Hi, I'm
Thu Paing Oo
I architect systems that run while you sleep — from intelligent Telegram bots to full-stack platforms with bulletproof API layers. Complexity is my playground.
2+
Years of Experience
24/7
System Uptime
∞
Bots Deployed
100%
Remote Available
{ uptime: "99.9%" }
Years Exp.
Full-Stack Dev
// 01. About Me
I Don't Just Write Code. I Build Machines.
When a problem is too complex, too persistent, or needs to run at 3am without anyone watching — that's where I come in. I specialize in architecting robust, automated systems that handle the hard parts so you don't have to.
From Telegram bots protecting thousands of users with anti-cheat logic, to media processing pipelines that generate content autonomously — I build the infrastructure other developers rely on.
Architecture-First Thinking
Every system designed to scale before it needs to.
24/7 Autonomous Systems
Production bots running without human intervention.
Anti-Cheat & Security Logic
Behavioral analysis, HMAC signing, replay prevention.
Zero-Downtime Deployment
Docker-based CI/CD on Linux VPS with Nginx proxy.
// 02. Tech Stack
Tools I Wield to Solve Hard Problems
Hover each icon to see proficiency. Every tool is battle-tested in production systems.
Languages
6 toolsFrontend
5 toolsInfrastructure
6 toolsBot & Automation
5 toolsFull technology index
// 03. Case Studies
Real Problems. Engineered Solutions.
These are internal / client-confidential projects. No live links — but here's the full architecture, problem, and solution.
Telegram Mini-App & Anti-Cheat Bot
The Problem
Players were exploiting API endpoints to forge scores — hundreds of requests per second with faked timestamps and replay attacks flooding the leaderboard.
The Solution
Layered anti-cheat: HMAC-signed requests with one-time nonces, behavioral velocity analysis detecting inhuman patterns, and a silent shadow-ban queue.
# Anti-replay HMAC middleware import hmac, hashlib, time from fastapi import HTTPException, Request from functools import wraps _used_nonces: set = set() def verify_request(secret: str): def decorator(func): @wraps(func) async def wrapper(req: Request, **kwargs): token = req.headers.get("X-Auth-Token") nonce = req.headers.get("X-Nonce") ts = float(req.headers.get("X-Timestamp", 0)) # 1. ±30s timestamp window if abs(time.time() - ts) > 30: raise HTTPException(401, "Request expired") # 2. One-time nonce → prevent replay if nonce in _used_nonces: raise HTTPException(401, "Replay detected") _used_nonces.add(nonce) # 3. HMAC-SHA256 verify expected = hmac.new( secret.encode(), f"{nonce}:{ts}".encode(), hashlib.sha256 ).hexdigest() if not hmac.compare_digest(token, expected): raise HTTPException(403, "Invalid signature") return await func(req, **kwargs) return wrapper return decorator
↑ HMAC + nonce anti-replay middleware
Media Processing Automation Pipeline
The Problem
Content creators processing dozens of videos daily — manual subtitle extraction, translation and re-encoding was taking 4–6 hours per video.
The Solution
A Telegram bot media studio. Send a video link, receive a fully processed file. Redis queue handles concurrent jobs — per-video time down to under 8 minutes.
Step-by-step breakdown
Input Source
Video URL or file upload via bot command
<1sMedia Analysis
FFprobe extracts codec, duration & streams
~2sSubtitle Parse
SRT/ASS tokenizer + HTML entity cleanup
~3sAI Translate
Batched GPT calls with subtitle context window
~8sMux & Encode
FFmpeg burns subtitles & re-encodes output
~4mDelivery
Bot sends compressed file via Telegram API
<30s