telegram bot
deny.sh on Telegram.
Encrypt messages and secrets without leaving the chat. @denyshbot
↓
Commands
/encrypt
Encrypt any message with deniable encryption. The bot walks you through each step.
Send your message
Enter your first password
Enter your second password
Enter your decoy message
Receive ciphertext, real control file, decoy control file
/decrypt
Decrypt a ciphertext. Supply the hex, your password, and a control file.
Paste the hex ciphertext
Enter both passwords (same ones you encrypted with)
Upload a control file (real or decoy), or pick one from your vault. The control file you choose decides which plaintext you recover.
/protect
Seed phrase wizard. Validates BIP-39 word count (12, 15, 18, 21, or 24 words), then runs the same encrypt flow as
/encrypt.
/vault
Manage control files stored in your bot vault. List, download, or delete with inline buttons.
Shortcut: Reply to any message with
/encrypt and the bot will encrypt that message's text directly, skipping the manual input step.
Security
Passwords deleted immediately
Your password messages are deleted from the chat as soon as the bot reads them. They are never stored in any log.
DMs only
Encryption and decryption only run in direct messages. Group commands redirect you to a private chat.
Padded control files
All control files are padded to identical sizes. An observer cannot infer which is real vs decoy from the file size.
Passwords never stored
Passwords exist only in memory during the active operation. Nothing is written to disk, logs, or the vault.
Same algorithm across all platforms. Ciphertext produced by @denyshbot can be decrypted on the deny.sh website, via the CLI, or with the browser extension. The algorithm is the same everywhere.