cThrone LogocThrone
Get Started

Security Model & Transparency

We built cThrone for technically literate developers who are wary of routing production bot traffic or tokens through third-party services. Here is exactly how our platform behaves under the hood—written in plain, factual language.

1. How is my Bot Token stored?

To retrieve chat history, monitor analytics, and execute broadcast messages, cThrone must act as an authorized proxy on your behalf. This requires us to store your Telegram bot token.

2. What happens to my bot if cThrone goes down?

Uptime is critical. We treat cThrone as high-availability infrastructure. However, as developers, we design for failure.

// Outage & Failover Behavior

cThrone is architected as an ultra-lightweight reverse proxy layer positioned in front of our main database and telemetry processors. In the event of a database failure or processing service outage, our proxy automatically falls back to a stateless pass-through mode—forwarding your incoming payloads straight to api.telegram.org without attempting to process telemetry.

3. What is the proxy latency overhead?

Routing calls through a middleman proxy introduces additional round-trip hops. We optimize our proxy server code to reduce memory allocations and run light socket connections.

// Latency Overhead Benchmark

Average latency overhead introduced per update/response: {{ PROXY_LATENCY_OVERHEAD }}

4. Where is my bot traffic processed and hosted?

Compliance, hosting providers, and server jurisdiction matter. We process your updates strictly on regional node clusters.

// Region & Legal Jurisdiction

Hosting provider, datacenter region, & jurisdiction: {{ HOSTING_REGION_AND_JURISDICTION }}

5. Leaving is as easy as joining (Reversibility)

We believe that **complete reversibility is a core trust signal**. You should never be locked into an admin infrastructure tool. If cThrone doesn't fit your needs, you can fully disconnect in under 2 minutes with no remnants left behind.

Steps to revert and disconnect 100%:

  1. Restore API Base URL: In your bot application code (e.g. grammY, aiogram, or Telegraf setup), change the API base or custom endpoint URL from your cThrone proxy endpoint (https://abc123d.cthrone.dev) back to the default Telegram server endpoint (https://api.telegram.org).
  2. Clear Webhook Configuration: If you use webhooks, trigger a clean webhook initialization to Telegram using your bot's token. This directly re-registers your original server address with Telegram, bypassing cThrone completely.
  3. No Code Changes Required: Your database model, hosting setup, and core bot loop code remain completely unmodified. There is nothing to refactor.

Once your code is reverted, no traffic ever touches our servers again, and your token can be safely rotated on BotFather for complete peace of mind.

Have additional security questions?

We are committed to extreme transparency. Send your technical questions, threat models, or custom configuration queries directly to our founder.

Contact Founder Directly