Owner Lock Mechanism
This is CookAI's most important security mechanism. Understanding it is essential for using your Bot safely.
How It Works
After a Bot is created, the first person to send it a message automatically becomes the owner. This process is automatic and irreversible.
Important: After creating a Bot, always send the first message yourself! Don't share the Bot link before messaging it.
Technical Details
The owner-lock.js script runs automatically when the Bot's Docker container starts. It listens for the first incoming message, extracts the sender's Telegram User ID, and locks it as the owner.
// Simplified lock flow1. Container starts → owner-lock.js begins listening2. First message received → extract sender ID3. Write to config → owner = sender ID4. Lock complete → subsequent messages filtered by permissionsBehavior After Locking
Private Chat
- • Only the owner can privately chat with the Bot; messages from others are completely ignored
- • Allowlisted users (allowFrom) can also chat privately
Group Chat
- • Owner can use safe commands: /model, /status, /help, /new, /verbose, /reasoning
- • All commands from others are ignored
- • Everyone (including owner) can @Bot for conversation
Why This Design?
- • Prevent others from using your Bot's balance — only owner actions consume credits
- • Prevent unauthorized access — sensitive capabilities like file system and code execution are only available to the owner
- • Protect privacy — private chat content and memories are invisible to others
- • Simple and reliable — no complex registration needed, first message locks ownership