This Week in Matrix 2025-04-25
25.04.2025 00:00 β This Week in Matrix β HarHarLinksπDept of Status of Matrix π‘οΈ
Robin Riley (m.org) reports
We are delighted announce that LiveKit is the newest Silver Member of the Foundation! The LiveKit Project is an open source project that does everything Matrix needs for native group calls, and the company behind the project is donating their LiveKit Cloud services to help us provide that functionality to users on the Matrix.org homeserver. We're grateful for their support and look forward to announcing 2-3 more new Silver Members in the coming weeks π
πDept of Spec π
Andrew Morgan (anoa) {he/him} reports
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.
πMSC Status
New MSCs:
MSCs in Final Comment Period:
- No MSCs are in FCP.
Accepted MSCs:
- MSC3861: Next-generation auth for Matrix, based on OAuth 2.0/OIDC
- MSC2967: API scopes
- MSC2966: Usage of OAuth 2.0 Dynamic Client Registration in Matrix
- MSC2964: Usage of OAuth 2.0 authorization code grant and refresh token grant
Closed MSCs:
πSpec Updates
The update above is actually from the last 21 days to make up for the lack of spec updates recently (I've been travelling!).
In my opinion, the most interesting part to talk about above is MSC4284: Policy Servers. If you haven't already, read the matrix.org blog post on Introducing Policy Servers. In short, they're servers on the internet where you can send events to and have them be checked for spam/illegal imagery/etc. before allowing the event to be sent down to your users. You can think of them like a SpamChecker Synapse module, but homeserver implementation agnostic.
This is a pretty interesting idea, and one can host their own policy server to keep the network decentralised. If you're interested in weighing in on the topic, please do so on the MSC!
Note: the idea of a "policy server" is not new. This MSC attempts to bring the concept in to the Matrix ecosystem specifically for Trust & Safety purposes. But the APIs could be used to enforce any policy (security, enterprise use cases, etc.).