Telefuel is an unofficial Telegram client for power-users and teams that lets users organize their chats into workspaces and folders, filter by chat types and unread messages, and access keyboard shortcuts and other productivity features.
Telefuel leverages modern technologies in order to mitigate man-in-the-middle attacks for users. We've taken steps to eliminate any possibility that someone can snoop on your messages, including ourselves.
Telefuel bundles the Telegram API library along with the application so that all data requests to Telegram happen client-side. In other words, your Telegram data stays on your device and never touches Telefuel servers, except in certain cases which we'll outline below.
Your Telegram data stays on your device and never touches Telefuel servers.
Telegram uses MTProto, an encrypted messaging protocol optimized for fast file transfers between mobile applications. Realizing that building mobile applications are hard and that they should focus on developing the TON blockchain, the Telegram team released a C++ library called tdlib that manages network and data synchronization between Telegram servers and client applications over MTProto.
We use tdlib for all of our applications so that we can iterate quickly and focus on developing features that delight our users.
Currently, our stack consists of React, Electron and Go. Since tdlib is a c++ library, we took steps to compile tdlib to a WebAssembly module (wasm), which we embed into our web and desktop applications.
The implication of this work is that all your encrypted Telegram data moves between your device and Telegram, and does not pass through Telefuel servers. We do not sit in the middle as illustrated in the diagram below.
Figure 1: Data Flow - Man in the middle mitigation
In order to access the Telefuel Application, users must go through Telegram's authentication flow:
As you progress through each of these steps, it's important to note that your phone number, passcode, and password are never sent to Telefuel servers.