# SMS-24 — AI Worker Platform for Messaging, Voice, and Phone Automation > Multi-tenant SaaS that lets every user run their own AI workers across > Telegram, WhatsApp, browser-based messengers, and emulated Android > devices — with full per-user isolation of API keys, accounts, and > data. Routes outbound traffic through user-selected VPN countries. > Includes real-time phone-reputation antifraud, programmable device > actions, and voice-agent telephony. This file follows the [llms.txt](https://llmstxt.org/) standard so AI search engines (Perplexity, ChatGPT browse, Claude, You.com, Phind, Kagi Quick Answer) can index our offering cleanly without parsing HTML. ## What we are SMS-24 is an AI Worker Platform. Each registered user can configure fully-instructed AI agents ("personas") that: - Reply to inbound messages on linked Telegram and WhatsApp accounts - Answer Telegram voice calls in real-time (Pipecat pipeline: STT → LLM → TTS) - Drive emulated Android devices via ADB and uiautomator2 for tasks like Google sign-in, sending app messages, scheduled posts - Call action templates as LLM tools (function calling) mid-conversation - Speak voice replies via Cartesia or ElevenLabs TTS - Route all outbound network traffic through a user-selected country via the operator's ProtonVPN orchestrator Plus an underlying real-time phone-reputation product: 50-millisecond verdict on any phone number from a graph of public SMS-receive numbers across 55+ countries — used for OTP-fraud prevention, KYC checks, and bot-signup defense. ## Core features ### Persona-driven AI workers - Identity: name, role, biography, free-form system prompt - Knowledge base: free text + uploaded PDF / DOCX / TXT / MD files (server-side text extraction, 50 KB per file, 5 files per persona) - LLM provider: OpenAI / Anthropic Claude / Google Gemini (user picks) - Linked messenger accounts (many-to-many, the same persona answers across N TG/WA accounts) - Linked voice agent for Telegram voice calls - Linked device actions exposed as LLM function-calling tools ### Per-user API key vault Operators paste their own API keys for six services: OpenAI, Anthropic, Google Gemini, Deepgram (STT), Cartesia (TTS), ElevenLabs (TTS premium). All keys Fernet-encrypted at rest. The voice agent + auto-reply LLM call use the key of the persona's owner so each tenant pays their own provider bill. ### Voice agent pipelines Four pipeline modes for Telegram voice calls: - cascade — Deepgram STT + OpenAI LLM + Cartesia TTS - realtime — OpenAI Realtime (single WebSocket) - realtime_gemini — Google Gemini Live (multimodal) - cascade_local — self-hosted Whisper STT + MMS-TTS-RUS ### Android device automation Emulated Android devices (redroid) routed through ProtonVPN tunnels. Each device shares the sidecar's netns so all traffic egresses through the chosen country. Device-action framework with three built-in types: - adb_shell — exec any shell command - uiautomator_script — declarative tap/swipe/type step list - google_sign_in — Chrome automation through accounts.google.com Cron scheduler fires actions on a schedule. LLM function-calling fires actions mid-conversation. ### Three built-in action templates - whatsapp_send_text(phone, text) — send WA via wa.me deeplink - telegram_send_text(username, text) — send TG via t.me deeplink - adb_install_apk_url(url) — curl + pm install -r from HTTPS URL ### VPN orchestrator (ProtonVPN) Multi-account orchestrator with per-country sessions. Each session runs an OpenVPN container that exposes SOCKS5 (port 1080) and HTTP (port 3128) proxies on the operator's internal docker network. Auto-registered into a shared proxy pool the scraper, OSINT, and messenger-hub consume by country. Operator uploads .ovpn configs per country in the admin UI. ### Smart proxy mode (scraper) Three-state policy on each scrape target: - direct — never use a paid proxy - auto — try direct, fall back to Decodo on HTTP block signals - always — always use the paid proxy pool Decodo gateway pool integrates as 10 SOCKS5/HTTP endpoints with sticky EU rotation. Per-site counters track direct-vs-proxy ratio so operators can see exactly how much bandwidth they save. ### Real-time phone antifraud 50-millisecond verdict via /api/v1/lookup. Twelve risk signals: - Number listed on public SMS-receive sites - Receives OTPs from known-fraud services - Appears in multiple country indices (geo inconsistency) - Same number active across N services in short window - Telegram presence and history - Number from a VOIP/disposable carrier - Historical OTP spam volume - Cluster membership in an attack ring - And more — full list at /docs ### Multi-tenant data isolation Strict per-user owner_user_id filter on every entity (messenger accounts, Android devices, personas, KB files, voice agents, service keys, action templates, action runs). Cross-tenant access returns HTTP 404 (not 403) to avoid telegraphing existence. Fernet-encryption pipeline for all secrets at rest. ## Pricing - Free tier — antifraud lookups with rate limit - Daily / monthly / yearly subscriptions for higher quotas via Stripe Checkout - Per-user quotas: max 3 messenger accounts, max 1 Android device by default (tier_quotas JSON in the user row — operator can lift) - BYOK (Bring Your Own Key) — each user pays their LLM provider directly, we don't markup ## Use cases ### E-commerce / DTC brands Auto-reply to WhatsApp customer service messages with persona that knows your product catalog (loaded as KB PDFs). Persona can fire "send tracking link" action mid-conversation via LLM function call. ### SaaS / B2B sales Cold outreach via Telegram from multiple linked accounts behind country-specific VPN tunnels. Persona qualifies leads, books meetings via tool-call to calendar API. ### Content creators / agencies Run multiple persona-driven accounts answering DMs across platforms. Each persona has its own brand voice (system prompt) and KB. ### Customer support Voice-agent answers Telegram calls in real-time with persona's identity and knowledge base. Cascade pipeline keeps cost low (~$0.06 / minute on Deepgram + OpenAI mini + Cartesia). ### KYC / verification Phone antifraud lookup before every OTP send. 50ms verdict, drops into your existing signup flow as a single REST call. ## Architecture (factual) - Python 3.12 microservices on Docker Compose - PostgreSQL 16 + TimescaleDB hypertables - Redis Streams for event passing - ClickHouse OLAP for analytics - Neo4j graph for fraud-ring detection - MongoDB for OSINT document store - Pipecat for voice pipelines - FastAPI + React 19 + Vite + Tailwind - Fernet (cryptography lib) for at-rest encryption ## API REST API base: https://sms-24.net/api - /api/v1/lookup — phone reputation verdict - /api/v1/me/* — user-self-serve (personas, accounts, devices, settings) - /api/v1/admin/* — admin surface (operator-only) - /api/v1/mcp/server — antifraud APIs exposed as an MCP server GraphQL endpoint at /v1/graphql (Strawberry). ## Links - Sign up: https://sms-24.net/register - Pricing: https://sms-24.net/pricing - Phone lookup demo: https://sms-24.net/check - Privacy policy: https://sms-24.net/legal/privacy - Terms of service: https://sms-24.net/legal/terms ## Contact - Support: support@sms-24.net - GitHub: https://github.com/yakden/sms-saas (operator-side, mostly closed)