What are the main commands for qTox Directory bot?

The main commands are: update to register, dir to browse the directory, edit to customize your profile, pgp to start PGP verification, verify to complete PGP verification, and ? or HELP to show help.

Frequently Asked Questions

Q: How does PGP verification work?

PGP verification uses a cryptographic challenge-response: send your public key, sign a random challenge with your private key, and the bot verifies the signature. The bot never sees your private key.

Q: What about data security?

Everything is token-based. No usernames, emails, or passwords. Tokens are generated via your Tox client and unique Tox ID. What we don't have cannot be stolen.

Q: How do I get started?

Download a Tox client from tox.chat, add the qTox Directory bot to your friend list, send 'update ' to register, then 'dir' to browse and 'edit' to customize your profile.

We have answered a wide range of questions for your convenience

What are the main commands?

The main commands for communication with the qTox Directory bot are:

update <your Tox-ID>

Publish your Tox-ID to receive invites from other qTox Directory members. The Tox-ID must be 76 characters long and include the "noSpam" string and the checksum.

dir

Generate a token to access the qTox Directory user list.

edit

Generate a token to edit your qTox Directory profile page.

pgp <public-key>

Start PGP key verification. Paste your full ASCII armor public key. The bot will send a challenge to sign.

verify <signed-challenge>

Complete PGP verification by sending the clearsigned challenge.

? or HELP

Show the qTox Directory help center.

How does PGP verification work?

PGP verification uses a cryptographic challenge-response to prove you own a PGP key — no trust required, only mathematics.

Send pgp <your-public-key>
Bot sends you a random challenge string
Sign the challenge: echo "VERIFY-..." | gpg --clearsign
Send verify <signed-output>
Bot verifies the signature — if valid, your profile gets a verified badge

"Zero trust — only math."

The bot never sees your private key. It only verifies that a signature made by the private key matches the public key you provided.

What about data security?

Everything at qTox Directory is token based. We do not use credentials like a username, e-mail address, or password. It's only possible to generate a valid token with your Tox client (like qTox) and your unique Tox-ID.

"What we don't have cannot be stolen."

The only information we store in our database are the public profile and group information that users voluntarily provide.

How do I get started?

Download a Tox client
Add the bot to your friend list using this Tox ID:

198D99A1B7B9E32E62565DCC293315DF0C7EE4BF36B007B61E15F783A889EB1C55A063B89211

Send update <your-tox-id> to register
Send dir to browse the directory
Send edit to customize your profile