This Week in Matrix 2025-04-25

25.04.2025 00:00 — This Week in MatrixHarHarLinks

🔗Dept of Status of Matrix 🌡️

Robin Riley (m.org) reports

We are delighted announce that LiveKit is the newest Silver Member of the Foundation! The LiveKit Project is an open source project that does everything Matrix needs for native group calls, and the company behind the project is donating their LiveKit Cloud services to help us provide that functionality to users on the Matrix.org homeserver. We're grateful for their support and look forward to announcing 2-3 more new Silver Members in the coming weeks 🚀

🔗Dept of Spec 📜

Andrew Morgan (anoa) {he/him} reports

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/proposals.

🔗MSC Status

New MSCs:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

Accepted MSCs:

Closed MSCs:

🔗Spec Updates

The update above is actually from the last 21 days to make up for the lack of spec updates recently (I've been travelling!).

In my opinion, the most interesting part to talk about above is MSC4284: Policy Servers. If you haven't already, read the matrix.org blog post on Introducing Policy Servers. In short, they're servers on the internet where you can send events to and have them be checked for spam/illegal imagery/etc. before allowing the event to be sent down to your users. You can think of them like a SpamChecker Synapse module, but homeserver implementation agnostic.

This is a pretty interesting idea, and one can host their own policy server to keep the network decentralised. If you're interested in weighing in on the topic, please do so on the MSC!

Note: the idea of a "policy server" is not new. This MSC attempts to bring the concept in to the Matrix ecosystem specifically for Trust & Safety purposes. But the APIs could be used to enforce any policy (security, enterprise use cases, etc.).

Continue reading…

Introducing Policy Servers

17.04.2025 17:00 — General, Trust & Safety, PolicyJim Mackenzie, VP Trust & Safety — The Matrix.org Foundation

Last week, we shared details about ongoing attacks on Matrix. Over the past week or so, we’ve tested some new tooling to help combat abuse on matrix.org.

If you run your own Synapse server and your users are present in the Foundation’s community rooms, you can benefit from this tooling by installing an experimental Synapse module. You can find the code and installation instructions here. We’re deliberately taking the bold step of announcing a tool and also announcing its deprecation in the same post. This is experimental work, and we are iterating quickly. We expect to have an implementation in Synapse shortly, so the module will be discontinued around May 21.

🔗What are policy servers?

Policy servers are an overlapping layer of protection with existing community moderation tools such as Draupnir, Mjolnir and Meowlnir. Rooms can opt-in to this new layer of protection, recommending that servers participating in the room check events with a given policy server before they are sent to their clients. The policy server will pass an opinion on each event, recommending servers in the room to accept the event, or to reject it. For people in the room, this should be effectively invisible. Events which pass the check will be shown as normal, while ones which don’t will never make it through to their clients.

The Foundation intends to offer a policy server to room admins, but we hope that in time other providers will offer alternative policy servers. The Foundation is already running an experimental implementation for some of its public rooms, which we will release once we have confidence in the approach. We also expect that for many rooms, a policy server isn’t necessary, or spends most of the time in a low-power or disabled state. Element and the Foundation are exploring these ideas over the coming weeks.

🔗Get involved

MSC4284 is now open to support this work. Please get involved in the MSC, and help us to improve this addition to safety tooling for the network. We’d especially like to see implementations for non-Synapse servers.

Folks who run communities on Matrix who would like to test our policy server, reach out to us at abuse@matrix.org, using the subject policy-server-alpha.

This Week in Matrix 2025-04-11

11.04.2025 15:30 — This Week in MatrixThib

🔗Matrix Live

Migrating millions of matrixers to MAS

🔗Dept of Status of Matrix 🌡️

Quentin Gliech says

🔗Matrix.org now uses MAS!

On Monday this week, the backend team at Element successfully migrated Matrix.org to use matrix-authentication-service (MAS).
This happened right after the core MSCs for next-generation auth got merged into the Matrix spec!

After a full week of running MAS on Matrix.org, we're happy to call the migration a great success! 🕺

This means Matrix.org users now have a new home to manage their accounts: account.matrix.org

You can read more about the migration on the Matrix.org blog:
👉 Matrix.org is now running MAS!
...and what it means for Element users on the Element blog:
👉 MAS migration unleashes Element X on Matrix.org

We're still ironing out a few bugs, so if you’ve experienced any issues related to the migration, let us know in #matrix-auth:matrix.org!

Continue reading…

Matrix.org is now running MAS!

08.04.2025 15:30 — matrix.org homeserverQuentin

We're thrilled to announce that the migration of matrix.org to the Matrix Authentication Service (MAS) is complete and went according to plan - having been running for over 24h in our brave new world, we’re declaring the migration a success! As of Monday April 7th 07:30 UTC, matrix.org is running on Matrix’s next-generation auth system based on OAuth 2.0/OpenID Connect.

This is no mean feat - the migration shifted all 45M access tokens and 110M users from Synapse to MAS in under 30 minutes (thanks in part to MAS’s cheeky use of the x86-64-v2 architecture; who knew that database migrations can be SIMD-accelerated?) - and represents the culmination of over 4 years of work to move Matrix to a modern authentication standard. Many thanks go to Element for funding, Hugh, Olivier and many other contributors who helped me make Next Gen Auth happen!

Continue reading…

This Week in Matrix 2025-04-04

04.04.2025 00:00 — This Week in MatrixMTRNord

🔗Matrix Live

🔗Dept of Clients 📱

🔗Element X iOS (website)

A total rewrite of Element-iOS using the Matrix Rust SDK underneath and targeting devices running iOS 16+.

Mauro Romito announces

  • We are working on implementing a feature to report a room or an invite the contains offensive content
  • Also improved our Notification Service Extension to consume less memory
  • Updated our app icon
  • Some small accessibility improvements were added
  • Fixed a crash that might happen when backgrounding the app

🔗🧭: Dept of Guides 🧭

Wi11 wrote:

With MAS (Matrix Authentication Service) becoming a prominent part of the Matrix ecosystem, and the removal of the fallback Element provided MatrixRTC backend (Element Call), I wrote a couple of blog articles to document how I installed both with Docker Compose and configured them with Synapse.

Whilst the official docs are very good, perhaps this may be useful as a happy path guide for those who want to use docker compose, MAS, and the Element Call backend, together with Synapse.

➡️ Deploying an Element Call backend (MatrixRTC) with Docker Compose, and configured with Synapse

➡️ Deploying MAS with Docker Compose, migrating users, and configured with Synapse

Continue reading…

Matrix.org will migrate to MAS on Apr 7th 2025

02.04.2025 15:00 — matrix.org homeserverQuentin

On Monday 7th of April 2025 at 7am UTC, we will migrate the Matrix.org homeserver's authentication system over to MAS (Matrix Authentication Service) in order to benefit from Next-generation authentication.

The migration will involve up to one hour of downtime.

MSC3861 (Next-generation auth for Matrix, based on OAuth 2.0/OpenID Connect (OIDC)) and its dependent MSCs have progressed sufficiently that the Foundation is confident in MAS and the new next-generation auth APIs. Specifically, all the MSCs are now in or have passed Final Comment Period (FCP) with disposition to merge! 🎉

We expect the MSCs to finish FCP and get merged into the next spec release. The full list of core Next-gen Auth MSCs is:

This is incredibly exciting, reflecting 4 years of work on next-generation auth, and brings with it a new account management interface, additional security, and a better registration experience.

Continue reading…

This Week in Matrix 2025-03-28

28.03.2025 00:00 — This Week in MatrixThib

🔗Matrix Live

🔗Dept of Status of Matrix 🌡️

Robin Riley (m.org) reports

The Matrix.org Foundation is proud to join likeminded organisations in endorsing the United Nations Open Source Principles, a set of guidelines to promote collaboration and adoption of open source around the globe.

Robin Riley (m.org) says

Please join me in welcoming the newest Silver Member of the Matrix.org Foundation: SSH Communications Security! We're grateful to SSH for stepping up to support the Foundation's mission and stewardship of the Matrix protocol.

Does your organization rely on Matrix? We're working hard to close our budget gap, and we need your help. Join the Foundation to ensure Matrix has robust stewardship well into the future.

Continue reading…

Matrix v1.14 release

27.03.2025 16:53 — Releases, SpecTravis Ralston

Hey all,

We're right at the end of Q1 2025 with a new spec release: Matrix 1.14! Our original plan was to cut this release around FOSDEM with some Matrix 2.0 functionality, but ended up needing to push the release out due to those MSCs not quite being ready. As we're cutting this release though, several of the Next Generation Authentication MSCs are progressing through FCP and could do with a release once written up as spec PRs. We anticipate that Matrix 1.15 will be that release, and go out early in Q2 2025.

This release brings just 3 MSCs to the world, largely because the SCT has been focusing so much on Matrix 2.0 objectives. The only feature introduced is the report user endpoint, to complement last release's report room endpoint - everything else is primarily maintenance of the spec. The full changelog is below, as always.

Continue reading…

This Week in Matrix 2025-03-21

21.03.2025 17:00 — This Week in MatrixThib

🔗Matrix Live

🔗Dept of Status of Matrix 🌡️

🔗Trust and Safety Research and Documentation Working Group

Nico announces

As part of my work for the Trust and Safety Committee I am trying to establish a working group to help with researching and documenting the state of T&S across the ecosystem. If that sounds interesting to you, please poke your head into #governing-board-office:matrix.org and tell us!

To summarize what the group is about, the current proposal looks like this:

To make appropriate decisions, the T&S committee needs to know about the state of T&S in the wider ecosystem. It needs to have insights into current challenges, solutions and initiatives. On the other hand the community can also benefit from having some of that information documented. The T&S R&D WG is a tool to help with that. It includes a wider set of individuals and reports their research results to the T&S committee. In some cases the WG is also encouraged to enhance the documentation on matrix.org to help communities and users on Matrix moderate their rooms. The T&S committee might sometimes ask the WG for help in researching specific topics in more detail to guide their decisions.

🔗Pledge of Confidentiality

The WG will sometimes have to deal or come in contact with confidential data, possibly because of legal reasons, possibly because of active abuse concerns. While the WG is encouraged to be open, there will be times where the WG should keep certain information confidential and only share it with specific individuals. As the WG we pledge to keep information confidential when necessary while still being transparent and open where possible. The T&S committee may decide to remove members from the WG if it sees a member abusing their access to information or not acting in a trustworthy manner by sharing information the group agreed to keep confidential. This should be a last resort, needs a majority in the T&S committee and should be preceded by appropriate communication and warnings.

🔗Typical Tasks

  • Gather information about current moderation challenges on Matrix and keep structured notes about them
  • Maintain an overview of available moderation tools and their capabilities
  • Create and maintain moderation guides on matrix.org in collaboration with the Website or Documentation WGs
  • Reach out to moderators to gather feedback or offer advice
  • Reports insights and opinions to the T&S committee and possibly other T&S working groups
  • Potentially collaborate on proposals with the T&S committee or other WGs
  • Turn some of their research into MSCs and collaboratively push them to completion as well as advise on other MSCs from a T&S perspective

Continue reading…