 Hello, and welcome to the Matrix Talk. I'm Oleg Ficksel, and here are some facts about me. I also used to work as a security consultant some years ago, and I am already many years in the Matrix community. Today, I will give you an overview of our Matrix architecture and ecosystem, and help you with the first steps in the Matrix world. So, what is Matrix, or how Matrix come about? There are many chat networks out there, and most of the time, they are isolated from each other. The idea of Matrix is to unite them. But don't get me wrong, Matrix is not a huge bridge just for uniting some other networks. It's also a completely independent network on its own. The difference is, Matrix is friendly to other networks. So, I think the following sentence describes Matrix very well. If we say open network, that means open specification and open implementation. Secure means Matrix has end-to-end encryption by default. And decentralized means that anyone can run their own Matrix server. And, of course, nowadays we talk about real-time communication, and most of the time we mean chat rooms. Matrix can also be used for variety of cases for real-time communication, IoT, for example. So, let's look at some of the key features that I personally like about Matrix. Well, open SPAC means that the protocol is open, the implementation is open as well, so you can check the protocol SPAC and write your own home server or write your own client for Matrix. Matrix is distributed and federated network. This means all of our messages are not stored on one server, but spread across the network. And you, as a home server owner, maybe can also choose which home servers you federate. This has much benefits to the central networks. So, end-to-end encryption is there by default and built-in from ground up in the SPAC and not bolted on top at some later time. And this is very important from the architectural point of view. And we can also use WebRTC calls, voice and video calls in Matrix, and those are encrypted as well, so we get this as well. And I think the most unique feature of Matrix is bridging, which I showed you, bridges the other network into the Matrix. So you don't have to install 10 clients on your device to communicate to 10 different networks. So integrations are also cool. I will show you a couple of screenshots from integrations. And last but not least, healthy and friendly community from my point of view, which is very important. So, end-to-end encryption. From my point of view as a security expert, encryption without open source is questionable. You can, of course, trust the company or the project saying, we are encrypting that, but you cannot see in the source how it's done. Well, Matrix encryption is open source. Because Matrix replicates the messages across the home servers, if the messages in this chatroom are sensitive data, without end-to-end encryption, it could be a privacy problem. That's why end-to-end encryption in Matrix is very important. And that's why Matrix took some time to build this encryption and actually much more time to actually create a user interface with all the possible scenarios for the user to use this encryption. So keep in mind, if you're building a crypto, building a crypto is one thing. But making it usable for people and easy to use is a bit different job. And it takes some more time. Well, the encryption is used about three years already. And those are actually two libraries, or two implementations. Olm is a double ratchet implementation based on the signal specification, which signal use, and the completely new, which called Megalm for group chats. There was also a security assessment, 2016. There were some findings which were fixed. If you're a security researcher, take a look at it and give us feedback. So let's look at the distributed architecture of Matrix. We have different entities. HomeServer is one of them. On the HomeServer, we have user clients which connect to the HomeServer and have accounts there. HomeServer are communicating to each other using server to server API and exchange messages in real time. So there are also IdentityServer and IdentityServer. You can use a central IdentityServer hosted by matrix.org, or you can deploy your own IdentityServer if you want to federate with your company's identity provider. The discovery of HomeServer and IdentityServer is done either by DNS server records, or HomeServer can also use this well-known URI Schema to know which HomeServer is responsible for this domain. Very similar that we have in the email world right now. And there are also application server. Application server are a bit different. They connect to the HomeServer using an application server API and have more rights than the clients Most of the time, application server are bridges, but sometimes they are also integration manager. We will talk about those in a minute. So let's talk about HomeServers. There is a HomeServer API in very brief. It synchronized the messages between the HomeServer and it can also ask for historic messages. For example, if the HomeServer was offline for some while, it can ask for messages in the last two days to catch up. And it also can ask the profiles of the users on this HomeServer to show this user is offline or this user is online. There are different implementations of HomeServers. Synapse, probably the most prominent one, is the most stable one, which is used on matrix.org. And there is also next generation HomeServer written in Golang, which is aimed to be very scalable and very performant, which is actually entering beta now. So, and there are also some community servers which are developed by the community. Conduit, for example, is the HomeServer in Rust, currently in alpha state. Currently, it doesn't support, I think, the federation between the servers. So, it's only on your server, but it's blazingly fast currently. So, and there's also construct in C++, which also performance-oriented. But there are more. By the way, in the blue, there are links. You can download the slides and click the links. You can click the links and see all the HomeServers which are currently being developed for matrix. So, let's look at the clients. So, and the client server API was developed to be really user-friendly as possible. So, you can develop a client very easily. And you can actually use the client server API from your curl command like this and just send a message to the room using your command line. You will get an event ID, so you can refer to this message or maybe deleting it or replying to it. And this looks then in the real UI client, something like this. There are also fancy clients. Element is the reference client which implements most of the features or all the features which a matrix has. It is available as a web app, desktop app using Electron or mobile app for Android or iOS. But there are of course other mobile apps. So, we have, we see here Element, Detochat, Paddle, Fluffy Chat, Neo, different kinds of with different feature sets developed by the community. And there are also some desktop clients as well. All of this like native clients. All of the clients have different feature sets of different maturity level. So, take a look on the feature list before you choose a client or just try out. And of course, for console gigs, there are also terminal UI clients. And a matter of fact, I will briefly show you Go MOOCs in the demo which is a console client. So, let's go on. Let's look at the application server. And the application server API and have, as I said, privilege access to the server. This is needed that the application server, for example, if it's a bridge to other network, it needs to hook into the server's events and logic and it needs to masquerade the users from the other networks in matrix to get this native experience. So, you will have in matrix those virtual users which will look like they were a matrix users but they're actually on, I don't know, telegram or WhatsApp. So, also, application server can be an integration server. So, what is an integration server? I will give you a couple of examples. So, for example, you can embed some widget in the room using the integration server and on this example, you have AdderPad in the room. So, everyone who is in the room can see it and see the same content. There are also some bots. Here an example with RSS bot. It will look at the RSS feed and new entries will be posted in the room. Grafana is also a good example if you have some monitoring ops room where you have graphs and everyone who is in the room looks at the same graph and talks about the same things. So, also, Jitsi integration is possible. Here in this screenshot, Matthew, the founder of Matrix shows Jitsi integration. I see the screenshots a bit old already. And there is also possible to use custom integration, something like iFrame, something like just a page to integrate in this iFrame. So, very cool. Let's talk about bridges. Bridges are also application server and from my point of view, it's a unique feature of Matrix to unite networks together. So, you don't have to install multiple clients for every network. You just use Bridge and it's all in Matrix in your client. It's all synchronized over your multiple devices. Let's look how it works. On this example, on the right side, we have the Matrix world, the home servers and the users on them. And one home server has this bridge connected to it using client server API and the home server connects to the bridge using application server API on one side of the bridge. On the other side of the bridge, bridge connects to the other network, in this case, IRC using some TCP protocol or some XML or whatever. And bridges, the messages in two directions. So, if we will start with bridges, you will probably hear there are some different types of bridges. And very briefly, there are bridge bot bridges and there are puppeted bridges. As we can see here on the example, on the right side, we have Telegram, on the left side, we have Matrix and the first message on the Telegram is a puppeted message. That means in Telegram, you see this message as a native message. So, the guys in Telegram cannot notice if you are using actually Telegram or if you are using Matrix and Bridge. So, puppeted bridges create this virtual user or use this native users also on the Matrix side. So, you have this seamless experience from both sides. Sometimes, it isn't possible to use puppets in the network. Maybe network doesn't support, maybe you don't have enough rights and maybe the person have no account in this network. And that's, as a fallback, you can use bridge bot which actually one user, as we see in later messages on the Telegram side, one user sends the messages for each individual user from Matrix but it's one user. It depends, of course, the user name in the message but it's still one user on the Telegram side. So, sometimes it is possible to use puppeted, sometimes it isn't, and that's why we have this two bridge types. So, who is using Matrix? For the last couple of years, I would say adoption grows rapidly and we see some governments start using Matrix. Actually, the French government's already rolled out Matrix and there are currently three more governments piloting Matrix. There are some open source communities using Matrix. Mozilla is probably the most prominent one. University and virtual conferences are using Matrix as well. And there are also many official channels on matrix.org for some open source projects. So, let's say you want to start with Matrix. I will give you four simple steps you can start with Matrix. So, first step is to choose your home server. I've set up a test server where you can log in, register yourself and just use it. It will be running for a couple of weeks. No email or telephone number needed to sign up. You can use it and just explore. Of course, there are also a list of public Matrix servers you can use to connect and to use them. And there is also a possibility to register yourself on matrix.org. Actually, matrix.org grown pretty big right now and this is distributed network. So, I suggest you use matrix.org really as a last resort because we want to spread the load in the network to the other home servers. So, use the official section of the public matrix server, see which server suits your needs and use it maybe. You also can let host your server by some hosting provider, matrix.org or elements matrix services can offer you for some money to host your home server for you if you're maybe a company like Mozilla does. And there are also other hosters in the link which can help you host your server for some money. Or you can do as I do, you can host yourself. There are some guides to do that. I've used the incredible Ansible Playbook which deploys the server, the element UI, web UI client, some bridges, some bots. Very cool, if it's for you, take a look at it. There are also some Kubernetes charts available. We are currently working on improving them and maybe getting them to the state of Ansible Playbook where you can deploy many things in there, not just the home server, but also bridges and bots in there. If you are experienced with Kubernetes and Helm charts, come on and help us. And then, if you have a home server, you can choose your client. You've seen also some client list I've shown but also in the link there are lists of the clients. And then, you are good to go. Join us on this channel, talk about your experiences, ask questions, and if you want to get involved, there's a link how you can help the community to grow. So let's sum it up. The number of messaging platforms grows every day. So you are kind of forced to install every client for every platform. What metrics solve this problem by uniting these platforms, the way you want it. And metrics community is growing rapidly for the last couple of years. As a matter of fact, Gitter joined the community a couple of weeks ago and Gitter and metrics will join the networks. Currently, there's a link, you can read about it more. The community is great, it's funny, it's very cool. It's very friendly, so get involved. So now, let's go to the terminal and see the demo. So let's start by deploying the home server first. We have the Ansible Playbook which will deploy the home server and bridges and also element. The configuration is done via vars.yaml. I'm using a Docker container to run Ansible here. So now we are in the Docker container and we will run Ansible Playbook which will set up and deploy all the components. So now we will spit it up a bit. So we don't wait, it takes about 10, 15 minutes depending on your virtual machine you are deploying to. So now we will start the services and it will again take a bit of time. And now we are done. We can do now, we can log in into our newly deployed home server using also a deployed version of Element client, a web client, so we'll create a new account here, specify a password and also do some capture. We don't have to specify any email or telephone number to sign up here, only username and password. So now we are in our newly created server and we can join some rooms. We can use it either by using the command line or it like the chat input or we can use the UI by clicking the plus on the left side. Let's join some room and say hello. So let's try some other client. For example, Gomuks console client. So we enter our username and password and the home server address that we want to log into and then it fetches the information from the server and synchronize the chat rooms. We can also use a mouse for navigation here. So let's look how we can use a bridge. In this case, we will be using a telegram bridge. To be able to control the bridge, I will create a direct chat to the bridge bot which will be instructing the bridge to, yeah, do the bridging. So creating a direct chat and here we go. We can type help and use a login command to log into the telegram. So after we type the login command, we will get a message and SMS on the telephone or we pass the telephone number here and get a message or we can log in using the web UI like the web page. And as soon as we do it, the bridge will be creating portal rooms which will be the rooms bridge to the your rooms in telegram. Now let's look at the IRC bridge. Now on the right side, we have an IRC client and we will join some channel on IRC. On the left side, we have our matrix and we will create a direct chat again to the bridge bot, the IRC bridge. And now we will execute the command to the bridge bot that we want to join this channel. We'll be invited to this portal room which will be bridged to the channel on IRC. And if we type hello IRC, we'll see, we'll get it on the IRC side. Now bridging works in both directions and we can use a matrix to chat in IRC. So now let's bridge two rooms using the integration manager. It will use the bridge hosted by matrix.org. For that, we need to create a new room, make this room public. For that, we first need to create a room address and also add permissions so anyone can join. This will be the bridge bot who will be joining. So we use FreeNode as a network and we specify the operator of this channel on FreeNode. Now we get a direct message on IRC side asking if this room can be used and if we answer yes and we are operator of this room, the room will be bridged. Now the messages are bridged on both sides and we can invite someone else to the room and those messages would be bridged as well. Let's invite our test user and we see the messages of our test user are bridged as well. And more, we can also use bots on matrix side and controls those bots from the IRC side or the other way around. Let's try it out using our reminder bot which is also deployed by the Ansible Playbook. Let's set up a notification in one minute. I will speed up the recording so we don't have to wait one minute. Here is the reminder from the bot which is bridged to IRC. And that sums up the IRC part. Let's take a look at Slack bridge. So on the right side we have Slack. On the left side we have Matrix. On the Slack side we will create a new channel. And also on the left side in Matrix we will create a new channel and we will bridge those two channels. So let's create the channel on the Matrix side as well and we will be using again integrations. That's why we need to make the channel public again. Create an address, make it public and we will use integrations to bridge it to Slack. Just click the Slack, a pop-up window will authenticate to Slack. And this way the room will be bridged. So let's check again. Oh yeah, we have to invite the Slack bridge to the Slack channel as well. Now we see we can list the channels and we can bridge the channel by clicking on it. That's it, the channel is bridged. Yay! And we see reactions work as well. We can also invite the test user and the messages from the test user will be bridged to Slack as well. So this concludes the demo and let's get back to the slides. So again, you can use the test server I've set up. No email password, no email or telephone number is needed to register. Server will be running for a couple of weeks. Try it out, give me feedback. And that's all. Thanks for watching the talk and see you in Matrix. Bye-bye.