 Folks welcome find yourselves a seat and I'd like to introduce our speaker who's Matthew Hodgson from the Matrix project I don't know if folks have been following Matrix, but they've had a bit of a coup in 2018 Where they effectively persuaded the French government to Move a lot of the government messaging services on to Matrix, which is an open source project Which is a bit of contrast to to my own government who seem to be running Foreign policy on what's happened slack. So Matt's going to tell us a little bit about Matrix and how they how they are Changing the way the French government communicate, right? Yep Absolutely. Well, thank you very much for the intro First of all apologies everybody that I'm almost entirely losing my voice Which is obviously precisely what you want to have Before doing a main stage talk at FOSTA, but can you hear me? Okay? Yep, okay If I'm going too fast or too loud or too quiet or too low or whatever or if my voice just stops working Please just yell at me feel free to interrupt or hackle if you like and I'd like to talk to you So yeah, basically would like to talk about Matrix both in context the French Utilization for the last year that Rob was just talking about and also would like to introduce Matrix 1.0 as We are on the cusp of coming out of beta after four and a half long years of Building Matrix to where it is today So it's basically going to be a mix of talking a bit about what we did with France and honestly how the French project Forced us to make damn sure that Matrix would come out of beta because having bet on us as a protocol and a project We've obviously needed to make sure that it's fit for purpose So first of all Matrix itself, I'm guessing a lot of people here now know what Matrix is anybody You don't know what Matrix is Okay, okay, well we've got a majority knowing so I'll quickly go through the normal stuff trying to explain What we are take a few minutes, sorry that it will bore everybody else So Matrix is a open network for security centralized real-time communication. So it's a protocol in the end It's a set of API's a set of HTTP API's to be precise To let you send and receive messages But it is also the resulting openly federated global public network that results and what can you use it for well The main thing is interoperable chat. However in the end Matrix is just a data synchronization layer in the end It's purpose up of any kind of JSON data and that could be Setting up VoIP calls it could be doing communication over VR and air and we've done a couple of silly demos Where you have seen graphs expressed over Matrix or setting up video calls of 3d video calls over Matrix in VR Or it could be real-time IOT or machine to machine messaging of any kind So the mission here is really to Provide an open replacement to the public telephony network or indeed a replacement to email to create a global decentralized encrypted cons network that is providing an open platform where any of us can hack on top of it and Provide open real-time communication. There are some fundamental differences with other ways of doing this In the in matrix and the first-class citizen is not the messages you pass back and forth It is the conversation history of the rooms which you're talking in and this is the thing that a lot of people don't get And it's critical to understand that matrix is if anything quite similar to get You've got a big distributed data structure that is being replicated across the various different people participating in it and get we're going and replicating commits in matrix We replicate conversation history. So this is fundamentally different to say XMPP or CIP or IRC Or any other open communication protocol where you're typically just taking a message and passing it to somebody else via a server in Matrix you're going and synchronizing your service copy of a conversation with all of the other servers participating in that room So this is a really important thing that no single server Controls that conversation unless of course there's only one server participating in the conversation so if I'm on matrix.org and I'm talking to somebody on a gov.fr French matrix server then if matrix.org goes down They keep a copy of that conversation and it will persist and prevail for as long as their server is online And then when I come back online my copy will be Resolved merged with their copy and it will continue talking to one another So in practice one way of thinking of this is also as a thing to fill this void here That you have all of these centralized Communication services or all of these communication silos And it could be a proprietary closed thing like slack or discord or telegram It could be an open system like IRC. I'll be a closed Federation It could be an open system like XMPP But with open Federation or it could be another closed system like Gitter a matrix exists as This decentralized network Connecting them all and you can use it natively with a matrix client Talking through to one of these matrix servers or you can have a bridge that connects through to slack or to IRC And as of a month ago XMPP We now have first-class XMPP bridging in matrix, which I'll talk about and hopefully show off a bit later And you know you don't have to use matrix But it's there either to use natively or to glue together these different silos and provide an open pub-sub framework for the internet I've already explained that the two big differentiators is that no single party owns your conversations And that they are replicated over all of the participants Architecturally you have clients which talk a very thin HTTP protocol to your server You have the servers which talk a much more interesting HTTP protocol to one another you have application servers Which are basically clients on steroids? They do all the interesting stuff and then finally you have identity servers Which is still a little bit of a gray area of matrix which handled the problem of how do you discover who you want to talk to and? Whilst I say that all of these APIs currently are HTTP matrix itself is agnostic to the transport that you use We specify as HTTP and JSON today, but you could equally well use more exotic transports And in fact we have finally built one which is built on co-app and seabor using noise for end-to-end encryption And we're going to be talking about that actually in the real-time comms and dev room tomorrow if anybody is interested in super low bandwidth transports So what do you get in matrix? Well, obviously you get decentralized conversation history as the first-class building block you get group messaging and One-to-one messaging only as a subset of group messaging end-to-end encryption is a massive massive Focus for us because we replicate your data over all of the participating servers if that isn't end-to-end encrypted It's a train wreck if it's private data at least because you're just increasing the attack envelope of That data every time you talk to somebody on a new server they get a copy of it So you really want to make sure that the server admins can't be snooping on your messages and that they are protected end-to-end You get void signaling get push notification rules server-side search read receipts typing notifications presence Read state and unreg counts tensile that unreg counts are a pain in the ass, but we have them Decentralized content repository and even account data per room So it's a real kitchen sink of a spec and again This is a bit of an unusual thing in the most it is led internally the spec itself It's effectively one big document and if I say hey, I've got a server and a client here that speaks matrix 1.0 Assuming that it's a phone or a web browser or whatever then it should implement all of these So you don't get any fragmentation Where you have some clients which no decided not to do VoIP or something in theory At least you should be able to use the same spec for everything and you don't need to mix and match different Extensions you don't need to mix and match different modules There is only one true canonical way of building our matrix at any given point So the ecosystem as it stands today has moved on a bit from years gone by The green stuff is stuff that we provide as the matrix or project and we provide on web stack on react a legacy angular one and we also have the riot flagship app which we built on top of it and We have an equivalent iOS stack currently written in Objective C and on Android these days We have two stacks. We have a Java stack called matrix Android SDK and we also have the Android Sorry matrix SDK Android, which is written in Kotlin now This is an entire rewrite of the Android stack that has been going on for the last couple of months it uses our acts as a Layer on top and to handle the data flow as in a reactive model And there is a whole new rewrite of riot on Android on top of it called riot X at the moment It's a code name, but it gives you an idea that it's a total rewrite from the ground up Which hopefully have time to give a quick demo off later And so that's all new on the server side We have our Python server and our go server and a whole fleet of different bridges and application services and bots and things now We started the go server a few years ago in order to replace the Python code base But we've hit the classic problem that the Python code base is actually quite Featureful and also starting to roll out lots of big places like France for instance And also we wanted to get out of beta at last and release a 1.0 of the spec so we had a choice of do we go and Implement the 1.0 spec on both the Python thing to support everybody already on Python as well as the go code base at the same time and I have to basically have our Frupper and Momentum because we got to do both at the same time and we have to iterate on both at the same time Well, are we going to get it right on Python? Shape the 1.0 and then bring the go up to speed and that's what we've chosen to do in the end So dendrite has been plugging along and we've got people contributing to it And so we spend some time working on it ourselves, but I'm afraid it's running a bit late Like all the best second systems do but when it lands it should be a bit like Firefox merging server And all the good rust stuff and it will be unrecognisably better from where the Python is today But right now we're shipping 1.0 on Synapse Meanwhile on the community side of things lots and lots of projects out there C-Glass is a new one and native Mac OS Client, which is really really nice. It actually builds on top of the iOS SDK Which turns out to also run perfectly on Mac OS But it provides end-to-end encryption and all sorts of nice stuff as a result Command line clients like go max. You've got the GNOME project providing fractal in rust at Caternion and Qt and C++ Also, there was a really nice Qt Project called Neco which got archived a few months ago when the maintainer quit But has just been reborn in the last couple of weeks by a new maintainer It's now called Neco reborn and they're selling up for a new release and pretty soon So if you're a sad Neco user who was unhappy that it went on height as as far as I can tell it's back So brief history actually of where we got to or how we got to today We started this back in May 2014 wrote a bunch of code honestly way too quickly in a mad rush of wow we actually need to build a crazy open communications network and Everybody threw lots of Python at the wall to see what would stick We shipped in September as the first alpha and it was very alpha In 2015 around March federation became usable. We added postgres as well as SQLite added I'll see bridging specifically for free mode And then later in the year we released vector as it was called as our flagship matrix client and We also actually cut our first release at the client server API So if you have wondered why there are so many matrix clients out there and why it's so easy to write a matrix client It's kind of because we actually Locked down our first stable release all the way back then in 2015 But only of the client server API and for context in matrix You get five APIs you get the client server you get the server server, which is the federation one You get the identity server, which is the one about discovering who to talk to you get application Services, which allow you to build your bridges and your bots and things and you get push Which is specifically for hooking into APNs or GCM or whatever other push Layer you have so back in 2015. We had only one of these stabilized Then 2016 was an awful lot of watching synapse fall over Honestly, we had some real scaling problems. Thanks to the slightly rush way in which the project had come together We also started a lot of work on end-to-end encryption Literally man years to try to add that in and it turns out that end-to-end in a decentralized model is hard You have problems like who is in the room? Because if you have an eventually consistent big decentralized room and some guy's server goes offline for a few hours And he adds on a couple of devices on his local server and he comes back Should he have been in the conversation? Who knows it's a bit of a philosophical question if a tree falls in a woods and no one's there That sort of thing so it's um It's been a lot of time on end-to-end we rebranded back to as riot workspace We had a contribution of our internationalization all internationalization in riot was term contributed by a chap called MTR North in the community very kindly and we also started dendrite However, we also had a couple of big problems in 2017 one of which that we were piling on new features And we were still in beta and it's I think fair to say that we weren't getting the level of polish and the level of Stability that we should have on our existing stuff before chucking more things at the wall And one of the reasons we were piling on features was also that we were running into funding problems Because for the first three years of matrix we were sponsored to do this by our day job, which is working at a big multinational tailcoaster like on amdox and After three years they decided to stop funding us Mainly because they saw that matrix was starting to be successful And they thought hey this is looking so great you guys can look after yourselves I'm sure lots of people will come to you and want to get matrix deployments and hey good luck So we parted ways with them in 2017 in order to try to raise money We spent a lot of time building out stickers and other slightly Well sort of featureful things like that, but it certainly didn't help our stability Then in 2018 we were lucky enough to solve the funding problems Thanks to an investment from another decentralized communications project called status. I am so anybody from status here It's got to be someone I Saw them earlier, but they're fleeing from the talk. They're basically status Gave us enough funding to be able to hire the core team of matrix and set up a startup to go and keep Hacking on matrix as well as providing services around matrix and The good news is that we could feature freeze So we basically didn't ship anything new in the way of features last year Everything was about the road to getting hell out of beta getting to 1.0 Fixing security issues some really long-standing security issues which were design flaws in the Federation API also fixing our stability in Synapse not necessarily our scalability, but also Basically trying to make sure that you can run Synapse in production with a straight face and you're not going to get owned And then finally at governance because having gone and set up a for-profit business to hire the core team We want to make damn sure that matrix itself is independent of that So the other people whether they're non-profit or for-profit can go and build on top of matrix without any concerns of the direction Of the standard so basically set up a foundation who control and actors a neutral guardian for the project And we consider that a blocker for matrix 1.0 And then this year as of basically this week Shipping 1.0 at last and then beyond so sorry for the boring history But I thought it might be interesting to give a bit of context to where we are now In terms of uptake in general on matrix This is some daily active users on the matrix talk server over the last three years And as you can see in 2016 there was pretty much nothing then in 2017. We really started to see some Stuff taking off 2018 we ended up in this interesting situation of a plateau over the course of the summer And this was because we were putting all of our effort into security and stability we had folks trying to exploit the issues which we had in the server to server API from the outset and Given a choice between keeping the scalability and the scaling on synapse up with the traffic growth We chose to drop everything and go and address those security stuff so we could get out of and beat it and We did that and you can literally see the point where we shipped the first wave of security stuff And could work on performance again at which point the glass ceiling is removed and Off we go again at the rate that we were before Another way of thinking of this is the number of them servers. We can see from matrix.org Was pretty much it was pretty small until the beginning of 2016 and then it grew a lot over 2017 again over the summer of last year it had a bit of a wobble But we're now on track again with about 12,000 servers who are phoning home one way or another Now it's worth noting that a lot of people don't phone home a lot of people don't even publicly federate So French instance the French deployment, which I promise I will talk about in a second Have you know they don't phone home and they've got Potentially millions of users on it. So the important thing is the shape of the graphs here rather than the y-axis In practice right now. We see about 7 million global visible accounts Of which about three and a half million are on the matrix.org home server So this is deliberate for better or worse the matrix.org is a default server That people get set up on and about 50% of the population is sitting on it We hope in the long term to turn it off It's very much a bootstrapping exercise Giving an easy option for people to use and as we get more publicly available Stable servers out there and once critically we have account migration so that people can move on to them Then we had just kind of kill it We can see a couple of million messages a day Well or my last version of the slide from a few months ago was one and a half million messages a day And about 20 messages the second coming in 2000 going out hundreds of projects building on it and our bunch of companies too so What about France? What happened with France is that the Ministry of Digital who are called dintic and not going to try to say that in French Actually reached out to us So this wasn't a matter of us persuading them as it happens And they pinged one of the guys who was working on the androids riot client and say hey more can we do and to get a copy of riot for our own purposes and So it turned out that what they were actually looking for was self-sovereign I run by France rather than run by Silicon Valley in the case of WhatsApp or run by Russia in the case of telegram Self-sovereign and to end encrypted decentralized communication now a lot of people say why the hell does the government needs? Decentralized communication surely governments are inherently centralized except they really not as in the government is made up of ministries It's made up of offices. It's made up of departments and sub departments and sub ministries and you've got hospitals You've got teachers you've got schools universities the public sector is massive turns out that in France It's 5.5 million users Are in the public sector over 10% of the population of the country is Served or will be served by this deployment So what they wanted in what they've got is to have operationally independent deployments of matrix per ministry So I know the ministry of digital is going to have completely different requirements to the ministry of the army And they're going to have different operational security different info set requirements Perhaps they want to run it on-premise perhaps. They want to use a cloud provider Perhaps they've got six anti-virus systems. Everything has to be run through perhaps They want to block a particular class of attachment perhaps they only want data to flow one direction They only want some people to be able to invite conversations Into the Prime Minister's office or sorry, they only want the Prime Minister to be able to invite outwards They don't want him to get spammed by everybody else constantly going and connecting to environment tricks So the way it's set up is each ministry has its own deployment They're all running a Dedicated full stack of matrix so that you can have ministries go offline or they can Disconnect themselves from the internet or from on and on for And also they had a bunch of other requirements They needed enterprise-grade anti-virus support as well as enter end-to-end encryption Now this is obviously a contradiction in terms because you can't have decent end-to-end encryption Which is not letting anybody man in the middle of your traffic as well as having a rapidly adaptive Antivirus system where you've got some service somewhere which you have to run all the attachments through I guess you could try to run it client side, but then you end up downloading the nasty thing and Scanning it client side and doing that on mobile in a decent manner in such a way that means that your client side Antivirus kind of doesn't get owned and all that sort of thing Becomes a mess so we had to do a lot of work to support that which is going to land in matrix itself talk about it in a minute and Also different security zones As I mentioned earlier and really excitingly and surprisingly to us at first whilst they're starting off with a private Federation they're also interested in going public So they want to be able to connect with other governments. They want to connect with other companies And it's a very pragmatic reason why that it's all very well having this really sexy Self-run communication system inside the government But the second that you want to talk to a supplier or a contractor or somebody else If they're not on the same system, you're just going to be back on what's that or smack or whatever So it's critical for them to be able to connect through to the wider world So current status is that we Development started on the app and the apps by the way have written and by them with some level of support from us We started in May and it's the fork of riot It's it's long get hub there and they're not promoting that URL at all So if you go there, you'll see it's basically just a bunch of repositories with no details at all I imagine that when it and goes completely live They'll be making a lot more of a noise about it But I'm here representing matrix rather than them talking about it from the matrix perspective Started off on androids then web than iOS then started rolling in out in June Then had to do a bunch of audits for him and see which is the French version of the NSA To check that this thing is going to be stable and usable from an operational perspective More recently, there's an IT order also going on from EY and now as of January It's being rolled out across all the ministries And that's a lot of Ansible so demo wise Let me see if I can quickly put it up I was going to demo it on Android because that's the most mature one However, it turns out that they've locked down the permissions on Android such that you cannot screen share it at all It really aggressively fights you so given a choice between doing a custom build where we disabled the screen share and screen cap restrictions And using iOS I'm afraid I'm going to just go and use iOS So let me just try screen sharing see if this works Come on Probably help if I had internet access Should I get on a network and then perhaps this might work one second? There we go Screen share hello All right, brilliant. So here is the app. It's called some chap Or be chap for the beta version of it. And as you can see It looks a bit like a matrix client and honestly There's not that much to show you here weirdly enough. I'm on the pre-production system rather than the actual live Platform as fun as it would be to start looking at all of the ministry Chat rooms and all of the conversations there. So this is just The dev team and I'm hanging out together You can see it is entwined encrypted by default. We've got all of the little Olm encryption Padlocks there and you can see me testing and say hello like so or gecko because I can't spell at all An interesting thing If I send a photo into this here I'm going to send it tiny That it does this antivirus stance. So it's going and uploading In fact, it's not even uploading what it's doing is Taking the key data for that file not the matrix message not the matrix room but specifically the key data for that file and Exfiltrating it deliberately to an end to an antivirus server. Now that antivirus server is on a totally different deployment There is no operational overlap at all between the main matrix home server and the thing you're using to communicate and then there's completely separate run by Information security folks which does one thing and one thing only you give it a URL and an encrypted set of keys It decrypts the keys it checks the URL scans it and then proxies the result through and we do it both when you upload And when you download and so we wrote that actually as a node and base content scanner called matrix content scanner Which is available today and we're going to add that to the matrix spec as a really important thing to basically have inherent first-class antivirus And I think that's about all I can show you at the app itself What's that? It does do gifts. Yeah It also does emoji and stickers and things do I mean as a fork of right it gets the whole kitchen sink of stuff They've actually reduced some of the functionality to make it more usable and ironically It's probably more usable than right is today because they've had a professional UX agency working away designing quite a good-looking app But that is where that sits today So very approximate schematic that does not remotely resemble the real thing for obvious reasons Is that you end up with a private federation of a whole bunch of ministries talking to one another? Some of these are public-facing Servers so that people in future will be able to install the app from the app store and Jump on to a France hosted public matrix server However in future we'd also expect there to be a border gateway Federating it through to the public matrix network so it can talk to other governments, etc Also as always there's scope for doing integrations. They're actually on any running yet But we're hoping they'll do a bunch and obviously bridges to other protocols too. We're not running any bridges there yet But again, I can imagine that I believe that NATO uses X and PP and so I can imagine that some of the military guys They're going to want to be talking through to X and PP and have a bridge to do so So in terms of the stuff that's been driven by France again quickly end to end I kind of already explained how it works You have to exfiltrate the keys, but we do this as well as possible We send the URL and the encrypted encryption keys using a pinned public key for the service. It's an isolated service you talk HTTPS to it it in turn talks iCAP which is the slightly GPS standard for antivirus scanning and We're going to add it to the spec and you can play with it today for a matrix constant scanner Lots and lots of Ansible stuff. Unfortunately. This stuff isn't fast, but it is forked off our false ansible playbooks They're 27 of them at 27 roles. You get synapse. You get your identity server Obviously postgres the antivirus a rage-shake server for gathering bug reports turn servers like the whole enchilada 730 things in total Performance they drove a lot of performance work So one of the big things we landed last year was let lazy loading members previously when you join Matrix room or when you log into your account It loads the profile data of every user everywhere that you can see and on my account That's about 120 megabytes of jason. I hear this is not great so we implemented lazy loading which only thinks the membership data about the people who are actively talking in your room and that is Typically a factor of five or so improvement So once G zipped for me it's down to about two megabytes of zip jason when I log into my account But my account is massive. It's like 2000 conversations Also, we ported everything to Python free This was originally a community project done by a chap called not a file with support from Intel effects And then we took over and did it from the core team by hiring lady called Hawkeye Amber Brown who is also the release manager for twisted And there is no better person in the world than the person who ported twisted from Python 2 to Python 3 to Also port synapse from Python 2 to Python 3 and we showed this I guess in November I think in synapse 34 and it turned out to be a massive improvement Python 3 stores strings as utf 8 rather than 32 bit UCS 32 So you immediately get two to three times improvement on ran And also turns out that some of our workloads on CPU were magically sped up I haven't really bothered finding out why to be honest but some of the synapse worker processes started using two times three times less CPU and Just anecdotally if you haven't shifted your home server to Python 3 do it now because it just feels nice and snappy Finally lots and lots of ongoing work on synapse to profile for bottlenecks and make the caching work better Now this is more about performance than the resource utilization And I'm sorry to say that synapse is still a bit of a dog in terms of memory usage and disk usage Once we've shipped 1.0, which is basically now that one of the first things on our to-do list is to fix that at last So finally just one last massive thing driven by France 1.0. There's no way that a government is going to go live with something with a big beta logo on it And we are not going to cheat and just remove beta and claim. Oh, yeah, it's perfect now We actually had to ship a proper 1.0 So in practice that means cutting stable spec releases of all of the matrix APIs and we want to make it Correct and then make it fast. We had to fix the design think-os which have been plaguing the Federation API We need to have the infrastructure to roll those changes out which turns out to be a massive deal We really screwed up by not baking the idea of room versions into matrix from the outset so If you ever build a protocol make damn sure you can ratchet the version of Everything from the outset. Otherwise, you just paint yourself into a corner one day You discover a bug in your Federation API and then before you can fix it You have to retrofit a whole versioning system on We wanted to get the governance in place and Also want to get as much stuff to turn on end-to-end encryption by default and then exit beta so Federation we were slow on getting a stable spec already said that in 2015 We cut our first clients over API then we shipped the other three in August of last year But still couldn't ship a stable Federation API because it had some pretty big design flaws One of which is that we chose perspectives for certificate management We fought back in 2014 that we would be cool and hip and we wouldn't use those evil Certificate authorities to tell us who to trust instead We would go and democratize this to the matrix population and we would have notary servers Which by consensus would decide whether a given tier less certificate belongs to the correct server So if you got a room with 20 servers in it if 10 of them agree that the correct fingerprint for that server is That fingerprint then that should be good enough We don't need any damn CAs and it was a disaster Firstly because we didn't finish it because it turns out to get all the consensus stuff working is a pain in the ass and We prioritized matrix stuff rather than building TLS infrastructure Secondly, let's encrypt came along and it didn't exist when we started But a couple of years later it did at which point perspectives as a initiative that was already on life support which has died because why would you mess around with this when you can just use let's encrypt and We basically ended up with this embarrassment that lots of people had set up self-sign certificates for their home servers However, the trust was just not really there. So what we've done and in 1.0 I'm afraid is to kill self-signed certificates So if you're running a matrix server with a self-sign certificate, please upgrade to snaps and 1.99 and delete it The certificate not the server and You can do that now because we added at me support into synapse So it will transparently do to let's encrypt and give you a real proper certificate for that server Now another thing is our fundamental merge resolution algorithm so-called state resolution for Matrix was broken. We had some bugs Which would create unexpected results when you particularly have an old copy of a room from a server That's been offline for a while and it comes back and you have to resolve State of the room like who is in the room and sometimes it would pick the old copy over the new one Which is embarrassing because it means that time will go backwards and you get what we call a state reset Where people who were in the room suddenly find themselves Teleported back into it. It's also called the hotel California bug And it's really embarrassing and annoying and it turned out to be really really hard to fix Because we needed to throw away the whole merge resolution algorithm and replace it with one that works And in order to do that we then needed to provide the versioning stuff and finally we also had screw-ups like Letting servers create event IDs like email or SIP, and you know, what's wrong with that? Why not let people create their own IDs? What the problem is that in a decentralized system you can have two servers maliciously Claim that the same ID points to different content and you have a disaster going on So we've had to change our entire ID structure for matrix 1.0 So the IDs are now the hash of the contents so you cannot lie about the contents of an event and Instead everything is content addressable at least for event IDs And again that needs you to be able to ratchet the protocol to do that These are now all fixed as of about two o'clock this morning We cut release nor point one of the server-to-server API So for the first time ever there is a final finished stable Federation API for matrix and if you are feeling particularly ambitious Go take it and try to implement a home server. That is the first time Thank you. I should have also had that I've relatively little to do with this This is all the work of the Paul synapse and the spec team who have been desperately blitzing through this nightmare to get it out the door and Yeah, I mean we're actually at that point at last Now I should add this isn't matrix 1.0. We do now have all five APIs at a stable release We do need to release an update to the CS API and the identity server API Which will be coming over the next week. We need to push through a couple of spec updates for that and then cut it But then we exit beta fully So I already talked about no more self-signed certificates. Delete your self-signed certificates Synapse 0.99 will talk to Doesn't require the new certificates, but it does do at me Synapse 0.99, which we released a boot. Well, it's basically being released right now We've got the final release candidate yesterday Is almost the same as what we will ship is synapse 1.0 Except 1.0 will refuse to connect to self-signed servers So you got a month basically to get rid of those self-signed certificates Also, side effects of Moving to real TLS certificates is that you have problems if you are big corp.com And you want to delegate your matrix server to big corp matrix hosting dot com Because it's quite possible that as big corp.com like if you're Google You're not going to give some random matrix hosting company a top level SSL certificate for Google.com So instead we have shifted to using well-known your eyes in order to let big corp.com Delegate to a given server and it allows the webmaster for Google.com or whoever to say hey Well, no new your matrix server Please delegate all of this over to Google.matrixhosting.com and then you do the normal SRV and TLS lookup on that domain We could have also done this all using SRV But it ends up being more vulnerable to DNS poisoning than building on top of the well-known URI system So again an action for anybody who is running a server where they use SRV to delegate to somewhere else You need to add a well-known URI if you don't control the host name that you're running the server for and again That's supported today in Synapse 99 State resolution, I don't have time to talk about it But we put a ton of work into what we call V2 state res or state res reloaded bit like matrix reloaded and I won't go into it in detail But suffice it to say that we've hopefully addressed all of the vulnerabilities and attacks which were leveled against the original one So you could in theory upgrade to the new resolution algorithm today However, version two rooms rapidly got replaced by version three rooms which replaced our old IDs with our base 64 hash IDs So in the near future Once not synapse 0.99 is released out of release candidate probably on Monday We will encourage everybody to upgrade their rooms now This is big by any room any public room particularly We're going to need the admin of the room to hit the big upgrade button that will appear in at least right And I hopefully I think Caternion has also implemented UI for this So what it will look like as a room admin is that you get a warning at the top of the room saying this room is Vulnerable is running an old version of matrix press here to upgrade it this will then magically create a new room invite the old people into it and Stitch the two together so that you have some level of continuity But in practice it is the ratcheting that I keep going on about to let people migrate to the new version and Once everybody is upgraded to version three rooms We will be killing off the sucky old original V1 rooms which have those vulnerabilities So I mean this is massive in terms of ratcheting us out of our sordid past Finally on the matrix dot one stuff Foundation we've incorporated the matrix all foundation as a non-profit not for profit UK community interest company We've finalized the governance and if you are a governance geek go and Google for MSc 1779 which is a massive Hamilton style declaration of matrix Anifesto and how we pledge to make sure we don't screw up the project and the protocol remains neutral no matter who builds on it The key things that they end up with an eight-person spec team who actually manage the smack We also have a five-person Guardian team who are basically the board of direct directors for the non-profit We have three of these folk already myself am and in who came up with matrix in the first place and Third guy who will announce very soon. We're looking to find two more folk who can Participate in the board of fire actors who we're talking to at the moment So our lawyers are currently turning that into the actual legal articles of association and then the matrix all foundation is finished Or at least begun Timeline We released our one naught point one of SS yesterday or this morning however Basically, we will be launching one point of synapse a month later in March and Matrix dot one will land once with release CS 0.5 nice 0.2 So I've got ten minutes. Let's do some fun stuff two minutes. My god, really? I've got 50 you want to see dry a demo rather than ask boring questions, right? Yeah, okay Let's feel right there my instead So we have totally redesigned right to try to make it look better than Matrix or slack. Oh, it's a mate better than matrix. What I'm doing better than slack or discord And this is what right looks like these days. Here is matrix HQ They can say hi everyone and I am in thousands of different rooms here now the UI is entirely Resizable We can go and to rooms like synapse dev. We can go and pull up files here predictably it's full of Gifts the various different flavors. I think that was us shipping the nore point one release of the server server API and I Mean right. I'm obviously biased, but I think this thing is starting to look lovely. We've got rid of all the green it's a lot more and flexible and In terms of usability, it's looking a lot lot better let me skip forward quickly to Not there And you can play with it right now ride. I am slash develop. We merged it to develop about a week ago It's still kind of pre-release candidate, but we'll be cutting a release candidate over the next week or so and then pushing it out properly end-to-end encryption So I've got sort of zero minutes to talk about the massive amount of work that went into end-to-end encryption Let's go back in time. In fact, we've even gone widescreen. That's how far back we've gone to 2017 Which was last time I was standing here in Janssen announcing end-to-end encryption and the final slide was what's next? We needed to support encryption for people who aren't yet in a room. We need cross-signing and for device I key so you don't have to keep verifying. We need better device verification than comparing ugly fingerprints We need push notifications. I actually work for end-to-end. We need better primitives and all the rest of it so fast forward to today and All of the emoji which are the most important thing on this slide have vanished So imagine that there is a green tech Next to everything above this point. So we now share Rapture data when you invite people into rooms We do cross-signing which is a massive amount of work that we squeezed together and I'll try to demo it very quickly We've got much better device verification using short authentication strings rather than comparing fingerprints and QR codes Other QR codes hasn't landed in implementation yet We've got key recovery backups, which is another huge amount of work If you have one matrix client on your phone and you lose it at the moment unless you manually back up your keys You are screwed whereas with this it encrypts your keys and Optionally, it stores them on the server so you can recover them in a disaster Push notifications now pretty much work Totally new system where your phone is actually syncing to matrix in the background to do that And we shifted to wasm We really we shifted all of om over web from in scripts and js and asm.js over to wasm We just sped things up by factor of about five. So quickly let me try to demo the end-to-end stuff and this is Gonna be an interesting demo. I'll go as quick as I can. This is the new login page right everybody and if I quickly can create account here on my local home server call it test and I go and create an end-to-end encrypted room Call it testing and I go and turn on encryption. I hope you're all loving the new right you acts here turn on encryption like so And say some messages and we've got this big yellow thing here that says hey secure message recovery Which is actually what we are calling the online key backup If I set this up right now, I can enter a recovery passphrase Like so And I can save it as a recovery key and if I want and I authenticate and it is now going and uploading my keys Encrypted to my server now obviously some people won't want this and you can still use it without it But for the common case, it's really quite useful is what it lets you do It's login again on a different device So login is one to one two seven rather than local host login as my test user here and Okay, here. I am on my African. It says I've logged in on a new device So here is the new verification flows that I can now say verify by comparing a short text string I hit begin verify and meanwhile I Get an incoming verification request here Now all I have to do is to compare this simple string between the two It's not a big fingerprint and we'll probably replace it with words. They imagine this was like pink elastic zebra plaster horse and the other guy says, yeah, I've got pink elastic zebra Pasta horse and clicks continue and now they have mutually verified one another Like so and if the gods are smiling at me, please Then in theory that should have automatically Decrypted the message there, but the game at demo gods are not smiling on me But suffice and say that this is at least verified the two accounts here. They've both got shields and Now if I log in a third time We're almost there by the way Now the other two in the background have got a key share request saying hey, I've added a new device but what if I can't physically get to my other devices what if I'm on a Whole new device somebody stole my laptop and my phone, but I still want to get at my history. Well luckily I set up my Verify at my key and backup system so I can go into here and hit the restore backup I can type my top secret Passphrase and if I now go into the encrypted conversation here I Have my full history and even better. I have cross-signing working Verifying the other devices both of them So I only ever had to verify once there and then verify in turn by the fact that I knew what my passphrase was and I have access To my entire set of devices So if you compare that with matrix today where you spend your life comparing fingerprints of different devices all over the place You should have to do it just once Thank you, and yeah, you just go once and it should sit there forever and you can rehydrate it out of your backup as Intended now we weren't hoping to show that today, but at the beginning of the week I said to Dave Baker and Hubert Chaffee who'd be working on it guys What'd be cool if we actually showed cross-signing at Foz stem and they looked at me with a slightly stressed expression and said Okay, and I'm so we'll see if we can pull it together and as of 4 a.m. This morning the demo finally came together So admittedly that is the only flow that even vaguely works, but it will be landing properly any minute now And I think I'm probably well and truly out of time Really just like 10 seconds nope no We're gonna get fired. It's such a shame because I did so much want to just show right X just just one second Because but seriously guys right X here looks amazing It's set up to look like the Light the new app it launches 10 times faster. It doesn't suck. Anyway, thank you everybody I don't think we're gonna have any time for questions unfortunately, but where are you gonna be after? Yeah, we're at the real-time lounge next to the X and PP and the Oland guys up on the first floor of K building And we'll be there all afternoon so come talk to us afterwards. Thank you for coming