Please be very careful using this tool to automate your WhatsApp - if you send too many messages, too quickly, you are going to get banned.
This is NOT an officially supported api by WhatsApp and the risk of ban is relatively high
As long as you don't abuse and keep your usage within the parameters of any human, you'll be fine.
Now there are a lot of implementation requirements, basically forcing you to have some kind of messaging provider. Therefore difficult to apply for an open source solution. However there is such an interface.
[0] https://developers.facebook.com/m/messaging-interoperability...
They don't have one for regular people who want to do regular end-user computation.
I understand that WhatsApp is kinda special in that it effectively replaced SMS in some parts of the world, but IMO this needs to be looked at through the lens of other Meta effort. The same is the case with Facebook/Messenger, and has been since before WhatsApp has been a (Meta) thing - they offer multiple different official ways to support spamming users and tricking them to buy stuff, but may the Lord have mercy on you should you want to create an auto-responder or "save to calendar" script and hook it up to your personal account.
Just yesterday I setup a bot which is easy via botfather
And also, setup an app (claude built it but I had to fiddle with it, it works like pagerduty) but uses cloudflate worker to push downtime/errors (via fcm) in production (from graphana) via webhooks to "full screen, by pass dnd, alerts, with loud music, this one: https://www.youtube.com/watch?v=H0IQBWWabuU )
I named the app "Siren".
It's not straightforward to have durable hard to miss alerts about your production enviornment but good thing is this doesn't cost a cent.
Telegram group alerts are from my teammates (small team 3 members) via bot.
And Siren is for only me as I am responsible for the backend with 10 microservices, centralized logging via graphana, alloy, loki, and for metrics Prometheus.
It's all working reasonably well for me, this makes your life so much better as you fix the issues before they turn into nightmare.
SMS security only became a problem due to 2FA, which is just one of many use cases, and the failure isn't even technical here but organizational. I agree it should've prompted more pressure to secure the system against SIM-swapping; alas this is too close to the Real World, so the tech industry instead responded with alternative that side-steps the problem by offering zero customer support. No humans to talk to = no humans to social engineer = secure. So much win.
(I'd also say the 2FA proliferation is itself a problem, but that's an unpopular opinion and for a separate discussion.)
It doesn't work on my computer, nor does it work on my phone when I'm traveling (different SIM), so I give a damn. WhatsApp, iMessage, Signal etc. do both. I really wish there was an open, federated standard (and no, RCS is neither), but until then, I'll use what actually works for me.
SMS just sucks, and I hate that it's become so ubiquitous an authentication method when it's not even secure.
I've never understood why so many people still chain their identities to physical SIM or even eSIMs. It's so fragile.
Unfortunately, more and more services are declining to send to VoIP numbers because of seCurItY, so it's a game of cat and mouse.
Fortunately SMS is so expensive in parts of Europe and it's not allowable anymore to use SMS by itself for online payment authentication, and both issues combined have slowly been pushing companies to explore alternatives.
There unfortunately seems to be no such pressure in the US. Passkeys could solve the issue, but probably increase support request volumes enough for most companies to not bother unless forced.
Not with bots, though.
> I like that I can login from multiple devices and continue the conversation
This is also not possible with Telegram E2E, while it is with Signal and WhatsApp.
Key distribution is just too hard. I think we won't get a messenger for non-tech people that works well with multi-device and E2E basically ever.
they even have it on fb messenger and instagram (though they recently removed e2ee completely from instagram lol)
Now it uses the Signal protocol's native multi-device capabilities, specifically in the "key per device" variant (unlike signal itself, which uses "key per account" if I'm not mistaken).
It’s not proxied via primary, otherwise it wouldn’t work if primary were offline
That is correct, it doesn't work.
ref: https://faq.whatsapp.com/1317564962315842/?cms_platform=ipho...
> Use WhatsApp on your computer even when your phone is off.
ref: https://faq.whatsapp.com/378279804439436/?helpref=faq_conten...
I'm actually still jaded about this. Messenger worked fine before they broke it by introducing E2EE; it took years for them to fix the problems this caused (at least the ones that were immediately user-perceptible).
"Let's take people's years-long history between each other and just utterly break it. Why? 'privacy'" but they've never cared about it, they're opportunistic fucks. It's Zuckerberg's company to do with it "as he wishes" https://news.ycombinator.com/item?id=16770818
And how do you just get everyone you want to speak to use telegram?
e.g. their backend just 2 days ago (and since at least start of the year) was replacing referral links to amex (and i bet many other banks etc) with custom referral codes from russian guys (so when I sent my friend my referral link - it showed another referral link in out chat history on both ends). and their security team says its all good.
so unless you are using it for useless info - better use something else.
Is there any proof of the global telegram issue related to amex links? Sounds like BS
Hell, I got my whatsapp account suspended (appealed and reversed) just for using the official web client too soon after creating a new account.
If anyone from Meta is reading this - we've spoken to some of your managers and there's zero appetite from your side to address this market because it's too small. I would go out of my way to help you design this for free to solve the market need.
I guess they think it's a small market, or maybe you can't really monetize enterprise with ads and it's all they know how to do.
Recently, I used a separate WhatsApp account to interact with a group chat that I have with my friends. After about a week, they disabled the account, with no way to re-enable it.
An easier solution is to just not use WhatsApp at all and look for the alternatives for bot purposes. Telegram explicitly encourages bot usage with no risk of bans.
Do you mean “jurisdictions”?
There are still some European non-EU countries where you can get an anonymous phone number because laws are not fully enforced.
Nobody who knows law would use “legislation” in that sense, nor would they recognize it in that context, Humpty Dumpty.
I spun up a self hosted matrix server a few days ago using codex, docker compose, and ansible. Stupidly easy to do now. I'm running it in Hetzner on a 3.99 euro/month vm. It backs up every few hours to a bucket and I have a few integrity scripts to monitor the backups actually happen. I did that because I was getting a bit frustrated with the flaky integration with Whatsapp and Slack in openclaw. I had it up and running in half an hour with only minimal prompting.
Whatsapp kind of works but you end up chatting with yourself and then open claw posts messages as you. Not ideal. You can't easily create new users (or bot users) in Whatsapp. It probably has some kind of bot api of course but I did not explore that much.
I never quite managed to get Slack working with open claw. I tried for a few hours. I think the Slack team is asleep at the wheel snoozing through this whole AI thing. If somebody there is still paying attention to things like this, maybe make some noise internally. Anyway, they made it stupidly hard to do anything productive via their APIs. The UI for managing permissions is a disgraceful hell of complexity. Add permission. UI freezes for fifteen seconds. Reloads automatically. Unfreezes. Add the next. And whatever you do, there's always one more permission you forgot. *end rant*
Relative to Whatsapp and Slack, Matrix is stupidly easy to integrate with open claw, codex, or whatever. We're retiring Slack now as I see uses for agent driven chat bots everywhere now and I want to get rid of any kind of friction around bot related plumbing. I have no use for platforms that intentionally cripple that or treat as a toll booth.
With Matrix, you just create a bot user manually or via an API. Set a password, get an access token and do whatever. No API limits. No faff with QR codes. No permission hell (Slack). It just works. Well documented API. End to end encryption. Etc. Create as many bot users as you need. Nobody is bean counting API calls, numbers of users, etc. Refreshingly easy.
Other OSS messaging platforms are available of course. I do not have a strong opinion as to which is better yet. But now I want a Matrix cli that can do admin, message sending, and all the rest. Probably already exists. But if it doesn't I might end up generating one. Macli might be a good name.
Either they’ll double-down and make this even harder -or- hopefully realise that WhatsApp is likely to be a really common control plane for AI systems in the next few years. Let’s hope the Llama energy strikes and it’s the latter.
How does WhatsMeow compare with Baileys?
Baileys is also a great library with a big community and one of the primary maintainers of that is also helping us with the bridge/whatsmeow. WhatsApp integration in our old app, Texts, was built with it: https://github.com/textshq/platform-whatsapp
I would recommend whatsmeow over Baileys just because we are actively involved and incentivized to keep that working perfectly, and have a lot of data points to detect any issues with it at scale.
Just yesterday we spoke with a $50-100m ARR org org using baileys for internal messaging!
Couldnt they just use post-it notes internally and still be a $50-100m ARR org?
According to one of the founders there’s no better way for them to reach a lot of low-skill part-time employees reliably.
It shows the need to bring AI to where people already are and onto the platforms they already use.
As soon as you open up the api floodgate, you'll start to see nigerian prince agents on openclaw speed.
OT#2: Is it typical to put a package.json in a go project as replacement for a {Make,Just}file?
At least Whatsapp itself shows ad banners that you can now connect other messaging clients into Whatsapp, so it should be normal that other clients can equally access Whatsapp.
In any case, official interoperability is only for third-party messengers communicating with WhatsApp users, not for automation or bots, as I understand, so it's not a replacement for things like this project.
It seems Meta is able to set some rules about the interoperability making it very difficult for an FOSS implementation to emerge. Additionally organizations like Signal though technically interested in this interoperability have stated they won't lower their security standards for this.
How far back does the backfill actually go? Does it pull your full history from the primary device or is there some limit?
Who are these people using the cli?
Obviously it helps that one can pipe as it might see fit in the flow of an ad hoc filled need, and so leverage on mastered composable tools.
That will never be for everyone, but it will be for no one only the day it becomes logistically unsustainable to reach some endpoint though a CLI.
- automation - sometimes avoid enshittified, privacy-invading services - fast, responsive, keyboard-friendly, debloated but non-minimized, stabler interface
I just switched to Signal.
Whatsapp has some really stringent requirements on any kind of automation. E.g. Not messaging anyone automatically unless they messaged you with 24 hours, in fact, this is explicitly blocked if you use Meta's API. You have to use message templates in this case.
Also, any bots need to be verified with Meta etc.
And the TOS has gotten more strict recently, not less strict. So buyer beware here, Meta is really protective over reverse engineering WA protocol or automating it, so you can easily get yourself blocked or banned here.