A production-ready backend for a Telegram-based crypto trading assistant focused on BNB (Binance Smart Chain) wallet management, P2P transfers, NFT ticketing, and Orange Money (mobile money) payments.
This repository contains the TypeScript backend that powers a Telegram bot providing secure wallet management, token swaps, NFT ticketing and event management, and fiat on/off-ramps via Orange Money.
- Project overview
- Features
- Quick start
- Configuration
- API / Bot commands
- Architecture
- Security considerations
- Development & testing
- Contributing
- License & contact
Goal: provide a secure, auditable backend that connects Telegram users to BNB wallets and blockchain operations while supporting real-world payments.
Audience: developers building Telegram-first crypto services, event organizers using NFT-based tickets, and operators who need a combined crypto+mobile-money payout flow.
Out-of-scope: front-end UI beyond Telegram, custody-free protocols (this project stores encrypted keys for convenience — see Security section).
- User management via Telegram (automatic registration, profile management)
- BNB wallet lifecycle: create, import (private key), view balance, export (admin)
- P2P transfers between users (by Telegram ID or @username)
- Token swaps (integrations via on-chain swap services)
- NFT management and event ticketing (mint, transfer, validate, QR entry)
- Orange Money cash-in / cash-out flows (XOF support)
- Transaction history with blockchain explorer links and basic reconciliation
- Admin tools for event creation, ticket minting, and user support
Prerequisites
- Node.js 16+ (LTS recommended)
- npm or yarn
- MongoDB (local or hosted)
- Telegram bot token
Local install (Windows / PowerShell)
git clone https://github.com/Novus-Tech-LLC/Telegram-BNB-Trading-Bot-Integration.git
cd Telegram-BNB-Trading-Bot-Integration
npm installCreate environment variables
Create a .env file at the project root with the following minimum values:
TELEGRAM_BOT_TOKEN=your_telegram_bot_token
MONGO_URI=mongodb://localhost:27017/telegram-bot
JWT_SECRET=replace_with_secure_random
NODE_ENV=developmentRun in development
npm run devThe bot will connect to Telegram and start responding to configured commands.
Common configuration keys (add to .env or your environment management system):
- TELEGRAM_BOT_TOKEN — Telegram bot token from BotFather
- MONGO_URI — MongoDB connection string
- JWT_SECRET — JWT signing secret for internal tokens
- ORANGEMONEY_CLIENT_ID / ORANGEMONEY_CLIENT_SECRET — credentials for Orange Money integration
- BSC_RPC_URL — Binance Smart Chain RPC endpoint (public or provider)
- ADMIN_TELEGRAM_IDS — comma separated list of admin Telegram IDs
Refer to src/config (if present) or README sections per-service for optional keys.
- /start — register/login and show the main menu
- /help — display help and supported commands
- /wallet — open wallet management menu
- /create_wallet — generate a new BNB wallet
- /import_wallet — import a wallet using a private key
- /balance — show BNB balance and token balances
- /p2p — start a peer-to-peer transfer flow
- /nfts — list your NFTs and ticketed events
Admin commands (require admin role)
- /create_event — create a new ticketed event
- /mint_tickets — mint tickets for an event
- /export_keys — (admin-only, protected) export encrypted keys for backup
Repository layout (high level)
src/
├─ bot/ # Telegram bot handlers and command routing
├─ models/ # Mongoose models and DTOs
├─ services/ # Business logic (wallets, payments, NFTs, users)
├─ utils/ # Blockchain helpers, db connection, validators
└─ index.ts # App bootstrap
Design principles
- Separation of concerns: controllers (bot interactions) call services which mutate models
- Idempotent operations for on-chain flows where possible
- Audit logging around financial operations
- Small, well-defined surface area for admin operations
- Private keys: encrypted at rest using a strong KMS or locally-configured encryption key. Treat secrets as high sensitivity.
- Validation: strict input validation for amounts, addresses, and usernames. Never trust user input for on-chain operations.
- Rate limiting & anti-abuse: implement per-user rate limits for sensitive operations (transfers, imports).
- Secrets: keep
.envout of source control. Use a secret manager for production deployments. - Auditing: persist transaction logs and reconcile with blockchain explorers periodically.
Recommended workflow
- Create a feature branch: git checkout -b feat/your-feature
- Run unit tests and linting before pushing
- Open a pull request with a clear description and test steps
Scripts (package.json)
- npm run dev — start in development with hot reload (nodemon)
- npm run build — compile TypeScript
- npm run start — run compiled build
- npm test — run tests (if present)
Testing notes
- Add unit tests for services and utilities. Mock external networks (blockchain, Orange Money) in tests.
Minimal production checklist
- Use a managed MongoDB or secure self-hosted instance
- Run the app in a container or managed service behind a process manager
- Provide environment variables via a secrets manager
- Configure monitoring and alerting for failed transactions and service errors
Contributions are welcome. Please follow these steps:
- Fork the repository
- Create a branch for your change
- Write tests for new functionality
- Open a pull request describing the change and rationale
For significant changes (new payment provider, refactor of wallet storage) open an issue first to discuss the design.
This project is published under the ISC license. See the LICENSE file for details.
| Platform | Link |
|---|---|
| 📱 Telegram | t.me/novustch |
| wa.me/14105015750 | |
| 💬 Discord | discordapp.com/users/985432160498491473 |
Feel free to reach out for implementation assistance or integration support.
If you'd like, I can also:
- Extract a short
docs/folder with user, admin, and developer guides - Add a small example
.env.exampleandCONTRIBUTING.md - Split the README into a concise landing README and extended docs