1. 42
  1. 18

    I am thrilled to be one of the newly announced Guardians of the non-profit foundation. I’m happy to answer any questions people may have, though bearing in mind that I’m going to be a little distracted for the next while until my son goes to bed.

    1. 5

      How were you and the other guardians for the non-profit foundation chosen? Also, what do you expect your day to day work with the foundation to be like? (I mean in this in the most prosaic sense - is there a physical office you go to, or is the work something you will mostly do over email and at occasional conferences? Is this a full-time job that they’re paying you for, or do you do something else with your time as well? These sorts of details are something I’ve wondered about for many non-profit advisory councils associated with open-source software projects, and since you’re here offering to answer questions I thought this would be a good time to do so :) )

      1. 4

        We were chosen by Matthew and Amandine who were, by virtue of starting the foundation, the only Guardians that existed before.

        The Guardian position is definitely not a full time job, and it is not paid. We are spread out across multiple continents, so our communications will take place mostly virtually (over Matrix, naturally) though we may get together physically from time to time. I’m sure New Vector would be happy to loan me a desk to work out if I’m in London, but there is no physical office.

        1. 4

          The process we went through in selecting the Guardians was to ask folks who:

          • Are clearly philosophically aligned with the goals of the project (i.e. radical decentralisation and liberation of communication)
          • Are widely recognised as independent experts, trusted by the community to keep the project honest
          • Are independent of commercial factions in Matrix
          • Ideally use Matrix already, and represent some subset of the community (e.g. Ross on the ‘personal homeserver & legal’ side, Jutta on the ‘corporate homeserver’ side, Jon on the academic side.).
          • Have experience and understanding of the responsibilities and requirements of being non-exec directors of a non-profit

          This narrows it down quite a lot, and we thought very carefully about who to invite to join - and happy to say that all our first choices accepted :)

      2. 4

        Congrats on the release!

        What is the official position on bridges?

        Take sms bridge. If done right, can completely replace sms software for Android, that would be a huge win for freedom.

        1. 4

          I don’t know that the foundation has an official position on bridges, but if we did it would probably be something like \o/.

          The more the merrier!

          1. 2

            What do you mean by position? There exist a couple of sms bridges

            1. 2

              If resources of the foundation (grant money or something) will be devoted to it.

              1. 4

                Currently the Foundation has very little financial resources, beyond a stack of t-shirts and the monthly donations arriving via Patreon & Liberapay. However, New Vector has one person working fulltime on bridges, plus a GSOC student and some support from the rest of the team. The main priority is on IRC, Slack and XMPP, but we try to help other bridge development as best we can too.

                1. 1

                  That’s the answer I was looking for, thanks.

            2. 1

              You may be interested in jmp.chat – if you want to use it from Matrix IIRC there is work happening on a good XMPP bridge so it should be possible.

              1. 2


                Wow, interesting, thanks.

          2. 5

            I have a few questions I’d love to know about Matrix:

            1. Can I run a matrix server in my house if it is behind a NAT?
            2. Do I have to have a domain name if I want to run a server?
            3. Am I able to change the domain name of my server without breaking my account?
            4. Is there a statement anywhere of exactly what information is public, like the source and target of each message. What I want to know is what metadata is public (also with encryption enabled)
            5. Is it possible to backup my data elsewhere such that I can restore my identity and social connections to a new server if the old one shuts down suddenly?
            1. 7
              1. Yes, but you would have to enable port forwarding. For carrier-grade NATs you might need something like a WireGuard VPN to publicly expose your server.
              2. Yes, using an IP address is only supported for development purposes, don’t do this in production.
              3. No, when MSC1228 is implemented this will be possible. But I assume that won’t happen too soon. While you currently can’t change the domain that is included in your identity (@user:example.org) you can change the domain where your server is running. E.g. your username can be @user:example.org while your server is running at matrix.example.org. This is documented here. You can later change the domain where your server is running, but the domain in your username is fixed. I would recommend not to include a matrix.-prefix in the username domain.
              4. If e2e-encryption is enabled in a room, all content (text messages, images, files, one-to-one voice calls) is encrypted end-to-end. Room membership, permissions and invitations are visible to the adminstrators of the participating Matrix servers. Integration stuff like group voice conferences via Jitsi are visible to the server administrators of the integration server (which is usually vector.im).
              5. You can do regular backups of the database and the media directory, as long as you keep control of your domain you can spin up a new server and just restore the data.
              1. 1

                Thanks for your answers MazeChaZer!

                A few clarifications: for 4 I’m interested if there is any effort to hide things like message sizes, file sizes, file names. How is the membership list restricted only to participating matrix servers?

                For 5 I’m talking about the situation where my hosting server shuts down (say I’m using a service that decided to shutter). Am I able to restore my backup on another server? It sounds like the answer is no. Which means that to be safe you should never sign up with a domain name you don’t control. Could you set up you own domain name and point it to another matrix server’s domain which you don’t control and sign up that way?

                1. 1
                  1. I’m not aware of any efforts to hide message or file sizes. But the file names should be encrypted as part of the message content. Membership list is restricted to participating servers because you can only access the membership list if you’re part of a room. Federation doesn’t mean that every bit of available data is publicly exposed.
                  2. Yes this is correct, I recommend that you get your own domain name. Then you can use the domain you control for your username and the hoster domain that you don’t control for the server itself. On how to connect these domains see the federation doc I linked above.
            2. 3

              Using X.509 certificates to trust servers rather than perspective notaries, to simplify and improve server-side trust. This is a breaking change across Matrix, and we’ve given the community several months now to ensure their homeservers run a valid TLS certificate.

              Nooooo, not TLS! (Looking at the specs…) Ah, HTTP. Building on existing software, then. Got it.

              I’m more a fan of building simpler stuff from scratch, though. In this case, this would have meant using something like Noise, which is so much simpler than TLS. And maybe ditch HTTP in favour of a custom binary protocol. And probably triple time to market, so…

              1. 12

                You may be interested in https://matrix.org/blog/2019/03/12/breaking-the-100-bps-barrier-with-matrix-meshsim-coap-proxy/ then :) (Imagine that the video didn’t break the layout in the new blog engine…)

                1. 1

                  really interesting! Hope this gets the attention that it deserves!

              2. 1

                I hope this could serve as a starting point for a more lightweight Synapse implementation, for small user-counts.

                1. 3

                  While I certainly wouldn’t call synapse lightweight, I wouldn’t say that it’s prohibitively heavy either.

                  I have it running on a $10/mo VPS (2GBs of RAM and 1vcpu, SSD boot disk). The synapse process generally sticks around 200MBs of active memory for my usage (2 users, and not sitting in any rooms that have more than about ~1000 people in them. I have joined some of the large rooms briefly, and they don’t seem to give my server too much trouble). The nginx and postgresql ram and cpu utilization are negligible.

                  I use the VPS for other stuff so I plan to keep it the same size, but if I was running only synapse, I’d wager it would be fine on a smaller instance, provided you stayed out of large rooms such as matrixhq and synapse-admins. If you were strictly talking in local rooms to a small number of your friends, I bet a raspberry pi could handle it.

                  1. 1

                    You’ right, lightweight wasn’t the right tern. I was thinking more of something that along the lines that doesn’t multiple components such as a DBMS, that all have to be configured and maintained. You know, something you can just install, run a configuration script then inform your init system about it, and be done with it. After all, lowering the barrier of setting such a system up, promotes federation.

                    1. 1

                      Ah, yeah, I see what you’re saying. There is definitely some assembly required. I suppose if you went with sqlite, and did away with the webserver in front of synapse, you could lower the barrier of entry a bit. Though, I don’t know how much performance would suffer there.

                      Debian does package synapse (https://packages.debian.org/stretch-backports/matrix-synapse), so that may help a bit in terms of letting the init system know, etc.

                      1. 1

                        synapse with sqlite is abysmally slow

                        even on a home server with just one user there will be concurrent db access all the time while federating

                2. 0

                  Have they fixed the protocol yet, in particular to trusting poisoned graphs?

                  1. 4

                    grins wryly that an article which is all about “hey look we fixed the protocol and released a 1.0” is met with questions about whether we’ve fixed the protocol

                    1. 2

                      I’m not sure what you mean by that, but matrix 1.0 and synapse 1.0 include room version 4, which includes the new state resolution algorithm, which is probably the fix to what you refer to.