August 04, 2023
Telegram bots, a powerful tool for degens or another story to be shilled?
Telegram bots and related coins are creating a FOMO in the crypto market after the market capitalization of $UNIBOT pumped from $30 million to $185 million (currently $110 million). $UNIBOT is a coin issued by UNIBOT, a Telegram decentralized exchange trading bot, where users can interact with the bot to snipe dex pools, swap, and copy trading.
As UNIBOT is gaining attention from the crypto market, various kinds of bots emerge: LootBot is a bot to hunt airdrops on different EVM chains automatically. Bridge Bot is to bridge users' funds faster and safer. MEVFree bot is to help users avoid MEV attacks when they trade.
Should we ape in?
We can see that Telegram bots are programs that run on Telegram to provide different services to meet the needs of degens and airdrop hunters. Currently, it is a deep bear market and crypto traders need to trade shitcoins/memecoins to make remarkable profits. 2023 has witnessed many influential memecoins like $Pepe, $Ordi, $Aidoge. UNIBOT happens to be "a shitcoin exchange" and its coin $UNIBOT has been hyped. Investors or speculators may recognize that UNIBOT's revenue in 24 hours once reached 337.54 $ETH ($665,000) on July 23 as the graph shows below. They claimed that UNIBOT is a real-yield project since UNIBOT takes 1% on trading fees and 5% sales tax when selling $UNIBOT coins.
However, about 80% of the daily revenue that UNIBOT generates comes from $UNIBOT speculation, not from using UNIBOT to trade. If $UNIBOT is no longer hyped, the daily revenue will decrease sharply. Now the average daily trading volume is about $4.6 million, the trading fee is about $46,000. The Circulating Supply of $UNIBOT is 10 million and the price of $UNIBOT is $110. The daily revenue per token is about $0.023 which shows $UNIBOT is not worth investing in now.
Risks of Telegram bots
The risks of Telegram bots are the same as that of centralized exchanges. If users want to use Telegram bots, they need to import their private keys to these bots. During the process, it is possible for other softwares read the private keys through the pasteboard. Once users import the private keys, their crypto assets are not controlled by themself.
2. Security Risk
Most telegram bots are not open-source and do not have code audits by third parties. The potential vulnerabilities in the bots can cause asset losses. If a user's Telegram account is attacked (phishing attacks on Telegram accounts happen frequently), the bots are also controlled by hackers.
During the Telegram bots FOMO, phishing bots and scams emerge. These bots claim to be automated trading or anti-frontrunning to induce users to import private keys and then transfer users' funds without their permission.
How to improve Telegram bots?
1. Open source
Telegram bots should be open-source and conduct security reviews to prevent project teams from doing evil. Users need to know the bots' trading strategies or airdrop hunting strategies through the codes rather than the descriptions given by bot developers.
2. Security enhancement
Telegram bots need to consider private key protection and build a safer running environment. For instance, it is recommended to use MPC(Multi-Party Computation) when storing private keys and signing transactions, which can decrease the centralization risks and make users control their own assets. Telegram bots can add functions or integrate security services from security companies to verify token contracts to prevent users from honeypots and potential rug pulls.
Overall, Telegram bots can be a powerful tool for traders, especially for degens, offering convenient and efficient crypto services for users. However, the related tokens are not worth investing and users need to pay attention to the risks of Telegram bots. Users should always exercise caution and conduct thorough research before using any trading bots.
Beosin is a leading global blockchain security company co-founded by several professors from world-renowned universities and there are 40+ PhDs in the team, and set up offices in 10+ cities including Hong Kong, Singapore, Tokyo and Miami. With the mission of "Securing Blockchain Ecosystem", Beosin provides "All-in-one" blockchain security solution covering Smart Contract Audit, Risk Monitoring & Alert, KYT/AML, and Crypto Tracing. Beosin has already audited more than 3000 smart contracts including famous Web3 projects PancakeSwap, Uniswap, DAI, OKSwap and all of them are monitored by Beosin EagleEye. The KYT AML are serving 100+ institutions including Binance.
If you need any blockchain security services, welcome to contact us:
Related Project Secure Score
Guess you like
Seoul Web3.0 Festival Kicked Off, as Exclusive Security Partner, Beosin Leads Korean Youth to Build
August 02, 2023
Beosin’s Research | Transaction Malleability Attack of Groth16 Proof
August 07, 2023
Exploring Tornado Cash In-Depth to Reveal Malleability Attacks in ZKP Projects
August 07, 2023
Beosin Has Officially Completed Security Audit Service for Hope.money
August 08, 2023