# Wiretrip > Wiretrip is a proprietary Discord moderation bot that catches self-bots, compromised accounts, and spam waves in milliseconds, by measuring behaviors no human nervous system can match. Built in Rust. No message content scanning, no privileged Discord intents. Wiretrip (also known as wiretrip, wiretrip bot, wiretrip discord bot) is a high-performance proprietary Discord security bot written in Rust. It protects Discord servers from self-bots, compromised accounts, and coordinated spam-wave attacks by analyzing behavioral metadata patterns rather than message content. The official website is https://wiretrip.lol. ## What Wiretrip Does Wiretrip identifies accounts that behave in ways no human can. A self-bot fires HTTP requests to Discord in parallel. It can start typing in three channels at the same time, react to messages while still composing, and post follow-ups in single-digit milliseconds. A real person needs roughly 300-500 milliseconds just to switch focus between two channels, and longer to start typing. The gap between human and bot behavior is enormous, and Wiretrip lives inside it. When that gap shows up on your server, Wiretrip catches it before the first spam message is even delivered. ## How It Works (Without Reading Your Messages) Discord's gateway broadcasts a stream of metadata events: who joined a channel, who started typing, who reacted, when a message was sent. Wiretrip subscribes to a small subset of these and correlates them across channels in real time. It looks at: - **Timing**: how fast events arrive from the same account - **Channel spread**: whether activity happens in one place or scattered across the server - **Account context**: signals Discord already exposes, like account age - **Optional canary contact**: hidden channels you can opt into, where any visit is suspicious by definition The model itself, including the exact thresholds and weights it uses, is intentionally not published. Wiretrip is proprietary specifically so that operators of automated tools cannot study the detector and bypass it. ## Why Operators Trust It - **No message scanning.** Wiretrip does not request the MESSAGE_CONTENT privileged intent. Discord does not send your message text to the bot. Even if Wiretrip wanted to read your server's messages, it could not. - **Built for speed.** Wiretrip is written in Rust and uses a lock-free in-memory correlator on the hot path. Detection latency is typically measured in milliseconds, not seconds. - **Safe defaults.** New servers start in `Log` mode. Wiretrip observes and posts evidence cards but takes no enforcement action until an admin explicitly enables it. - **Evidence, not vibes.** Every detection produces a structured card with the user, the channels involved, the cross-channel timing, and the score that triggered it. You can ban, timeout, or dismiss in one click. - **Role hierarchy aware.** Wiretrip never tries to ban or timeout someone outranked by their roles, and reports exactly why if it cannot act. - **Auditable.** Every action is logged. Detection history is kept for 90 days and pruned automatically. ## Key Features - Self-bot detection in real time - Compromised and hacked account detection (same engine catches accounts being abused for raids) - Coordinated spam-wave mitigation - Metadata-only analysis with zero message content access - Zero privileged Discord intents (no MESSAGE_CONTENT, no GUILD_MEMBERS, no PRESENCE) - Four enforcement modes: Log (observe only), Hybrid (manual ban button), Timeout, Enforce (auto-ban) - Per-guild configuration: mode, exempt roles, exempt users, sensitivity tuning - Optional canary channels (hidden honeypots that confirm rather than just suspect) - Persistent lifetime stats that survive restarts - 90-day detection history, auto-pruned - Multi-shard ready, scales transparently to large bot networks ## Installation 1. Visit https://wiretrip.lol and click "Add to Discord" 2. Authorize the bot. Required permissions: View Channels, Send Messages, Embed Links, Ban Members, Moderate Members 3. Run `/wiretrip setup` in your server to open the configuration dashboard 4. New servers start in safe `Log` mode by default; nothing is banned until an admin enables enforcement A typical safe rollout looks like this: 1. Install in `Log` mode for a few days. Watch the detection stream in your log channel. 2. When you trust what Wiretrip catches, switch to `Timeout` or `Hybrid` to bring a human reviewer into the loop. 3. Move to `Enforce` only after the detector has earned trust on your traffic. ## Commands All commands are guild-only and require the `Manage Server` permission. - `/wiretrip setup`: Open the interactive configuration dashboard - `/wiretrip status`: Current config + permission checklist - `/wiretrip stats`: Lifetime observation counters - `/wiretrip history`: Recent detections with retention - `/wiretrip test`: Post a synthetic detection to the log channel - `/wiretrip demo`: Post all four outcome types (TRAPPED / SPOTTED / FAILED / SKIPPED) for visual review - `/wiretrip exempt`: Mark a specific user as exempt from detection - `/wiretrip unexempt`: Remove a user from the exempt list - `/wiretrip exempt-list`: List all exempt users - `/wiretrip reset`: Reset configuration to safe defaults (Log mode) Additional administrative controls are available through the setup dashboard. ## Privacy Wiretrip subscribes to standard Discord gateway intents only. It does NOT request `MESSAGE_CONTENT`, the privileged Discord intent required to read message text. Without this intent, Discord returns empty content fields for all messages except DMs to the bot, messages sent by the bot itself, and messages that explicitly mention the bot. Wiretrip's detection logic does not depend on reading any message body. The local SQLite database stores: - Per-guild configuration - Onboarding state (installer user ID and timestamp) - Detection history (auto-pruned after 90 days) - Lifetime aggregate counters (no per-user attribution) All identifiers are Discord snowflakes (opaque integers). No usernames, no message content, no IPs are stored. ## Licensing Wiretrip is proprietary software. The source code is **not** open source and is not licensed for redistribution, modification, or commercial reuse. The detection model is intentionally closed so attackers cannot study and bypass it. All rights reserved. ## Links - Homepage: https://wiretrip.lol - Documentation: https://wiretrip.lol/docs - Commands reference: https://wiretrip.lol/commands - Modules overview: https://wiretrip.lol/modules - Live statistics: https://wiretrip.lol/stats - System status: https://wiretrip.lol/status - Support server: https://wiretrip.lol/support - Vote on bot lists: https://wiretrip.lol/vote - Privacy Policy: https://wiretrip.lol/privacy - Terms of Service: https://wiretrip.lol/terms