →2· The proof carries a fingerprint of the exact code that booted inside that enclave. Your browser checks it matches the fingerprint we published, byte for byte, both shown below.
Published (in the open source):
724a471e09d3bfa2b5127e35a23020bbeee9f848bd5bf405a8b7a620662babb6b11a41051d2e1a31585cda1bf1ea78d4Running right now (live attestation):
verifying in your browser…3· That published code is open source. Anyone can rebuild it and get the same fingerprint, so the operations above are provably what is holding your account, not a promise.
No server of ours was involved in this check. Reload to run it again, and so can anyone you ask.
See it for yourself
Walk the whole thing, then guard your Telegram.
The demo runs the full setup end to end with nothing real, so type anything you like and see exactly how it works. Or start guarding your account right now.