Show HN: Mtproto.zig – High-performance Telegram proxy with DPI evasion

22 points by slp3r 2 days ago

Hey everyone. I built an MTProto proxy for Telegram aimed at bypassing active DPI censorship like the Russian TSPU. I chose Zig because it's perfect for writing fast network daemons and makes it incredibly easy to port low-level C bypass techniques like TCP desync and packet fragmentation. Would love to get some feedback or contributors!

txrx0000 - 2 days ago

Cool project. But why tunnel Telegram specifically? This could be a yet another VPN protocol.

There are some useful ideas from SoftEtherVPN, BitTorrent, Yggdrasil Network, and Tor you could borrow, if you're looking to improve this. The ideal tunneling solution, which doesn't exist yet, is one that not only evades DPI, but also onion bounces you through nodes in a decentralized ad hoc network, and does automatic node discovery.

pixel_popping - a day ago

Nowadays I prefer to have dedicated application solutions, everybody (with security in mind) has some sort of base WG/Tailscale setup, it's annoying to tweak to incorporate those on top, so per-program solution imo makes sense and especially in the AI era where you don't really want to allow agents to tamper with your main network card config, it's safer and cleaner.
Thanks OP for this!
- txrx0000 - a day ago
  
  What I meant was that you could combine ideas from those 4 projects to build a new VPN protocol, not that you need to tweak your existing tunneling setup to allow those applications through.

kraftaa - a day ago

Interesting approach, I saw a discussion recently about how mimicking real traffic tends to work better than randomizing it, since randomness becomes its own fingerprint.

Does this still blend in well with normal HTTPS traffic?

echovoiceapp - 2 days ago

Interesting project! As someone building a voice-to-text keyboard (Echo), I appreciate the craftsmanship here. The attention to detail in developer tools makes a big difference for the end user experience.

wheresmyshadow - 2 days ago

that looks very interesting, indeed. do you think it could work in places like iran too during current internet shutdown? some people use things like dnstt to get connected but it's extremely slow and unstable.

thanks for your work

slp3r - 2 days ago

If they are implementing a complete blackout - dropping international routing and switching to a default-deny intranet - this proxy won't help, sadly
- hagbard_c - 2 days ago
  
  It could if connectivity to Telegram were brought in through e.g. Starlink. Users would connect to the proxy (an Iranian address) which forwards the requests to the outside world.

Asuka-wx - 2 days ago

As a solo founder myself, I can relate. The hardest part is making decisions alone.

ai_slop_hater - 2 days ago

Have you built it, or have you had AI build it?

acheong08 - 2 days ago

Very obvious with the GEMINI.md.
I wish there was a rule to ban AI submissions. Not because I think there's 0 value, but because there's just such a high volume and low signal to noise ratio
buremba - 2 days ago

does it matter?
- 000ooo000 - 2 days ago
  
  Yeah it does. If you're happy routing your personal data through software that lacks an author who fully understands what the software does, good for you. Suggesting that this doesn't matter in general is.. not an opinion I'd share publicly.
  - buremba - 2 days ago
    
    You can ask your agent to verify or review code. Just because people wrote code by hand, it doesn't mean you should trust

- 2 days ago

[deleted]

weiyong1024 - a day ago

[dead]