Matrix Client Tutorial(uhoreg.gitlab.io) |
Matrix Client Tutorial(uhoreg.gitlab.io) |
Or at least have an option for it. Not a 'Oh you loaded, now click this button to load again please' prompt whenever I launch it.
Matrix without encryption is as simple as it gets - e.g. here was a younger, happier me writing a working client in 8 lines of bash: https://news.ycombinator.com/item?id=20948530
With encryption, inevitably things get way more complicated - especially in a decentralised network which needs to be byzantine fault tolerant. As you say, we've successfully simplified this by providing best-in-class implementations like matrix-rust-sdk-crypto - which i'd argue is the equivalent to Wireguard (which under the hood is a bunch of gnarly crypto, even if the API it exposes it simple).
In the end, encrypting messaging is just way harder than a VPN. The encryption hooks need to know the membership of the room (as users), the membership of the room (as devices), verify identities of all devices and their users to prevent MITM, verify that only the right devices can be added to the room, handle accessing history for new logins and new joiners, handle backing up history if you log out of all devices, handle receiving msgs if you log out of all devices, handle encrypted push notifs and allow multiple processes (push, share extension, etc) to share the same crypto state, scale to thousands of devices, etc etc.
Meanwhile if you simplify that by removing PFS - sure, some of it gets better ("the room history gets encrypted by a static password!") but then breaching that secret from any client at any point trivially leaks the whole history of the room.
In terms of "Matrix as an open protocol isn't very successful", i suggest taking a look at https://2024.matrix.org/watch/ for the zeitgeist from a few weeks ago. It's working for some folks at least.
For example I've been using SimpleX in a group chat for a year now and had no issues at all.
Also, this blog post is still I'm hoping for to be realized sometimes soon: Breaking the 100bps barrier with Matrix, meshsim and coap-proxy (2019): https://matrix.org/blog/2019/03/12/breaking-the-100-bps-barr...
I hope you're okay.
I have notifications set up for anything Matrix/ XMPP on HN, and I very often see you in the comments. Some of the threads on here are really harsh and unnecessarily snarky, I don't know how you do it. You're doing great.
I run indie conferences for a living [0]. From 2020 - 2023 we gave Matrix a serious shot: enough to risk losing audience members who found the UX unbearable. Then a third of my ticket holders threatened to leave if we kept using it. I was forced to drop it [1].
This year, I’m self-hosting Revolt, a lightweight Discord clone. Unlike Matrix my community's actually loving it. If Matrix leadership is reading this, take heed.
Yes, I'm aware of the Ansible script, but should that really be the only somewhat reasonable option? When Matrix wrote " Matrix 2.0 a new chance if you gave up on us in the past".
I listened, but without a somewhat reasonable setup process for the server and the ongoing confusion in terms of clients, it hasn't gotten any easier to onboard to Matrix, unfortunately.
That is: 2 binaries (conduit + caddy) + 5 lines of toml config for Conduit and 2 line of config for Caddy + 1 database file. That's all you need for a basic homeserver.
And shoving the ansible script into people's faces is not a solution. I never used Ansible, and I won't start using it just because it's "easier" to setup Matrix with it, instead of setting it up by myself.
All services I self-host are quite easy to setup, Matrix so far has been a bit more difficult, but not that hard.
I’ve been wanting to write a Matrix client for a while now, but found myself too caught up in getting even an existing library to work: The Rust SDK, the most maintained and batteries-included SDK, doesn’t have JS bindings and the JS SDK is insufficiently documented and generally seems a bit crusty.
In general I find there to be a bit of a lack of guides on implementing Matrix, which is probability a factor in there not being that many implementations.
A hello world example for v3 that will be great. To understand how to actually register a new account on the matrix server with Registration Token enabled server.
I kind of miss making IRC bots where things were much simpler and ... quicker honestly (latency wise).
[1] https://uhoreg.gitlab.io/matrix-tutorial/sync.html#:~:text=w...
(Examples include: custom emoji, functional search of encrypted chats, pinned messages or some sort of MOTD, forwarding messages, etc)
As a client, Element has all of these (encrypted search only on Desktop for now) other than custom emoji.
I'm not trying to dismiss them, but just explain that a) we did listen, b) we are listening, c) we're trying to fix it. Fwiw https://youtu.be/gHyHO3xPfQU?t=497 showcases what we've been doing. Perhaps I should leave all the "Matrix sucks" feedback unchallenged, but i'm trying to stand up for the work we've been doing to fix it.
Edits get a `"m.relates_to": {"event_id": ..., "rel_type": "m.replace"}` field in the body, and `"m.new_content": {...}`, containing the plain-text and HTML versions of the message (while also keeping a copy of both, typically with a prepended "*", outside "m.new_content", for backwards compatibility; yes, that's 4 (four) copies of the message text in an edit; for some while Element generated up to 10 (ten) copies IIRC, due to some proposed extension(s), but that seems to be gone thankfully).
Reply messages get `"m.relates_to": {"m.in_reply_to": {"event_id": ...}}` - an annoyingly different format from the edits. It might look like that that allows an edit to change which message is being replied to, but nope, last I checked, that's not supported. Oh and for backwards compatibility a <mx-reply> HTML element is to be prepended, containing a copy of the replied-to message and its info (and yes, that means that the replied-to message effectively can't be deleted as the reply will still contain its text; luckily clients can choose to do not generate such <mx-reply>, but Element still does). And if you want to actually get proper reliable info about the replied-to event, you have to just make an API request for every single one you want to display (unless you happen to already have a cached copy, which luckily for replies is reasonably common).
And then there's threads - again in the name of crappy backwards-compatibility there's a mess - within-thread replies imitate a reply to the last in-thread message, along with `"m.relates_to": {"event_id": ..., "rel_type": "m.thread", "is_falling_back": true, ...}`, that "is_falling_back" indicating that this isn't actually a reply (being false when you want an actual reply). And clients are "supposed" to also handle replies to in-thread messages without the "m.thread" relation (which'd come from clients not supporting threads), but as far as I can tell there's no way do to it while paginating without making an API request per every single message (and yes Element behaves quite buggily here).
And then there are some things that can't be reasonably handled - the context/message listing/pagination APIs don't give any reaction info (besides the reaction events themselves in chronological position of their addition), so reaction presence/counts in history view must be calculated by clients, and thus won't be able to show ones that were posted a while after the messages. (there used to be some aggregation provided, but it's since been removed!!!) I think the only way to do this properly is truly just making an API request of "list reactions" for every single message the client wants to show.
This may make it seem like Matrix has an extremely firm stance on backwards-compatibility, but nope - recently they deprecated & made non-functional the unauthenticated API retrieval of media, making it impossible for clients not supporting video/audio/image display to just open those in the browser, instead forcing them to have custom file downloading & saving code, and also making it impossible to link to media within a message. There was a window of 6 (or less?) months between the new API being finalized, and the old one being removed.
However many years ago I started work on my matrix client I was rather surprised it ever allowed direct links to media in the first place, but then again Discord had done the same mistake. But at least Discord's solution is more sensible, providing temporary links.
Replies to threads from thread-unsupporting clients are the one potentially-hard thing federation-wise, as doing it properly would require the server to trace back the reply and from that handling it as in the thread, but that's not far from what servers already have to do with edits. Or you could also just not require/suggest that behavior, having replies without thread metadata always be outside of threads; would probably save on confusion too, as the illusion would break anyway when someone on a client without thread support would not do a reply on some message after having used replies on others.
There might be some graph core to it, but it's still primarily a messaging service. Opening the client spec will show you tons of messaging-specific APIs.
I utterly disagree that saving a half-dozen lines in largely-useless toy clients is worth making more feature-complete clients more complex, and doubling the size of every edit event.
Doesn't "some messages are missing" trait defeat the point of a reliable communication protocol?
Python has had 664 PEPs in 23 years (29 per year). XMPP has received 495 XEPs in 23 years (22½ per year).
Matrix has received about 650 in 8 years (>81 per year). Four times the change rate is quite annoying when writing code against the spec. Plus, most XMPP clients only support a fraction of the full spec, so by that comparison the impact of the rate of change is even worse. Furthermore, most XEPs and PEPs are mere (optional) extensions, whereas a lot of MSCs are alterations of existing APIs. Any JSON parser used for Matrix needs to anticipate fields changing or being added all over the place because you never know when random fields show up all over the input data because of a spec change.
The way the Matrix spec is developed feels a lot more like a proprietary company spec that happens to be published on Github than the IETF/XMPP/Python spec process. The rate of change is high and almost all changes are done to serve new features for the two or three major players that bought into the Matrix ecosystem.
One recent change that comes to mind is the move from secret, public URLs for media, to authenticated URLs. The setting to force that changeover won't apply everywhere for a while, but it'll completely break every media-supporting client written before the spec change.
Nothing wrong with extending the spec to improve the product, but with how fast the protocol is growing, I wouldn't want to be tasked with maintaining a Matrix client and I don't have much faith in the forward compatibility of the few Matrix bots I've written either.
It is a GOOD THING for people to open MSCs and try to evolve Matrix, and the number of open proposals shows the enthusiasm in the ecosystem for doing so and proposing ways to evolve the protocol.
Meanwhile, the number of actually accepted merged MSCs is way lower - 226 merged in 8 years: https://github.com/matrix-org/matrix-spec-proposals/issues?q... - so 28 per year. Same as Python.
> I wouldn't want to be tasked with maintaining a Matrix client and I don't have much faith in the forward compatibility of the few Matrix bots I've written either.
Authenticated media is literally the first time we've made a significant breaking change on the CS API in 10 years - and was effectively a security fix, to stop people abusing Matrix as a CDN. Bots I wrote 10 years ago still work today without changes (other than auth media).
> The way the Matrix spec is developed feels a lot more like a proprietary company spec that happens to be published on Github than the IETF/XMPP/Python spec process.
Seriously, read the proposal mechanism (https://spec.matrix.org/proposals/) and look at a MSC like https://github.com/matrix-org/matrix-spec-proposals/pull/177... with >500 comments from across the wider community (so big that it crashed GitHub at the time).
